article

Free access

Performance analysis of MD5

Author:

Joseph D. TouchAuthors Info & Claims

ACM SIGCOMM Computer Communication Review, Volume 25, Issue 4

Pages 77 - 86

https://doi.org/10.1145/217391.217414

Published: 01 October 1995 Publication History

Abstract

MD5 is an authentication algorithm proposed as the required implementation of the authentication option in IPv6. This paper presents an analysis of the speed at which MD5 can be implemented in software and hardware, and discusses whether its use interferes with high bandwidth networking. The analysis indicates that MD5 software currently runs at 85 Mbps on a 190 Mhz RISC architecture, a rate that cannot be improved more than 20-40%. Because MD5 processes the entire body of a packet, this data rate is insufficient for current high bandwidth networks, including HiPPI and FiberChannel. Further analysis indicates that a 300 Mhz custom VLSI CMOS hardware implementation of MD5 may run as fast as 256 Mbps. The hardware rate cannot support existing IPv4 data rates on high bandwidth links (800 Mbps HiPPI). The use of MD5 as the default required authentication algorithm in IPv6 should therefore be reconsidered, and an alternative should be proposed. This paper includes a brief description of the properties of such an alternative, including a sample alternate hash algorithm.

References

[1]

Atkinson, R., "IPv6 Authentication Header," (working draft - draft-ietf-ipngwg-auth-00.txt), February 1995.]]

[2]

Atkinson, R., "IPv6 Security Architecture," (working draft - draft-ietf-ipngwg-sec-00.txt), February 1995.]]

[3]

Atkinson, R., "IPv6 Encapsulating Security Payload (ESP)," (working draft - draft-ietf-ipngwg-esp-00.txt), February 1995.]]

[4]

Baker, F., and Atkinson, R., "OSPF MD5 Authentication," (working draft - draft-ietf-osp5-md5-03.txt), March 1995.]]

[5]

Baker, F., and Atkinson, R., "RIP-II Cryptographic Authentication,'' (working draft - draft-ietf-ripv2-md5-04.txt), March 1995.]]

[6]

Bradner, S., and Mankin, A., "The Recommendation for the iP Next Generation Protocol," RFC 1752, Harvard University, USC/Information Sciences Institute, January 1995.]]

Digital Library

[7]

Deering, S., "Simple Internet Protocol Plus (SIPP)," (working draft - draft-ietf-sipp-spec-01 .txt), July 1994.]]

[8]

DiMarco, J., "Spec Benchmark table, V4.12" <ftp:// ftp.cdf, toronto.edu/pub/spectable>.]]

[9]

Feldmeier, D., and McAuley, A., "Reducing Protocol Ordering Constraints to Improve Performance," in Protocols for High-Speed Networks, Ill, Eds. Pehrson, B., Gunningberg, P., and Pink, S., North-Holland, Amsterdam, 1992, pp. 3-17.]]

Digital Library

[10]

Galvin, J., and McCloghrie, H., "Security Protocols for version 2 of the Simple Network Management Protocol(SNMPv2)," RFC 1446, Trusted Information Systems, Hughes LAN Systems, April 1993.]]

Digital Library

[11]

Heffernan, A. "TCP MD5 Signature Option," (working draft ~ draft-hefferman-tcp-md5-01.txt), March 1995.]]

[12]

Hinden, R., "Intemet Protocol, Version 6 (IPv6) Specification,'' (working draft- draft-ietf-ipngwg-ipv6-spec-01.txt), March 1995.]]

[13]

Hostetler, J., and Sink, E., "A Proposed Extension to HTTP: SimpleMD5 Access Authorization," (work in progress).]]

[14]

Irissou, B., Design Techniques for High-Speed Datapaths, Master's Thesis, University of California at Berkeley, CSD, November 1992.]]

[15]

Kaliski, B., "The MD2 Message-Digest Algorithm," RFC- 1319, RSA Data Security, Inc., April 1992.]]

Digital Library

[16]

Leech, M., "Key-seeded MD5 authentication for SOCKS," (working draft- draft-ietf-aft-socks-md5~auth-00.txt), October t 994.]]

[17]

Malkin, G., "RIP for IPv6," (working draft - draft-ietf-ripv2- ripng-00.txt), November 1994.]]

[18]

McCanne, S., and Torek, C., "A Randomized Sampling Clock for CPU Utilization Estimation and Code Profiling," Proc. Winter USENIX, San Diego, January 1993.]]

[19]

Metzger, P., Karn, P., and Simpson, W., "The ESP DES-CBC Transform," (working draft - draft-ietf-ipsec-esp-des-cbc- 04.txt), April 1995.]]

Digital Library

[20]

Metzger, P., and Simpson, W., "iP Authentication using Keyed MD5," (working draft - draft-ietf-ipsec-ah-md5- 03.txt), April 1995.]]

Digital Library

[21]

National Bureau of Standards, Data Encryption Standard, Federal Information Processing Standards Publication 46, Government Printing Office, Washington, D.C., 1977.]]

[22]

National institute for Standards and Technology, Secure Hash Standard, Federal Information Processing Standards Publication 180, Government Printing Office, Washington, D.C., 1993.]]

[23]

Partridge, C., and Kastenholz, E, "Technical Criteria for Choosing IP The Next Generation (IPng)," RFC 1726, BBN Systems and Technologies, FTP Software, December 1994.]]

Digital Library

[24]

Postel, J., "Intemet Protocol - DARPA Intemet Program Protocol Specification," STD-5, RFC-791, ISI, September 1981.]]

[25]

Rescorla, E., and Schiffman, A., "The Secure HyperText Transfer Protocol," (working draft - draft-rescorla-shttp- 0.txt), December 1994.]]

[26]

Rivest, R., '~The RC5 Encryption Algorithm," RSA Data Security Technical Report, April 1995.]]

[27]

Rivest, R., "The MD4 Message-Digest Algorithm," RFC~ 1320, MIT LCS and RSA Data Security, Inc., April 1992.]]

Digital Library

[28]

Rivest, R., "The MD5 Message-Digest Algorithm," RFC~ 1321, MIT LCS and RSA Data Security, Inc., April 1992.]]

Digital Library

[29]

Rogaway, P., "Bucket Hashing and its Application to Fast Message Authentication," to appear in Advanced in Cryptology, Crypto '95.]]

Digital Library

[30]

Touch, J., "Report on MD5 Performance," (working draft - draft-touch-md5-performance-00.txt), December 1994.]]

Digital Library

[31]

Touch, J., "Implementing the lntemet Checksum in Hardware," (work in progress).]]

Cited By

Huang FSun MZhong JLiu NYuan P(2021)Energy Data Collection and Scheduling of AMI Based on Consistent Hash and Greedy Optimization2021 11th International Conference on Power and Energy Systems (ICPES)10.1109/ICPES53652.2021.9683808(456-461)Online publication date: 18-Dec-2021
https://doi.org/10.1109/ICPES53652.2021.9683808
Wang JLuo WHu YJiang H(2020)PN-HASH: An Immune-Inspired Scheme for Data Integrity Check2020 12th International Conference on Advanced Computational Intelligence (ICACI)10.1109/ICACI49185.2020.9177796(340-348)Online publication date: Aug-2020
https://doi.org/10.1109/ICACI49185.2020.9177796
Huang TChu KChen JZeng XShieh C(2016)Providing caches for reduce tasks in a MapReduce cloud2016 IEEE International Conference on Big Data Analysis (ICBDA)10.1109/ICBDA.2016.7509834(1-4)Online publication date: Mar-2016
https://doi.org/10.1109/ICBDA.2016.7509834
Show More Cited By

Index Terms

Performance analysis of MD5

Recommendations

Performance analysis of MD5
SIGCOMM '95: Proceedings of the conference on Applications, technologies, architectures, and protocols for computer communication

MD5 is an authentication algorithm proposed as the required implementation of the authentication option in IPv6. This paper presents an analysis of the speed at which MD5 can be implemented in software and hardware, and discusses whether its use ...
Hardware Implementation Analysis of the MD5 Hash Algorithm
HICSS '05: Proceedings of the Proceedings of the 38th Annual Hawaii International Conference on System Sciences - Volume 09

Hardware implementation aspects of the MD5 hash algorithm are discussed in this paper. A general architecture for MD5 is proposed and several implementations are presented. An extensive study of effects of pipelining on delay, area requirements and ...
RFC1810: Report on MD5 Performance

Comments

Information & Contributors

Information

Published In

cover image ACM SIGCOMM Computer Communication Review

ACM SIGCOMM Computer Communication Review Volume 25, Issue 4

Oct. 1995

345 pages

ISSN:0146-4833

DOI:10.1145/217391

Editor:
David Oran
Digital Equipment Corp., Littleton, MA

Issue’s Table of Contents

SIGCOMM '95: Proceedings of the conference on Applications, technologies, architectures, and protocols for computer communication
October 1995
372 pages
ISBN:0897917111
DOI:10.1145/217382
Chairman:
Stuart Wecker
Symmetrix, Inc.
,
Editor:
David Oran
Digital Equipment Corp., Littleton, MA

Copyright © 1995 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 01 October 1995

Published in SIGCOMM-CCR Volume 25, Issue 4

Check for updates

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

43
Total Citations
View Citations
2,308
Total Downloads

Downloads (Last 12 months)211
Downloads (Last 6 weeks)32

Reflects downloads up to 12 Aug 2024

Other Metrics

View Author Metrics

Citations

Cited By

Huang FSun MZhong JLiu NYuan P(2021)Energy Data Collection and Scheduling of AMI Based on Consistent Hash and Greedy Optimization2021 11th International Conference on Power and Energy Systems (ICPES)10.1109/ICPES53652.2021.9683808(456-461)Online publication date: 18-Dec-2021
https://doi.org/10.1109/ICPES53652.2021.9683808
Wang JLuo WHu YJiang H(2020)PN-HASH: An Immune-Inspired Scheme for Data Integrity Check2020 12th International Conference on Advanced Computational Intelligence (ICACI)10.1109/ICACI49185.2020.9177796(340-348)Online publication date: Aug-2020
https://doi.org/10.1109/ICACI49185.2020.9177796
Huang TChu KChen JZeng XShieh C(2016)Providing caches for reduce tasks in a MapReduce cloud2016 IEEE International Conference on Big Data Analysis (ICBDA)10.1109/ICBDA.2016.7509834(1-4)Online publication date: Mar-2016
https://doi.org/10.1109/ICBDA.2016.7509834
Huang TChu KZeng XChen JShieh C(2016)CURT MapReduce: Caching and Utilizing Results of Tasks for MapReduce on Cloud Computing2016 IEEE Second International Conference on Multimedia Big Data (BigMM)10.1109/BigMM.2016.10(149-154)Online publication date: Apr-2016
https://doi.org/10.1109/BigMM.2016.10
Wang GLiu FYan W(2016)2D Barcodes for visual cryptographyMultimedia Tools and Applications10.1007/s11042-014-2365-875:2(1223-1241)Online publication date: 1-Jan-2016
https://dl.acm.org/doi/10.1007/s11042-014-2365-8
Chakeres I(2008)Duplicate Packet Detection for Multicast: Methods, Analysis, and Relative Performance2008 IEEE Wireless Communications and Networking Conference10.1109/WCNC.2008.490(2798-2803)Online publication date: Mar-2008
https://doi.org/10.1109/WCNC.2008.490
Ramaswamy RWolf T(2007)High-speed prefix-preserving IP address anonymization for passive measurement systemsIEEE/ACM Transactions on Networking (TON)10.1109/TNET.2006.89012815:1(26-39)Online publication date: 1-Feb-2007
https://dl.acm.org/doi/10.1109/TNET.2006.890128
Bellovin S(2006)Cryptography and the internetAdvances in Cryptology — CRYPTO '9810.1007/BFb0055719(46-55)Online publication date: 28-May-2006
https://doi.org/10.1007/BFb0055719
Halevi SKrawczyk H(2006)MMH: Software message authentication in the Gbit/second ratesFast Software Encryption10.1007/BFb0052345(172-189)Online publication date: 17-May-2006
https://doi.org/10.1007/BFb0052345
Ganesan PVenugopalan RPeddabachagari PDean AMueller FSichitiu MRaghavendra CSivalingam KGovindan RRamanathan P(2003)Analyzing and modeling encryption overhead for sensor network nodesProceedings of the 2nd ACM international conference on Wireless sensor networks and applications10.1145/941350.941372(151-159)Online publication date: 19-Sep-2003
https://dl.acm.org/doi/10.1145/941350.941372
Show More Cited By

View Options

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

Media

Figures

Other

Tables

View Issue’s Table of Contents