From owner-freebsd-arch  Wed Jun  7 12: 7:56 2000
Delivered-To: freebsd-arch@freebsd.org
Received: from cypherpunks.ai (cypherpunks.ai [209.88.68.47])
	by hub.freebsd.org (Postfix) with ESMTP
	id BC3B737BA09; Wed,  7 Jun 2000 12:07:52 -0700 (PDT)
	(envelope-from jeroen@vangelderen.org)
Received: from vangelderen.org (grolsch.ai [209.88.68.214])
	by cypherpunks.ai (Postfix) with ESMTP
	id C0AD451; Wed,  7 Jun 2000 15:07:48 -0400 (AST)
Message-ID: <393E9D84.4026FC0E@vangelderen.org>
Date: Wed, 07 Jun 2000 15:07:48 -0400
From: "Jeroen C. van Gelderen" <jeroen@vangelderen.org>
X-Mailer: Mozilla 4.72 [en] (X11; I; Linux 2.2.12 i386)
X-Accept-Language: en
MIME-Version: 1.0
To: Mark Murray <mark@grimreaper.grondar.za>
Cc: Dan Moschuk <dan@FreeBSD.org>, Mark Murray <mark@grondar.za>,
	arch@FreeBSD.org
Subject: Re: (2nd iteration) New /dev/(random|null|zero) - review, please
References: <393D5D46.6BCACDE4@vangelderen.org> <200006070607.IAA24428@gratis.grondar.za>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-arch@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

Mark Murray wrote:
> 
> > > Because of the significant speed decrease in using Yarrow, I'd like to see
> > > us keep the current implementation around, and having Yarrow as an
> > > option or psuedo-device to be used instead.
> >
> > Yarrow -when finished- is not noticably slower than our current
> > implementation of /dev/[u]random. Yarrow does one block encryption
> > for every output block and a generator gate every 10 blocks. This
> > would allow for at least 40 mbit/s output on a 200 Mhz PPro when
> > using Rijndael/256/256.
> 
> I tend to agree; I am currently using SHA1 and DES3, and it is quite
> slow, mostly in the proportion of DES3::MD5 speeds, which makes sense
> as the existing implementation uses MD5.

Rijndael is quite a bit faster than single DES which will do 28 Mbit/s
on a PPro 200. Assuming a generator gate every 10 blocks Rijndael would
do 11 encryptions per 10 blocks and hence run at least at 25.5 Mbit/s.
In reality we could see around 50 Mbit/s performance, depending on the
Rijndael implementation.

Of course I'm not counting reseeds but those can be done in a lazy
fashion. You can generate hundreds of MBytes before you *need* to
reseed, depending on your security policy.

So the bottleneck is not the PRNG mechanism, it's the security policy
and your entropy sources. If you require a reseed every hundred blocks 
or so it becomes much more expensive. But that holds for our current 
/dev/[u]random implementation too.

Cheers,
Jeroen
-- 
Jeroen C. van Gelderen          o      _     _         _
jeroen@vangelderen.org  _o     /\_   _ \\o  (_)\__/o  (_)
                      _< \_   _>(_) (_)/<_    \_| \   _|/' \/
                     (_)>(_) (_)        (_)   (_)    (_)'  _\o_


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-arch" in the body of the message