If someone has a DES chip which does CBC mode by itself, it is *far* more
efficient to encrypt a batch with k1, then do the batch with k2 and then
do the batch with k3. In brutal detail:
My understanding is that DES chips did... DES. No CBC, etc.
I can't speak to DES chips that do EDE. I have the data sheet for the
Am9518/AmZ8068 device which is just a plain "E" or "D" chip, and is
somewhat old technology. It will operate in ECB, CBC or CFB modes and
has, in fact, a register to set/read the IV value when using it in CBC
or CFB mode.
The device is designed with a set of goes-in-a pins and another set of
goes-out-a pins, so it looks to be a fairly simple task to stack 3 of
'em up to do EDE[2/3] without too much of a problem. If course I only
hack hardware as a hobby, so that this "advice" with a grain of salt.
Depending on the hardware design, this device is good for 0.5 to
1.0MB/s.
Is there any more "modern" DES hardware that's "commonly" available?
How much do these things cost? Anyone build any nice cheap SCSI
attached peripheral that you can shoot data at and get it back
encrypted or decrypted? Put a nice noise diode in it for a source for
cryptographic quality random numbers, and we'd really be cooking.
Louis A. Mamakos
University of Maryland, College Park