> > Encryption will be offloaded to the network interface. ASICs on the NICs
> > will greatly improve encryption and authentication performance.
> all well and good, provided that this encryption and authentication
> are actually compatible with that specified by higher level protocols
> and the authentication actually meets the needs of users.
> (if your network interface needs to use and verify users' credentials,
> as opposed to the host's credentials, it might be a stretch.)
FWIW, it has been tried, and it didn't succeed in the market, although whether
that was a matter of timing, insufficient market push, or no market existing
isn't clear.
Specifically, Digital used to make a little gadget called a Cryptonette that
you inserted into your Ethernet cable that did this. (The chip inside was
something called a TANDU, and had DES and two Ethernet ports built in. The
whole thing was the size of a pack of cards.)
And I believe there were at least two other similar gadgets at some point,
although I cannot recall their names...
The demo I saw had the boxes doing IPSEC-style operations (this was before
IPSEC was standardized), with the credential verification being done on the
host side.
OTOH, at least one of the problems with these sorts of things is that it's hard
to change the cryptography embedded in them. So, while I think hardware
cryptographic acceleration of this sort could be quite useful, I'm skeptical
that it will ever be something that is universally deployed.
> > It won't run over the Internet because of latencies inherent on the
> > public network.
> at least for some storage applications, latency is not as important
> as bandwidth. e.g. you can do backups over a high-latency medium
> as long as your bandwidth is adequate (though recovery from write
> errors gets a bit tricky).
Yep. Backups done over the public Internet (usually with an appalling lack of
security, alas) are actually quite common.
Ned