Re: TCP timestamp starting value

[Joerg Sonnenberger <joerg%bec.de@localhost>]

On Tue, Jul 26, 2016 at 10:23:44AM -0400, Thor Lancelot Simon wrote:
> On Tue, Jul 26, 2016 at 12:09:04PM +0200, Joerg Sonnenberger wrote:
> > 
> > MD5 or any other cryptographic hash.
> 
> I think this is too expensive.  Consider a system which initiates 300,000
> TCP connections per second (I have built NetBSD-based products that were
> in this ballpark, at least as a design goal).  With IPv6 addresses, that
> is 40 bytes per connection, or 12MB/sec of MD5.
> 
> That's between 5% and 10% of a modern CPU core.  Using a modern cryptographic
> hash would make it much worse.  Do we really want to burn that for this
> reason?

I'm not sure what the best hash function is here. Anything with a good
avalanche effect should work and we certainly don't need the output size
of "normal" cryptographic hash functions. Just something preimage
resistent would work here.

Joerg