[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

fast 386 DES code figures

To: [email protected]
Subject: fast 386 DES code figures
From: [email protected] (Eric Hughes)
Date: Sat, 6 Aug 94 09:25:39 -0700
In-Reply-To: Phil Karn's message of Sat, 6 Aug 1994 00:26:01 -0700 <[email protected]>
Sender: [email protected]

Phil Karn wonders where all the speed comes from in reports of fast
software DES.

I believe that the really fast DES variants use extremely large
computed-at-key-init S-box tables.  As I recall, these implementations
tend to pay for it in terms of setup time, which makes them less that
completely appropriate for multiple IP encryption, each with its own
key and where only a few dozen encryptions are done per packet.  The
cost to change keys is paid for either in use of memory for multiple
precomputed S-box sets (an attendant swapping) or in a high key-setup
to encryption ratio.

For a link cipher where the key doesn't change much, these fast
implementations are right.  For a situation where keys change
frequently, they may not be a system win.

Thanks to Perry Metzger for alerting me to this issue.

Eric

References:
- fast 386 DES code figures
  - From: Phil Karn <[email protected]>

Prev by Date: Re: fast 386 DES code figures
Next by Date: Re: fast 386 DES code figures
Prev by thread: Re: fast 386 DES code figures
Next by thread: latency
Index(es):
- Date
- Thread