Message217068
> For any device that has hardware support for AES (AES-NI) AES-GCM is
> hands down a better choice of cipher. It is secure, has no issues in
> the spec itself, and it is *fast*, like 900MB/s for AES-128-GCM on a
> Sandy Bridge Xeon w/ AES-NI (ChaCha20Poly1305 got 500MB/s on the same
> hardware, however it is a 256bit cipher will AES-128-GCM is a 128 bit
> cipher). Using ChaCha20 on those devices would be a worse choice than
> AES-GCM.
I think performance isn't really relevant, except perhaps on very busy
servers. A smartphone acting as a *client* certainly shouldn't need to
download 20 MB/s of encrypted data. |
|
Date |
User |
Action |
Args |
2014-04-23 13:34:11 | pitrou | set | recipients:
+ pitrou, lemburg, jcea, ncoghlan, vstinner, christian.heimes, benjamin.peterson, ezio.melotti, Arfrever, alex, r.david.murray, python-dev, dstufft, markk |
2014-04-23 13:34:10 | pitrou | link | issue20995 messages |
2014-04-23 13:34:10 | pitrou | create | |
|