At Wed, 26 Mar 2008 07:32:41 -0700, Eric Rescorla wrote: > > At Wed, 26 Mar 2008 15:01:21 +0100, > Iljitsch van Beijnum wrote: > > > > On 26 mrt 2008, at 14:36, Eric Rescorla wrote: > > > > > - Modern cryptographic implementations are extremely fast. For > > > comparison the MacBook Air I'm typing this on will do order 10^6 > > > HMAC-MD5s/second on 64-byte packets. So, to consume all my > > > resources would require order 10^8 bits per second, which is a > > > pretty serious packet-based DoS ittack on many contexts. > > > > This is a bogus argument. Implementations are always inferior to > > optimistic performance claims > > What do you mean "optimistic performance claims"? I ran > "openssl speed". That's actually a pretty good reflection > of what the performance of SSL implementation will be. That said, there is a dependency on cipher suite. So, RC4-MD5 is not too much slower than HMAC-MD5 alone. By contrast, AES-SHA1 is maybe 4x slower. OTOH, I only was counting the size of the TLS records themselves, so when you add the TCP and UDP headers, the bit rate is probably twice as high. -Ekr _______________________________________________ IETF mailing list IETF@xxxxxxxx https://www.ietf.org/mailman/listinfo/ietf