Adam Shostack (adam@homeport.org)
Thu, 4 Jun 1998 08:55:18 -0400 (EDT)
jcaldwel@iquest.net (quoted IBM marketing as saying):
| Algorithms run much faster on the 7711 processor than they do in
| software. For example, the 7711 performs Triple-DES encrypt/decrypt
| operations eight times faster than a 155-MHz workstation, according to
| an RSA Data Security benchmark. The 7711 combines seven algorithm
| engines on a single chip -- Lempel-Ziv-Stac (LZS) and Microsoft
| Point-to-Point Compression (MPPC); DES, Triple-DES and RC4 encryption;
| and SHA and MD5 authentication -- as well as the IPSec, SSL/TLS, PPP
| and PPTP networking protocols.
So is the card updatable to deal with the attacks that Bruce S
and Mudge found recently, or is everyone with hardware acceleration
cursed to live with these bugs?
If the card is updatable, what are the security mechanisms on
that?
This is why I tend to prefer faster machines for most
everything. A 4x speedup is not that worthwhile to me. (The
marketing blurb compares to a 155mhz machine, I assume that a 333 or
350 is twice as fast.) Now, for PK operations, a nice blue led totin'
Ncipher kind of box that gets me a speedup of 30-50 is worthwhile,
especially as it does RSA, not some particular protocol.
Adam
-- "It is seldom that liberty of any kind is lost all at once." -Hume
The following archive was created by hippie-mail 7.98617-22 on Fri Aug 21 1998 - 17:18:21 ADT