[666] in Kerberos
Faster encryption method?
daemon@TELECOM.MIT.EDU (morgan@JESSICA.STANFORD.EDU)
Fri Mar 10 15:00:20 1989
To: kerberos@ATHENA.MIT.EDU
From: morgan@JESSICA.STANFORD.EDU
I saw this talk-abstract:
> FAST SOFTWARE ENCRYPTION
> By Ralph Merkle
> Xerox Corp.
>
> Encryption hardware is not available on most computer systems in use
> today. Despite this fact, there is no well accepted encryption
> function designed for software implementation -- instead, hardware
> designs (such as DES) are emulated in software and the resulting
> performance loss is tolerated. The obvious solution is to design an
> encryption function for implementation in software. Such an
> encryption function is presented here -- a C implementation on a SUN
> 4/260 can encrypt at 4 to 8 megabits per second (The best available C
> version of DES is 520 kilobits per second on this machine). The
> combination of modern processor speeds and a faster algorithm make
> software encryption feasible in applications which previously would
> have required hardware. This will effectively reduce the cost and
> increase the availability of cryptographic protection.
I haven't heard the talk, but it seems to me this sort of thing has
implications for Kerberos. Could Kerberos be made to support multiple
encryption functions concurrently? Maybe on a per-user or per-session
basis?
- RL "Bob" Morgan
Networking Systems
Stanford
