The encryption and decryption may or may not take the same time. Different manufacturers may have different latency for the same function. Therefore it would be hard to say for sure that the encrypt + decrypt delay in each direction would be the same .
my $0.02 Leon From: [email protected] [mailto:[email protected]] On Behalf Of Kevin Gross Sent: Wednesday, October 19, 2011 10:15 PM To: Stephen Kent Cc: Cui Yang; [email protected]; [email protected]; Nico Williams; David L. Mills Subject: Re: [TICTOC] [IPsec] Review request for IPsec security for packet based synchronization (Yang Cui) We don't need decrypt and encrypt to take the same amount of time. We need encrypt+decrypt from master to slave to take the same time as encrypt+decrypt from slave to master. On Wed, Oct 19, 2011 at 9:53 AM, Stephen Kent <[email protected]> wrote: At 10:53 AM -0400 10/19/11, Danny Mayer wrote: On 10/18/2011 12:42 PM, Kevin Gross wrote: It does seem reasonable to consider modeling encryption and decryption in as part of network latency. As long as delays introduced are the same each direction, the sync protocols will naturally subtract out this contribution. I very much doubt that encryption and decryption take the same length of time but I'm sure people with experience with this will be able to tell us definitively. Almost certainly you will have asymmetric delays in the network path anyway even if the path is identical in both directions. Danny For most symmetric algs, and many modes of use, the times are the same. The timing tend to differ for asymmetric algs. Steve -- Kevin Gross +1-303-447-0517 Media Network Consultant AVA Networks - www.AVAnw.com <http://www.avanw.com/> , www.X192.org
_______________________________________________ IPsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/ipsec
