Displaying 2 results from an estimated 2 matches for "rfc8439".
Did you mean:
rfc8429
2019 Jan 17
3
[patch 1/2] use chacha20 from openssl (1.1.0+) when possible
On some cpu's optimized chacha implementation in openssl (1.1.0+) is
notably faster (and on others it is just faster) than generic C
implementation in openssh.
Sadly, openssl's chacha20-poly1305 (EVP_chacha20_poly1305) uses
different scheme (with padding/etc - see rfc8439) and it looks it is not
possible to use in openssh.
OpenSSL 1.1.1+ also exports "raw" poly1305 primitive, but I
have not tried it yet (it was not in 1.1.0).
Trivial benchmark:
time ssh -c chacha20-poly1305 at openssh.com -S none -o Compression=no \
localhost 'dd if=/dev/zero bs=1000...
2020 Jan 16
3
[patch 1/2] use chacha20 from openssl (1.1.0+) when possible
...implementation in openssl (1.1.0+)
> > is
> > notably faster (and on others it is just faster) than generic C
> > implementation in openssh.
> >
> > Sadly, openssl's chacha20-poly1305 (EVP_chacha20_poly1305) uses
> > different scheme (with padding/etc - see rfc8439) and it looks it
> > is not
> > possible to use in openssh.
> >
> > OpenSSL 1.1.1+ also exports "raw" poly1305 primitive, but I
> > have not tried it yet (it was not in 1.1.0).
> >
> > Trivial benchmark:
> > time ssh -c chacha20-poly1305 a...