AES Key Agility Issues in High-Speed IPsec Implementations

Whiting, Doug; Schneier, Bruce; Bellovin, Steven Michael

Some high-speed IPsec hardware systems need to support many thousands of security associations. The cost of switching among different encryption keys can dramatically affect throughput, particularly for the very common case of small packets. Three of the AES finalists (Rijndael, Serpent, and Twofish) provide very high key agility, as is required for such applications. The other two candidates (MARS, RC6) exhibit low key agility and may not be appropriate for use in such equipment.



More About This Work

Academic Units
Computer Science
Published Here
June 25, 2010