Using the recurrence relation shown in equation 2, we
can compute the estimated increase in boot time (
),
without integrity failures, between AEGIS and a standard IBM PC using
the following equation:
where 
returns the execution time of op. In estimating the
time of the verification function, 
, we use the BSAFE
benchmarks [19] for an Intel 90Mhz Pentium
computer, shown in table 1.
The cost of verification includes time required for computing a MD5 message digest, and the time required to verify the digest against a stored signature. Any signatures embedded in the public key certificate are ignored at the moment.
The BIOS is typically one megabit (128 Kilobytes), and the expansion ROMs are usually 16 kilobytes with some, such as video cards, as large as 64 kilobytes. For analysis purposes, we will assume that one 64 kilobyte card and two 16 kilobyte cards are present. The size of the boot blocks for FreeBSD 2.2 (August 1996 Snapshot) are 512 bytes for the primary boot block, 6912 bytes for the secondary boot block, and 1,352 kilobytes for the size of the GENERIC kernel. Using the performance of MD5 from table 1, the time required to verify each layer using a 1024 bit modulus are:
Summing these times gives 
which is
insignificant compared to the length of time currently needed to
bootstrap an IBM PC.
