2017.07.23 18:31:26 (889161042118443008) from Daniel J. Bernstein, replying to "Colm MacCárthaigh (@colmmacc)" (889157646615314432):
How about benchmarking the simple secure thing first, and then seeing whether there's a real argument for doing something more complicated?
2017.07.23 18:04:39 (889154301485957120) from "Colm MacCárthaigh (@colmmacc)":
Networks today at 25gbit/sec, 100gbit/sec on the industry horizon. Few use Linux networking for encrypting that. Microbursts & incast a pain
2017.07.23 18:09:26 (889155502239875076) from Daniel J. Bernstein, replying to "Colm MacCárthaigh (@colmmacc)" (889154301485957120):
Sure: I've used 40-gigabit Infiniband, and of course it tries hard to avoid poking the CPU. But what exactly do you think the RNG issue is?
2017.07.23 18:15:36 (889157056376168449) from "Colm MacCárthaigh (@colmmacc)":
I like your RNG and its properties better, but caches cause jitter and use memory is all :/ does matter in some apps.
2017.07.23 18:17:57 (889157646615314432) from "Colm MacCárthaigh (@colmmacc)", replying to "Colm MacCárthaigh (@colmmacc)" (889157056376168449):
I'm going to implement it, but I think I'd cache internally only to the drbg_generate() equivalent, rekey each generate call. Make sense?