AES-CCM [Was: Re: Question performnace of SSH v1 vs SSH v2]
This is a discussion on AES-CCM [Was: Re: Question performnace of SSH v1 vs SSH v2] within the OpenSSH Development forums, part of the Networking and Network Related category; >> I have looked at implementing AES CCM, which could be much faster, >> particularly on platforms with ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
02-28-2005
|
|||
|
|||
AES-CCM [Was: Re: Question performnace of SSH v1 vs SSH v2]
>> I have looked at implementing AES CCM, which could be much faster,
>> particularly on platforms with AES implemented in CPU instructions, but >> it doesn't fit nicely in the cipher and MAC negotiation mechanism. > > That would actually be amazingly cool. Keep in mind that CCM mode calls encryption function twice per each block, meaning that it's ~2 as slow as encryption alone. Therefore performance gain can be observed only if hash function is slower than AES, which is not necessarily case. At least it's not the case with currently widely used hash functions. As of now hardware AES is virtually the only occasion, when it's beneficial to favor CCM over combination with e.g. SHA1 [provided that SHA1 is implemented in software], but as new slower hash functions are adopted, CCM becomes more attractive even for software-only systems. It makes sense to implement the mode algorithm at OpenSSL level [it would be possible to optimize it at lower level in both hardware and software cases], so when/if you figure out negotiation, give me a note. A. _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@mindrot.org http://www.mindrot.org/mailman/listi...enssh-unix-dev 
|
 |
«
Previous Thread
|
Next Thread
»
| Thread Tools | |
| Display Modes | |
Linear Mode
|
|
All times are GMT +1. The time now is 10:36 AM.
