[Cryptography] Gates are cheap. Should cipher design change?
Tom Mitchell
mitch at niftyegg.com
Mon Mar 28 20:45:52 EDT 2016
On Mon, Mar 28, 2016 at 8:00 AM, Phillip Hallam-Baker <phill at hallambaker.com
> wrote:
> Looking at the S-box discussion, I was reminded that DES was optimized
> for hardware implementation. If you are doing crypto in hardware, an
> S-Box is probably the most gate efficient way to do it.
>
> There is a catch though.
>
Yes... I might note that application context matters.
Streams of data need hardware.
Single messages are not seriously encumbered or delayed when sent or
received
with modern processors.
Advisary decryption is another interesting context.
Durable secure storage is yet another.
https://blogs.synopsys.com/breakingthethreelaws/2015/02/how-many-asic-gates-does-it-take-to-fill-an-fpga/
Given modern hardware choices anything used often enough will
find its way into a hardware accelerator and be optimized.
--
T o m M i t c h e l l
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20160328/1f884fa8/attachment.html>
More information about the cryptography
mailing list