Thanks. > As I understand it, the main advantage is better performance (when > implemented properly). For instance, on a server configured with a SHA256 > key I'm observing a 40% drop in performance when compared to no > authentication. With AES-CMAC the impact should be much smaller. I've not > tried it yet.
Intel has hardware support for AES on some chips - AES-NI. On Linux boxes, it will show up as an "aes" in the flags in /proc/cpuinfo grep aes /proc/cpuinfo How are you measuring performance? My measurements are that the CMAC part is 696 ns in software and 499 ns with AES-NI. That was on a 2+ GHz cloud server. (None of my handy boxes have AES-NI.) SHA512 was 594 with 16 or 20 byte key and 624/614 with 24/32 byte keys. That's just the crypto part to compute the digest. X2 for transmit and receive and round up for getting there and deciding which key to use and copy or compare and such. On a PI-2B, AES-CMAC is 10242 ns. SHA512 digest is 13500 ns. -- These are my opinions. I hate spam. _______________________________________________ TICTOC mailing list [email protected] https://www.ietf.org/mailman/listinfo/tictoc
