[Cryptography] [cryptography] OT: Speeding up and strengthening HTTPS connections for Chrome on Android
ianG
iang at iang.org
Fri Apr 25 17:36:24 EDT 2014
On 25/04/2014 22:14 pm, Jeffrey Walton wrote:
> Somewhat off-topic, but Google took ChaCha20/Poly1305 live.
>
> http://googleonlinesecurity.blogspot.com/2014/04/speeding-up-and-strengthening-https.html
>
> Earlier this year, we deployed a new TLS cipher suite in Chrome that
> operates three times faster than AES-GCM on devices that don’t have
> AES hardware acceleration, including most Android phones, wearable
> devices such as Google Glass and older computers. This improves user
> experience, reducing latency and saving battery life by cutting down
> the amount of time spent encrypting and decrypting data.
>
> To make this happen, Adam Langley, Wan-Teh Chang, Ben Laurie and I
> began implementing new algorithms -- ChaCha 20 for symmetric
> encryption and Poly1305 for authentication -- in OpenSSL and NSS in
> March 2013. It was a complex effort that required implementing a new
> abstraction layer in OpenSSL in order to support the Authenticated
> Encryption with Associated Data (AEAD) encryption mode properly. AEAD
> enables encryption and authentication to happen concurrently, making
> it easier to use and optimize than older, commonly-used modes such as
> CBC. Moreover, recent attacks against RC4 and CBC also prompted us to
> make this change.
>
> ...
Progress for OpenSSL! Here's hoping they also see the light and drop
every other ciphersuite as fast as they can.
> We hope there will be even greater adoption of this
> cipher suite, and look forward to seeing other websites
> deprecate AES-SHA1 and RC4-SHA1 in favor of AES-GCM and
> ChaCha20-Poly1305 since they offer safer and faster
> alternatives.
Close! 2 is soooo much closer to 1, it's even O(1).
iang
ps; obligatary toot:
http://iang.org/ssl/h1_the_one_true_cipher_suite.html
pps; Google, take your lead from Guus:
> ... It also *does not support any cipher suite negotiation*,
> instead it always uses a fixed suite (the current
> implementation[2] uses ECDHE-Curve25519-Chacha-Poly1305).
The man!
More information about the cryptography
mailing list