Guus Sliepen writes: > Then these ephemeral keys will be used to encrypt the real data > packets, but again using crypto_box(). That means asymmetric crypto is > used for every packet, which makes it VERY slow.
1. Measure. Don't speculate. 2. The public-key operations are actually quite fast. For example, a Phenom II X6 1100T, $190 last year, performs more than 80000 Curve25519 operations per second. This ain't your grandpa's public-key crypto. 3. Even on small processors the public-key operations are quite fast. For example, the Allwinner A10 is reportedly $7 in bulk, and (based on benchmarks of other Cortex A8 cores) should handle 2600 Curve25519 operations per second. 4. Perhaps most importantly, the public-key computation (Curve25519) is reusable (see crypto_box_afternm()) whenever the sender-receiver set is the same. This means that specifying crypto_box() for every packet does _not_ imply public-key cryptography for every packet. ---D. J. Bernstein Research Professor, Computer Science, University of Illinois at Chicago _______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
