On 25/04/2014 22:14 pm, Jeffrey Walton wrote: > Somewhat off-topic, but Google took ChaCha20/Poly1305 live. > > http://googleonlinesecurity.blogspot.com/2014/04/speeding-up-and-strengthening-https.html > > Earlier this year, we deployed a new TLS cipher suite in Chrome that > operates three times faster than AES-GCM on devices that don’t have > AES hardware acceleration, including most Android phones, wearable > devices such as Google Glass and older computers. This improves user > experience, reducing latency and saving battery life by cutting down > the amount of time spent encrypting and decrypting data. > > To make this happen, Adam Langley, Wan-Teh Chang, Ben Laurie and I > began implementing new algorithms -- ChaCha 20 for symmetric > encryption and Poly1305 for authentication -- in OpenSSL and NSS in > March 2013. It was a complex effort that required implementing a new > abstraction layer in OpenSSL in order to support the Authenticated > Encryption with Associated Data (AEAD) encryption mode properly. AEAD > enables encryption and authentication to happen concurrently, making > it easier to use and optimize than older, commonly-used modes such as > CBC. Moreover, recent attacks against RC4 and CBC also prompted us to > make this change. > > ...
Progress for OpenSSL! Here's hoping they also see the light and drop every other ciphersuite as fast as they can. > We hope there will be even greater adoption of this > cipher suite, and look forward to seeing other websites > deprecate AES-SHA1 and RC4-SHA1 in favor of AES-GCM and > ChaCha20-Poly1305 since they offer safer and faster > alternatives. Close! 2 is soooo much closer to 1, it's even O(1). iang ps; obligatary toot: http://iang.org/ssl/h1_the_one_true_cipher_suite.html pps; Google, take your lead from Guus: > ... It also *does not support any cipher suite negotiation*, > instead it always uses a fixed suite (the current > implementation[2] uses ECDHE-Curve25519-Chacha-Poly1305). The man! _______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
