SSL encryption algorithms and Poly1305 ChaCha20 was invented by Prof. Dan Bernstein of the University of Illinois at Chicago.
The design algorithm is simple and efficient combined with contributions from the scientific community are brought algorithm safety and speed needed to ensure communication on mobile devices.
Details http://googleonlinesecurity.blogspot.com.au/2014/04/speeding-up-and-Strengthening-https.html
and https://www.imperialviolet.org/2013/10/07/chacha20.html
The benefits of this new cipher suite include:
temporary Services
Better security: ChaCha20 is immune to attacks padding-oracle, such as Lucky13, affecting CBC mode is used in TLS. By design, ChaCha20 is also immune to timing attacks attacks. …………………….
Better performance: ChaCha20 and Poly1305 rapidly on the mobile device, its design is compatible with all common CPUs today, including ARM CPU platform. Poly1305 PIN and also saves network bandwidth, because its output is only 16 byte HMAC-SHA1 than 20 bytes. 16% reduction in network bandwidth compared to the encrypted TLS old as RC4 or AES-SHA-SHA.
Comparison Table
[IMG]
If you’re using Chrome, it ChaCha20-Poly1305 you will find the following information:
[IMG]
ChaCha20 encryption algorithm – Poly1305 only in OpenSSL dev version on github and openssl has not been released.
If anyone wants to use it can compile with nginx or apache-1.0.2 branch aead
code:
$ Git clone https://github.com/openssl/openssl.git
$ Cd openssl
$ Git checkout 1.0.2-aead
Follow the instructions in the INSTALL file.
PS: But, but I follow and failure on centos 6.5
Also if you want to use and Poly1305 ChaCha20 you can use BoringSSL https://boringssl.googlesource.com/boringssl/
Google BoringSSL be developed based on OpenSSL to optimize more
maybe I’ll try to compile BoringSSL see how
Leave a Reply