Re: ssh .vs. rsh
From: Atro Tossavainen (atossava_at_cc.helsinki.fi)
To: firstname.lastname@example.org Date: Mon, 2 Feb 2004 08:45:30 +0200 (EET)
RLS>>> If you're not worried about encrypting the X session then just turn off
RLS>>> the cypher or select none on your client. The login is still encrypted.
AT>> You're mistaken. If you select the "none" cipher, nothing is encrypted.
ASK> If you are using a private key for authentication than it is secure to
ASK> use none cipher -- your password protects your key and is never
ASK> transferred to the server.
This is a specific case that was not explicitly discussed above. In
that post, Robert L Sowders" <email@example.com> mistakenly claimed that
_all_ logins would still be encrypted even with the "none" cipher, which
is of course not the case. Even the RSA exchange is not encrypted in
the case you mention, but it doesn't mean anything as no confidential
or useful (to an attacker) information is exchanged.
> BTW: http://www.eskimo.com/~weidai/benchmarks.html
> Looks like even 3DES can encrypt ~10 MB/s on a recent computer, so
> probably encryption can not be a bottleneck.
You have to remember we're not talking about hand-optimized assembly,
and we're not talking about x86 processors. The original poster (Asif
Iqbal) was asking about SSH performance on Solaris. So much for Visual
C++ .NET 2003 and x86 assembly results being even remotely interesting
to the case when you have to deal with crappy UltraSPARC CPUs :-)
From the Crypto++ page you referred to:
"All were coded in C++, compiled with Microsoft Visual C++ .NET 2003
(whole program optimization, optimize for speed, P4 code generation),
and ran on a Pentium 4 2.1 GHz processor under Windows XP SP 1. 386
assembly routines were used for multiple-precision addition and sub-
traction. SSE2 intrinsics were used for multiple-precision multiplication."
Yes, even 3DES can encrypt plenty on a recent x86 computer with hand-
tuned assembly encryption routines.
As far as I am aware, neither OpenSSH or SSH Comm Sec Corp. SSH2 use any
assembly language optimisations whatsoever. SSH1 used to have some by
way of the GMP library, but it probably meant very little in the grand
scheme of things, and OpenSSH no longer uses GMP for anything if it ever
did, opting to use OpenSSL for all encryption work instead.
The performance of SSH on all platforms could probably benefit from hand-
coding the encryption routines in assembly language, but you have to ask
the developers whether it's worth the man-hours, and additionally, there
probably is a principal issue involved in why (Open)SSH no longer use GMP.
-- Atro Tossavainen (Mr.) / The Institute of Biotechnology at Systems Analyst, Techno-Amish & / the University of Helsinki, Finland, +358-9-19158939 UNIX Dinosaur / employs me, but my opinions are my own. < URL : http : / / www . helsinki . fi / %7E atossava / > NO FILE ATTACHMENTS