RE: Security Use Requirements

["Bernard Aboba" <aboba@internaut.com>]

>  In any event. the need is for security is at least 3DES.

First you said that you didn't need anything. Now you seem
to imply that you need confidentiality, integrity, and
authentication and that even 3DES may not be enough. 

There are gradations between these two extremes. As Ran
said, even DES will get you something. And there are
circumstances where you might be willing to live with
integrity and authentication alone. 

>Also the cost of a Gigabit chip for 3DES, I just found out, 
>is $300 for Samples.
  
Well, the cost of a Gigabit NIC is pretty high today in
quantity one, but I don't expect that to be the case in 
18-24 months. You need to factor in time and volume into 
your calculation. 

>Now, I am beginning to think that it is reasonable for one 
>of the following approaches to be OK. That is, one of those 
>approaches should meet the requirement for "Must Implement".
>1. Only implementing an interface to the external IPSec/TLS box
>2, SW implementation of IPSec/TLS
>3. HW IPSec/TLS

Problem with approach 1 is that the total cost will be *much*
higher than it would be if you build capability on the NIC. 

Problem with SW implementation of TLS is that you won't be 
able to go much above 200 Mbps if that, even with a 1 Ghz
processor. IPSEC 3DES in SW is much worse. Trust me, a task
oriented crypto co-processor is the way to go in this
application. 

In my opinion, HW IPSEC is the best choice. I expect costs
for 1 Gbps chips to approximate current costs for 100 Mbps
in the next 18-24 months. 

HW TLS is a lot harder because you typically have to terminate
TCP sessions on the card. That means lots of memory, which is
what we've been trying to avoid with RDMA. So cost will be
a good deal higher and the approach won't readily be extensible
to 10 Gbps. Don't go there.