ocaml-nocrypto icon indicating copy to clipboard operation
ocaml-nocrypto copied to clipboard
verified publisher icon mirleft

chacha20-poly1305 support

Open edwintorok opened this issue 10 years ago • 4 comments

ChaCha20-Poly1305 has been adopted as RFC7539, and will be useful when it is approved for TLS. Although Chrome already uses it, so it might be useful even before that.

It is a lot faster than AES-GCM when there is no hardware acceleration available, especially on ARM, but AFAIK ocaml-nocrypto doesn't use AES-NI so ChaCha20-Poly1305 will probably always be faster.

edwintorok avatar May 18 '15 07:05 edwintorok

It will be a useful addition, true. I'll slowly investigate the options here.

OTOH nocrypto does use AES-NI with bulk performance in simple encryption/decryption with CTR and CBC neck-to-neck with openssl's libcrypt. :smile:

The branch needs a little more polish in some modes to get merged, and is the very next thing on TODO.

pqwy avatar May 18 '15 12:05 pqwy

according to the IETF tls working group mailing list, this is not yet standardised (crypto and algorithms are, ciphersuite isn't). a draft (which is not precise) is at https://tools.ietf.org/html/draft-mavrogiannopoulos-chacha-tls-05 and will get more precise and might be published on standard track http://www.ietf.org/mail-archive/web/tls/current/msg16322.html

hannesm avatar May 18 '15 14:05 hannesm

Now, this is not to say ChaCha/Poly will not happen, but, uhm, this.

pqwy avatar Jul 02 '15 13:07 pqwy

FWIW I believe this is no longer in draft status:

  • crypto primitives (ChaCha20 + Poly1305): https://tools.ietf.org/html/rfc7539
  • TLS ciphersuite (that @hannesm was referencing above): https://tools.ietf.org/html/rfc7905

cfcs avatar Sep 29 '17 11:09 cfcs