Hi all, So many smart people are in the discussion about MD5 ... I have a temptation to ask: why hash in the first place?!? (does not matter MD5 or SHA-2) Any hash MUST be slow (by design) to withstand brute force. In the network device case, it is about 5ms for SHA-2 (of course, dependent on the control plane processor). It should be checked on every hop for routing event propagation. Hence, it creates a delay for the event propagation that is typically much higher than RTT. When "Packet Design" was alive, they measured 300ms cross-US. A decade later, it should be faster, but anyway slow enough. It is a big part (maybe even the biggest) of the "sub-second" convergence of IGP protocols. Actually, it greatly undermines the value of ISIS IETF performance tunings: https://datatracker.ietf.org/doc/html/rfc9681.
Why do people not use symmetric encryption for networking protocols? Symmetric encryption has a typical latency of 10s of microseconds. Of course, it is possible to calculate how much energy would be saved on hash calculations worldwide, but people in this group would probably not welcome a green agenda. And this number would be miserable against bitcoin. Eduard _______________________________________________ NANOG mailing list https://lists.nanog.org/archives/list/[email protected]/message/Y677XAJS5DHSXHUZ2DKTXUUN6ESWVVTC/
