veritas_libertas wrote: »
Not stronger, but quicker!
NightShade03 wrote: »
It also might be worth pointing out that even if you say one is "slower" than the other, we are talking computers with fast processors these days so by saying "slower" you could be talking secs/milliseconds.
Met44 wrote: »
Interesting article... would have also been interesting to see results for an asymmetric algorithm used for bulk encryption, since they were writing their own implementations anyway.
knwminus: Since you mentioned you have the CCNA:S Exam Cert Guide, on pages 443-444 it talks briefly about symmetric vs asymmetric algorithms. They also mention the "up to 1000 times slower" figure.
Some other food for thought... elliptic curve cryptography helps to solve some of the problem of slow asymmetric algorithms. This is well-supported by the OpenSSL libraries, and they have some good HOWTO pages that explain the process. I am unaware if Cisco supports EC-enabled algorithms or not.
Forgetting for a second that this is the CompTIA section hehe.
Edit: Also, while the delay induced by particular cryptography may not be as big of a deal on a big beefy server, if you have devices with additional constraints such as mobile devices concerned with power draw, or equipment without the horsepower of a rack mount server (like your Cisco router), there is additional reason not to have them chugging away with asymmetric keys all day. In those situations, delay can add up quick (such as for voice)... and if your device is encrypting, it is not doing whatever else it is supposed to be doing!