On 15/04/2016 10:58 πμ, Janusz Dziemidowicz wrote: > 2016-04-15 6:55 GMT+02:00 Willy Tarreau <[email protected]>: >>> Switching ECDHE curves can have performance impact, for example result >>> of openssl speed on my laptop: >>> 256 bit ecdh (nistp256) 0.0003s 2935.3 >>> 384 bit ecdh (nistp384) 0.0027s 364.9 >>> 521 bit ecdh (nistp521) 0.0016s 623.2 >>> The difference is so high for nistp256 because OpenSSL has heavily >>> optimized implementation >>> (https://www.imperialviolet.org/2010/12/04/ecc.html). >> >> Wow, and despite this you want to let the client force the server to >> switch to 384 ? Looks like a hue DoS to me. > > Just to be sure, I'm not the original author, I've just made some comments ;) > Some people tend to use the strongest possible crypto, just for the > sake of it. Usually on low traffic sites :) > Anyway, Chrome 50 just pushes support for x25519.
But on server side you need openssl 1.1.0[1] which is not ready yet and I think it requires changes on haproxy. Nginx has already some level of support[2] for openssl 1.1.0. Cheers, Pavlos [1] https://github.com/openssl/openssl/issues/309 [2] https://trac.nginx.org/nginx/ticket/860
signature.asc
Description: OpenPGP digital signature
