This one time, Loic Le Loarer wrote:
> Le Monday 10 June 2002 ? 10:23:23 -0700, Anne Carasik a ?crit:
> > Check the man page for what ciphers SSH2 accepts. I usually leave it on
> > Blowfish because it's secure and it's the fastest cipher. AES sucks
> > because it's dog slow, and it doesn't buy you that much more security
> > than Blowfish.
>
> I'm surprised that you say AES is slow because it has been made to be
> realy fast. I'm curious to know in what conditions to you find it slow ?
It didn't turn out that way. It's faster than 3DES, but not faster than
Blowfish. It was designed to be faster than 3DES, but not anything else.
It was designed to replace the old US standard, not any of the others.
> Perhaps the OpenSSH implementation is not good...
No, it has nothing to do with the OpenSSH or SSH.com implementations.
Or any IPSec implementation for that matter. Anytime we have performance
problems, we switch to Blowfish (which isn't implemented in FreeSWAN :(
as of yet).
It makes a tremendous difference over slow lines, or anything else for
that matter.
-Anne
--
.-"".__."``". Anne Carasik, System Administrator
.-.--. _...' (/) (/) ``' gator@cacr.caltech.edu
(O/ O) \-' ` -="""=. ', Center for Advanced Computing Research
~`~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Attachment:
pgp9sT1AlzqlG.pgp
Description: PGP signature