search for: chacha

...14 at 9:30 PM, Guus Sliepen <guus at tinc-vpn.org> wrote: > Although the cryptography is now separated from the rest of the logic in > tinc, it is not really replaceable, since only OpenSSL is supported. > However, there is also a new protocol in tinc 1.1, which uses Ed25519 > and ChaCha-Poly1305. The code for those algorithms is included in tinc, > so the new protocol has no dependencies on external libraries. Any reason not to use libsodium for this? Pedro

I''m happy to announce that ChaCha.com a new search engine that debuted this week and it runs on a mongrel cluster. Warning, promo follows. :) ChaCha.com is unlike any other search engine since it allows you to connect to a "guide" with experience in the field(s) of knowledge you are searching in. (Based on your keywords)...

Last time I checked there was a number of new libraries implementing Ed25519 and ChaCha-Poly1305, but everything seemed quite immature - I think it would be wise to wait until things settle down (maybe when it gets into OpenSSL). That said, there are significant advantages to using external libraries for this: some of them use heavily optimized (assembly, tuned for SSE etc.) code for...

On some cpu's optimized chacha implementation in openssl (1.1.0+) is notably faster (and on others it is just faster) than generic C implementation in openssh. Sadly, openssl's chacha20-poly1305 (EVP_chacha20_poly1305) uses different scheme (with padding/etc - see rfc8439) and it looks it is not possible to use in openssh....

> That said, there are significant advantages to using external > libraries for this: some of them use heavily optimized (assembly, > tuned for SSE etc.) code for ChaCha-Poly1305, which is a big win for > tinc because it dramatically lowers CPU usage and increases maximum > achievable throughput. See > http://bench.cr.yp.to/impl-stream/chacha20.html This is quite a nice point, when you run tinc in OpenWRT on a small (and very limited) router :)

Hi, I just uploaded a Rails plugin that allows you to specify custom SQL when doing a find with associations (AKA eager loading). One of the problems I encountered when implementing the Chacha Underground (http://underground.chacha.com) was being able to use queries provided by the DBA to efficiently get all the informaion I needed to render a page. In some cases, I needed to go two or three associations deep in a model and the SQL generated by ActiveRecord was either inadequate or lead...

...to set preferences for apps' usage, e.g. Postfix etc; Typically, here cat /etc/pki/tls/openssl.cnf openssl_conf = default_conf [default_conf] ssl_conf = ssl_sect [ssl_sect] system_default = system_default_sect [system_default_sect] MinProtocol = TLSv1.2 Ciphersuites = TLS_CHACHA20_POLY1305_SHA256:TLS_AES_256_GCM_SHA384:TLS_AES_128_GCM_SHA256 CipherString = ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES128...

So as probably any Tinc user, I noticed there are two versions: 1.0 and 1.1. On the website is explained that 1.1 is the stepping stone for 2.0 and that it has a lot of neat features *planned*. However, in the repositories, one usually finds version 1.0, and since I'm someone who prefers having everything run through repositories instead of manually updated, I want to know if it's worth

On Fri, 2019-07-12 at 15:54 +1000, Damien Miller wrote: > On Thu, 17 Jan 2019, Yuriy M. Kaminskiy wrote: > > > On some cpu's optimized chacha implementation in openssl (1.1.0+) > > is > > notably faster (and on others it is just faster) than generic C > > implementation in openssh. > > > > Sadly, openssl's chacha20-poly1305 (EVP_chacha20_poly1305) uses > > different scheme (with padding/etc - see...

...chain. If an ISA is available then we compile a source file to the ISA as needed. Then, we guard the higher ISAs at runtime to avoid SIGILLs. It worked well until we added AVX2. For AVX2 we see this as expected: $ CXX=/opt/local/bin/clang++-mp-5.0 make /opt/local/bin/clang++-mp-5.0 ... -c chacha.cpp /opt/local/bin/clang++-mp-5.0 ... -mavx2 -c chacha_avx.cpp /opt/local/bin/clang++-mp-5.0 ... -msse2 -c chacha_simd.cpp ... At runtime we catch a SIGILL due to chacha_avx.cpp as shown below. It looks like global constructors are using instructions from AVX (vxorps), which is beyond...

I was wondering if there was something specific to the internal chacha20 cipher as opposed to OpenSSL implementation. I can't just change the block size because it breaks compatibility. I can do something like as a hack (though it would probably be better to do it with the compat function): if (strstr(enc->name, "chacha")) *max_blocks =...

...ol > name: > > https://mariadb.com/kb/en/library/ssltls-system-variables/#ssl_cipher > > In in other software it's common to have two distinct settings, one > for protocol and one a cipher "pattern". > > Maybe you could try something like this: > > kECDHE+CHACHA20:kECDHE+AESGCM > > ChaCha / Poly and AES GCM are TLS 1.2 + only ciphers. > > This will not include AES CBC which exist with variations in both 1.0 > to 1.2, but if you're security conscious, you probably don't want to > use CBC anyway. > > Or you could match just 1....

I''m not sure this is the appropriate community to get objective unbiased feedback on this issue, but I suppose it''s worth a gander... Here''s my question: Is it possible to write a massively scalable application intented for millions of users (i.e. Yahoo, Google, MySpace, etc.) using Ruby on Rails? I''m sure apps like these can be built, but can they scale to

On Wed, 29 Mar 2023, Chris Rapier wrote: > I was wondering if there was something specific to the internal chacha20 > cipher as opposed to OpenSSL implementation. > > I can't just change the block size because it breaks compatibility. I can do > something like as a hack (though it would probably be better to do it with the > compat function): > > if (strstr(enc->name, "chach...

With pleasure we announce the release of tinc version 1.1pre11. Here is a summary of the changes: * Added a "network" command to list or switch networks. * Switched to Ed25519 keys and the ChaCha-Poly1305 cipher for the new protocol. * AutoConnect is now a boolean option, when enabled tinc always tries to keep at least three meta-connections open. * The new protocol now uses UDP much more often. * Tinc "del" and "get" commands now return a non-zero exit code...

With pleasure we announce the release of tinc version 1.1pre11. Here is a summary of the changes: * Added a "network" command to list or switch networks. * Switched to Ed25519 keys and the ChaCha-Poly1305 cipher for the new protocol. * AutoConnect is now a boolean option, when enabled tinc always tries to keep at least three meta-connections open. * The new protocol now uses UDP much more often. * Tinc "del" and "get" commands now return a non-zero exit code...

...v <openssh-unix-dev-bounces+herbie.robinson=stratus.com at mindrot.org> On Behalf Of Damien Miller Sent: Wednesday, March 29, 2023 2:38 PM To: Chris Rapier <rapier at psc.edu> Cc: Christian Weisgerber <naddy at mips.inka.de>; openssh-unix-dev at mindrot.org Subject: [EXTERNAL] Re: ChaCha20 Rekey Frequency [EXTERNAL SENDER: This email originated from outside of Stratus Technologies. Do not click links or open attachments unless you recognize the sender and know the content is safe.] On Wed, 29 Mar 2023, Chris Rapier wrote: > I was wondering if there was something specific to t...

On 8 June 2018 at 11:21, PGNet Dev <pgnet.dev at gmail.com> wrote: > fyi > > add'l -- and looks unrelated -- issue > /usr/include/pthread.h:251:12: note: previous declaration of ?pthread_join? was here > extern int pthread_join (pthread_t __th, void **__thread_return); What included pthread.h? That's explicitly not supported by sshd: $ grep THREAD

...ed for tinc 1.1 on http://tinc-vpn.org/goals/: * Replaceable cryptography backend Although the cryptography is now separated from the rest of the logic in tinc, it is not really replaceable, since only OpenSSL is supported. However, there is also a new protocol in tinc 1.1, which uses Ed25519 and ChaCha-Poly1305. The code for those algorithms is included in tinc, so the new protocol has no dependencies on external libraries. * Control socket This is already implemented. * Automatic connection management This is mostly implemented (see the AutoConnect option). * Automate setting up nodes This...