This article is more than 1 year old
CloudFlare crypto gets faster on old mobes
Choc Factory ChaCha crypto pairing gets popular
Popular denial of service deflection platform CloudFlare is deploying new speedy cipher suites previously championed by Google, maths boffin Nick Sullivan says.
The ChaCha-Poly1305 cipher is three times faster than the resource heavy AES-128-GCM cipher and was not subject to attacks against RC4, Sullivan (@grittygrease) says, meaning things will speed on CloudFlare for mobes.
“Spending less time on decryption means faster page rendering and better battery life,” Sullivan says.
“Although the cipher part of TLS may not be the biggest source of battery consumption (the handshake is more expensive ), spending fewer CPU cycles on encryption saves battery life, especially on large files.
“... it provides algorithm agility in case someone finds a serious flaw in AES-GCM, which is possible due to its fragility.
Google in November 2013 picked Poly1305 and Daniel Bernstein's ChaCha20 symmetric cipher to replace RC4 in OpenSSL for Chrome browsers on Android phones.
That move speeds things up and saves battery by reducing the resources needed for encryption and decryption on smaller devices that lack AES hardware acceleration, Choc Factory crypto boffin Elie Bursztein says.
“The simple and efficient design of these algorithms (ChaCha20 and Poly1305) combined with the extensive vetting they received from the scientific community make us confident that these algorithms will bring the security and speed needed to secure mobile communication,” he says.
Owners of old mobes and computers will notice the most difference due to the reduction on time spent on encryption.
AES-128-GCM is still king on machines with hardware AES support, however.
CloudFlare is using an open source assembly code version of ChaCha20-Poly1305 built by its engineer Vlad Krasnov that is optimised to support its million plus HTTPS sites within its servers.
The cipher combo will see more use. Mozilla earmarked it for its FireFox browser and Apple might even dip its toe in for kit that does not get its new 64-bit ARM processors with hardware AES support. ®