[cryptography] 100 Gbps line rate encryption

William Allen Simpson william.allen.simpson at gmail.com
Thu Jul 18 07:59:31 EDT 2013


On 7/18/13 4:36 AM, Tor Erling Bjørstad wrote:
> What makes HC-* interesting to me is that it's pretty much as fast as one
> gets it, for a strong pure software cipher encrypting long streams of data.
> If one has a limited number of data streams that are pushing a huge number
> of bits over the wire, HC-* seems pretty appealing. If the use-case instead
> involves a zillion independent short packets that all need to be encrypted
> with a unique key/IV combo, then HC's performance will indeed suck.
>
It's the perennial problem that cryptographers design for theoretical
scenarios.  That's why it's better not to let them design net protocols.

The average packet used to be 41 bytes.  I think I read its now ~43 bytes,
but even the average HTTP GET is ~600 bytes.

Did they define operating for an actual traditional longer-term key
with a per packet IV?  If not, I'll just use my usual one.



More information about the cryptography mailing list