Hi Steve (Bellovin) --
Good to see you again at AES3.
I want to respond to your comments about key agility that you made at
AES3, and also in your note posted here at "[EMAIL PROTECTED]".
While key agility may be very important for some applications
(e.g. ATM networks), and while more key
Steve --
To make the argument clearer (since I received an inquiry
about it):
(total work) = (setup cost per packet)*(total number of packets)
+ (encryption cost per byte)(total number of bytes)
for any data stream. Thus:
(work/byte) = (setup cost per
I'll try to reply in more detail tomorrow; for now, let me say that the network
traffic situation is vastly more complex than you describe.
First, the papers you and Hari cite are for wide-area traffic. IPsec VPNs
will probably have characteristics much more like LAN or site-local traffic.