How about mobile?
What about the initial key exchange that SSL/TLS does? I thought that was the
biggest CPU killer?
S.
- Original Message -
From: Julien Vehent jul...@linuxwall.info
To: Julien Pierre julien.pie...@oracle.com
Cc: mozilla's crypto code discussion list dev-tech-crypto@lists.mozilla.org
Sent: Thursday, September 12, 2013 10:35:06 PM
Subject: Re: Proposal to Change the Default TLS Ciphersuites Offered by Browsers
On 2013-09-12 22:01, Julien Pierre wrote:
Julien,
On 9/12/2013 07:06, Julien Vehent wrote:
If performance was the only reason to prefer AES-128, I would disagree
with the proposal. But your other arguments regarding AES-256 not provided
additional security, are convincing.
The performance is still an issue for servers. More servers are needed if
more CPU-intensive crypto algorithms are used.
aes-256-cbc with AES-NI does 543763.11kB/s. That's 4.35Gbps of AES bandwidth
on a single core.
On a decent 8 core load balancer, dedicate 4 to TLS, and you get 17.40Gbps
of AES bandwidth.
I don't this AES is close to being the limiting factor here. Processing HTTP
is probably 20 times more expensive than that.
Just reinforcing the point that performance is not, in my opinion, an issue.
The quality of AES-256 is much more relevant here.
---
Julien Vehent
http://jve.linuxwall.info
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
