Open edwintorok opened 9 years ago
pqwy
commented
9 years ago It will be a useful addition, true. I'll slowly investigate the options here.
OTOH nocrypto does use AES-NI with bulk performance in simple encryption/decryption with CTR and CBC neck-to-neck with openssl's libcrypt. :smile:
The branch needs a little more polish in some modes to get merged, and is the very next thing on TODO.
hannesm
commented
9 years ago according to the IETF tls working group mailing list, this is not yet standardised (crypto and algorithms are, ciphersuite isn't). a draft (which is not precise) is at https://tools.ietf.org/html/draft-mavrogiannopoulos-chacha-tls-05 and will get more precise and might be published on standard track http://www.ietf.org/mail-archive/web/tls/current/msg16322.html
cfcs
commented
6 years ago FWIW I believe this is no longer in draft status:
ChaCha20-Poly1305 has been adopted as RFC7539, and will be useful when it is approved for TLS. Although Chrome already uses it, so it might be useful even before that.
It is a lot faster than AES-GCM when there is no hardware acceleration available, especially on ARM, but AFAIK ocaml-nocrypto doesn't use AES-NI so ChaCha20-Poly1305 will probably always be faster.