Jamil, I was wandering if you have performance test numbers to share yet? Do you have an internal acceptance criteria for it? Do we expect it to beat unaccelerated AES256-GCM or come close to CBC performance?
Gruss Bernd -- http://bernd.eckenfels.net ________________________________ From: security-dev <security-dev-boun...@openjdk.java.net> on behalf of Jamil Nimeh <jamil.j.ni...@oracle.com> Sent: Tuesday, June 5, 2018 8:15:44 AM To: OpenJDK Dev list Subject: [Sandbox]: ChaCha20 cipher suite prototype Hi guys, Since this is sandbox only right now and in prototype form I wanted to go ahead and put this out there so folks could see where the ChaCha20 cipher suite code was headed in the new handshaking model. This has been tested with small webpages using openssl and Mozilla NSS (through Firefox) as a client with JDK on the server side as both a standalone server implementation and hooked into Tomcat7. I've also used JDK as a client against openssl s_server. Disclaimer: Because of time constraints and the blocking dependency on the new TLS handshaking code, I want to be clear that putting this review out is not a commitment that this feature will make JDK 11. I am putting this out though so folks can take a look at it and hopefully get a little ahead of the curve if there's time left to get it in after the new handshaker goes back. http://cr.openjdk.java.net/~jnimeh/reviews/tls13-cc20-ciphersuite/webrev.01 --Jamil
