>> Because the overhead cost is huge compared to the benefit and you are >> adding a major increase in latency and probably jitter as a result. >> Small and nimble is much better.
> Is this a knee-jerk response or has this actually been investigated with a > 50+ year lifecycle of the protocol in mind? CPUs have gained > AES-cryptography in hardware as of the past few years, the major reasons > (that it's quite an addition to the workload) for not doing it is going away. Yes, the symmetric key stuff is now done in hardware but the public key part for authentication is still done in software. And due to interactions between the software and hardware, requesting authentications can slow down other existing timing flows. An interesting thing about public key algorithms is that their run time is highly dependent on the data. So in principle I can mount an attack by requesting authentications using successively "harder" keys followed by successively "easier" ones, thus adding hard-to-remove wander to the other timing flows. Y(J)S _______________________________________________ TICTOC mailing list [email protected] https://www.ietf.org/mailman/listinfo/tictoc
