> > How big a deal will it be? I realize that most of the crypto key generation > for > inserted data will be handled by the client. There is all the DH exchange > overhead (not much CPU involved there). Actually, the DH exchange is likely to be the worst blow. It takes about 300ms on my p2-300. So expect a 1-2 second pause there.
> There is the constant encryption on > the sender node side and decryption on the receiver node side with a > subsequent > reencryption that I think would be more CPU intensive. > I don't really have a good feel for this though. All I can go on is my usage > of ssh. > The initial connection is fairly slow to my 486, but after that the rest of > the > session > is only slightly slower than telnet. I suppose most of the effect on the > freenet of > running 0.3 on a slow CPU box would be vastly increased initial connection > latency. Yeah. > One thing that might help the encryption/decryption/encryption speed would be > to use > a shared session key for the whole insert node chain (it could even be the > Unique > Message ID already present in the system). That way the first node encrypts > the > message > and all subsequent nodes just decrypt and forward and the last node just > decrypts. > It cuts out a reencryption for every hop but I don't know how it affects > traffic > analysis. No, because you still have to securely trade that key with your neighbors, and that would take just as long as generating a separate key. On the encryption/decryption side your right, but its really not that big of a deal. Once the streaming begins you're talking maybe an initial 200-300ms delay. After that its likely to be just as fast. > All the key verification that I guess is planned for 0.4 (or is all that > included in > 0.3) > would be another load on top of that though. Actually, there's a decent chance that the authentication won't affect performance at all, or may even vastly improve it. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 232 bytes Desc: not available URL: <https://emu.freenetproject.org/pipermail/devl/attachments/20000816/c79437e5/attachment.pgp>
