On Mon, Mar 21, 2005 at 06:34:07PM -0800, Major Variola (ret) wrote:
Tangentially, I should note that there are "modes of encryption" which can be scaled infinitely with parallel hardware; they use interleaved blocks so each chip sees every Nth block of the real stream. So high clock rates are not required to crypt.
Counter mode works this way, and is a fairly common mode in any case.
It seems that hashing can be parallelized that way too, run a hash-chip on every Nth bit, and hash those partial results. Both ends have to agree on the N-way division (as with the infinitely scalable crypto) but that's all.
Depending on the interconnect it would probably be faster to do it in blocks of 8-64k, doing it a bit at a time would eat your standard PCI bus alive. There are message authentication modes which can scale 'infinitely' (assuming a sufficiently long message), and don't depend on the number of functional units, so for example I could generate a MAC using my regular single core CPU and you could verify it on a machine with N functional units with a cooresponding speedup of N (modulo some fixed per-message overhead) without us having to agree on anything in advance. For example there is the MAC used in Rogoway's OCB. Unfortunately most (all?) of these algorithms have been patented. -Jack