Ø (sorry for duplicating the thread, I did'nt receive any answer in my mailbox
as I expected, I only saw them through the mail archive...?)
It’s common (and many would say, the correct behavior) for mailing list replies
to go to the mailing list.
Ø I've started with a 1K key and later on switched on 4K but I didn't do any
profiling with 1K key (unlike 4K one).
It doesn’t sound like you did profile, but rather a stop-watch at start and
stop. That’s more coarse-grained than I think you need to do. For example,
you need to measure time to do the key exchange, time to do the encryption,
time to put the traffic over the network. For example, try with aNULL and
eNULL and see what numbers you get. Then turn each on, separately, and see
what you get.
Ø I'm sending hundreds of megabytes of data and it takes more than a minute to
get it done, so I doubt that the initial handshake will have any influence on
it, what do you think ?
I have no idea, that’s why you have to do measurements. ☺
> About your last question, I believe my system could live with a 2K RSA for
> now, I'm not sure this will still be the case in five years or so...
As a general design principle, the crypto algorithm is not the weak spot. For
example, how hard is it to break into the client device?
/r$
--
Principal Security Engineer
Akamai Technology
Cambridge, MA
