2016-04-15 6:55 GMT+02:00 Willy Tarreau <w...@1wt.eu>: >> Switching ECDHE curves can have performance impact, for example result >> of openssl speed on my laptop: >> 256 bit ecdh (nistp256) 0.0003s 2935.3 >> 384 bit ecdh (nistp384) 0.0027s 364.9 >> 521 bit ecdh (nistp521) 0.0016s 623.2 >> The difference is so high for nistp256 because OpenSSL has heavily >> optimized implementation >> (https://www.imperialviolet.org/2010/12/04/ecc.html). > > Wow, and despite this you want to let the client force the server to > switch to 384 ? Looks like a hue DoS to me.
Just to be sure, I'm not the original author, I've just made some comments ;) Some people tend to use the strongest possible crypto, just for the sake of it. Usually on low traffic sites :) Anyway, Chrome 50 just pushes support for x25519. I believe this will also have a very fast implementation, so ability to configure more curves will probably be handy in near future. -- Janusz Dziemidowicz