From owner-freebsd-current Mon Jun 19 23:36:07 1995 Return-Path: current-owner Received: (from majordom@localhost) by freefall.cdrom.com (8.6.10/8.6.6) id XAA29214 for current-outgoing; Mon, 19 Jun 1995 23:36:07 -0700 Received: from cs.weber.edu (cs.weber.edu [137.190.16.16]) by freefall.cdrom.com (8.6.10/8.6.6) with SMTP id XAA29208 for ; Mon, 19 Jun 1995 23:36:06 -0700 Received: by cs.weber.edu (4.1/SMI-4.1.1) id AA24718; Tue, 20 Jun 95 00:28:22 MDT From: terry@cs.weber.edu (Terry Lambert) Message-Id: <9506200628.AA24718@cs.weber.edu> Subject: Re: Crypto code - an architectural proposal. To: mark@grondar.za (Mark Murray) Date: Tue, 20 Jun 95 0:28:22 MDT Cc: wollman@halloran-eldar.lcs.mit.edu, current@freebsd.org In-Reply-To: <199506200613.IAA01182@grumble.grondar.za> from "Mark Murray" at Jun 20, 95 08:13:34 am X-Mailer: ELM [version 2.4dev PL52] Sender: current-owner@freebsd.org Precedence: bulk > > The net effect of this is that CDROM distributions will become *more* > > difficult to crypto-enable than they currently are. > > Right. I'll stick with what we currently have (more-or-less). Is there any > reason that libcipher cannot be merged with libdes? I can't think of any off the top of my head (doesn't mean there aren't any, however). > > I agree that the hack-attack prevention is a poor reason for slowing down > > crypt(). > > Thanks! Are there any other (potential) reasons why crypt(3) should be slow? Yes. The ANSI standard defining DES states that particular steps will be followed during the process. Implementations, such as "fastcrypt", can't claim conformance to the published standard because they mathematically simplify the process in order to get a speed up (losing conformance in the process). It is also possible to build a crypt that is useless for other than password forward encryption by going through other mathematical simplifications to the algorithm (like assuming a constant table, etc.) and precomputing the values for some of the resulting calculations so that they will not have to be redone each time the thing is run. Boils down to (1) mathematical transformation (standards violation) or (2) robbing the algorithm of generality (another standards violation). Man, and I'd promised my poor old decrepit mom that I wouldn't go discussiong crypto any more... ;^). Terry Lambert terry@cs.weber.edu --- Any opinions in this posting are my own and not those of my present or previous employers.