[E-Lang] Re: [EROS-Arch] Liquid software requirements.

Bill Frantz frantz@communities.com
Thu, 04 Jan 2001 11:30:41 -0800


At 11:18 PM 12/31/00 -0800, Mark S. Miller wrote:
>I think Jonathan wrote:
>>> In the OS context, this has a further avantage. If the 
>>> encryption can be
>>> pushed down to the link layer in the communications system, it can
>>> frequently be offloaded to hardware, at which point we cease 
>>> to care very
>>> much about its computatoinal cost.

I also think Jonathan mentioned encryption on 100 megabit Ethernet.

Wei Dai <weidai@eskimo.com> has published timings for many different crypto
algorithms at: http://www.eskimo.com/~weidai/benchmarks.html

If we use his symmetric algorithm results, and assume, with wide-eyed
optimism, that we will get 12 megabytes/second out of our medium-fast
Ethernet, we get the following percent CPU for crypto results:

%CPU   Algorithm
100%   DES-EDE3 (Is only capable of 4.7 megabytes/second)
 93%   DES
 66%   Blowfish
 40%   Rijndael (The AES algorithm)
 19%   ARC4 (Interoperable with the trademarked RC4 algorithm)

 25%   SHA1 (A secure hash)
 12%   HMAC-MD5 (A message authentication algorithm)*
 12%   MD5 (A secure hash)

* HMAC-SHA1 should be about 25%, however there are no benchmark results for
it.

Given the extra money people will spend for a 500MHz processor vs. 400MHz,
a 20% difference, there may well be a market for special purpose symmetric
crypto hardware on 100 megabit Ethernet.  Cost-wise you may be better off
spending the bucks for a faster single processor.  Multi-processor systems
are also an interesting alternative.