Tom,
Your observation about DES chip speed is accurate, i.e., slow
I/O is usually a big problem. A chip designed to do EDE codebook,
when used with off-chip feedback for CBC, might be quite competitive
with a single chip doing on-chip CBC and three passes. However,
pipelining of three chips, each doing on-chip CBC, might be fairly
fast. I've had experience with chips doing internal CBC, but not
EDE, so I don't have data in front of me to do the comparison.
Your suggestion about the advantages of CBC with an
unencrypted IV vs. ECB is not correct. ECB, when applied to many
forms of data, results in very obvious, block-aligned pattern
visibility. CBC counters that vulnerability, irrespective of one's
ability to recover a key. So there is a great deal of difference
between these two modes with regard to basic confidentiality, and that
is why ECB is never recommended for use with user data (vs. keys or
IVs).
Steve