- Jan 25, 2005
- 848
- 0
- 0
I'm linking three small health centers via VPN. What encryption scheme should I use? The slowest site of them all will be using 512K DSL (only thing available besides crappy Shat-a-lite), so I've been thinking about using regular old DES although the Firewall/Router supports 3DES.
The reason I'm thinking about using DES over 3DES is that I'm afraid of performance penalties. The reason I want 3DES is the added security of course (I mean, if it comes for "free", why not use the best?). Or maybe I'm thinking backwards. Is the latency delta between 3DES and DES noticable over a moderate WAN link (such as 512K DSL)? Or is it much ado about nothing (sorry about all the Shakespeare references)? I heard that the performance penalty is especially noticable when the WAN link has a high throughput, such as T-series. That makes sense since the more traffic that comes in, the more encryption/decryption is needed.
My short question is, can I use 3DES encryption over DSL without seeing any noticable performance hit?
The reason I'm thinking about using DES over 3DES is that I'm afraid of performance penalties. The reason I want 3DES is the added security of course (I mean, if it comes for "free", why not use the best?). Or maybe I'm thinking backwards. Is the latency delta between 3DES and DES noticable over a moderate WAN link (such as 512K DSL)? Or is it much ado about nothing (sorry about all the Shakespeare references)? I heard that the performance penalty is especially noticable when the WAN link has a high throughput, such as T-series. That makes sense since the more traffic that comes in, the more encryption/decryption is needed.
My short question is, can I use 3DES encryption over DSL without seeing any noticable performance hit?