>>>>> "Joe" == Joe Touch <touch@xxxxxxx> writes: Joe> Hi, Steve, Joe> Steven M. Bellovin wrote: >> On Wed, 14 Nov 2007 15:39:50 -0500 >> Stephen Kent <kent@xxxxxxx> wrote: >> >>> Joe, >>> >>> I disagree with your suggestion "The software performance of >>> security protocols has been the more substantial issue, and is >>> likely to continue to be for the forseeable future." >>> >>> I suspect that most desktop users do not need hardware crypto >>> for performance. Irarely if ever drive my GiGE interface at >>> its line rate. With fast processors, especially multi-core >>> processors, we have enough cycles to do symmetric crypto at >>> data rates consistent with most application demands for >>> individual users. Public key operations for key management >>> are usually low duty cycle, so they too can be accommodated. >>> >> Thanks -- I was going to say something similar. I regularly >> back up my laptop's disk over a software-encrypted GigE >> link. The dump file occupies about 35G of disk space; it takes >> about 70 minutes. Exclusive of protocol overhead, that comes >> to ~71M bps; given IP, TCP, and ssh, I'd guess it's more like >> 75-80M bps. I also know that I can run ttcp between that pair >> of machines at about 500M bps. Am I really suffering from a >> 7:1 performance hit from the crypto? Nope. Joe> By essentially shutting your machine down for over an hour. I'm only going to send this one message, but then I'll drop out of the thread. We've drifted far from Leslie's original query. Steve did not say his machine was CPU bound. Also, even if it was CPU bound, he's probably running an operating system with reasonable multiprogramming characteristics. So, if he wanted to use the machine, his backup would take longer, but he'd get to do whatever he wanted. Yes, Steve almost certanily did slow down any heavy CPU use during the time when he was doing the backup. Our point--Steve, Steve and I--is that for a lot of uses and a lot of users, no one cares. _______________________________________________ Ietf@xxxxxxxx https://www1.ietf.org/mailman/listinfo/ietf