[E-Lang] Re: [EROS-Arch] Liquid software requirements.

Ben Laurie ben@algroup.co.uk
Tue, 02 Jan 2001 10:11:12 +0000


"Mark S. Miller" wrote:
> 
> At 01:12 PM Monday 1/1/01, Ben Laurie wrote:
> >>By the time one builds any real system, the time spent on
> >> single key operations can barely be found on the profile.  (Assuming a
> >> decent implementation of a well chosen single key system.)
> >
> >Hmm. Perhaps I'm misunderstanding, but HTTPS servers spend a significant
> >fraction of their time on key operations.
> 
> Public key or single key?  If single key, and if it's a good choice of
> algorithm, then you haven't misunderstood, and I retract my earlier
> statement in the face of this empirical data.  Ballpark, what fraction is
> spent on single key operations?  Which single key algorithm?

OK, I have to confess I've misunderstood you - by "single key" I'm
guessing you mean symmetric key. If so, then the only symmetric
algorithm (in wide use) that goes anywhere near fast enough for, say,
100BaseT, is RC4, when run on normal PC-type hardware, and even then it
uses all the CPU. So hardware can be appropriate for some applications
of symmetric ciphers. Say, IPSEC on LANs for example. And don't forget
that IPSEC requires a good deal of re-keying, so key setup time can
dominate.

Cheers,

Ben.

--
http://www.apache-ssl.org/ben.html

"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff