[cryptography] 100 Gbps line rate encryption
peter at allicient.co.uk
Wed Jul 17 12:38:56 EDT 2013
On 17 July 2013 08:50, William Allen Simpson <
william.allen.simpson at gmail.com> wrote:
> In summary, don't use RC4. Don't use it carelessly with IVs. And don't
>> use RC4.
>> RC4 is available in many libraries and platforms. For the
> immediate future, it is most easily and likely implemented.
> We need something yesterday, not next year.
So is Salsa20, for that matter you have optimised versions available in
> So, that's one of the options being explored. All I'm
> trying to cover is doing it as securely as possible.
Then RC4 is not the way to go, especially when you're starting off with
anything standardisation shaped.
> (As I've some experience with this, you can rest assured
> that I've a fair understanding of IVs and other mechanics.)
> Consider using Salsa20 instead.
>> It would be helpful for folks to read the entire thread
> before making off the wall comments.
> Yes, folks have mentioned Salsa20. It doesn't seem as
> amenable to PPP packets as I would like. But as I was
> looking at it, is seemed he'd moved on to ChaCha. I'm
> behind the times on this....
You're rekeying RC4 every packet and having to construct an do-it-yourself
IV scheme, that doesn't seem particularly amenable to begin with.
> So, let's talk about what to choose for something fast and
> "modern" to implement in the next decade.... We cannot
> recommend a dozen EU possibilities. We need something
> that's already had some significant analysis. Salsa20 or
> ChaCha? Discuss.
Salsa20, you can choose one of the faster variants.
If you're not wanting encryption for appearances sake - and your phrase
"securely as possible" above indicates that - you may also want to consider
a MAC... again these days you have easy(ish) options.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the cryptography