We (as well as other vendors) have certainly done testing on this. We have some products with hardware accelerators and some without, testing has been performed across a wide range. AES is always an adder when done in software, and in many hardware installations it is still a timing adder (and always a power consumption adder). Less testing was done with Cha Cha as that was not as prominent in TLS 1.2.
The fact is that for ours and many other vendors devices the encryption is a non-trivial adder for a number of I/O applications. Thanks and Best Regards, --Jack -----Original Message----- From: Stephen Farrell [mailto:stephen.farr...@cs.tcd.ie] Sent: Tuesday, August 21, 2018 12:38 PM To: Ted Lemon <mel...@fugue.com>; Jack Visoky <jmvis...@ra.rockwell.com> Cc: ncamwing=40cisco....@dmarc.ietf.org; tls@ietf.org Subject: Re: [TLS] EXTERNAL: Re: integrity only ciphersuites On 21/08/18 17:15, Ted Lemon wrote: > I asked you if you have any specific devices for which this is an issue. > Do you? How did you determine that it was an issue? Do you have A/B > testing results on power consumption and/or performance of a null > cipher suite versus encryption? If doing such comparisons, then it's very well worth noting the significant differences between e.g. h/w accelerated AES, vs s/w AES vs chacha. It'd be hard to evaluate claims about difficulty of implementation/deployment without that. S. _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
