- From: Ilari Liusvaara <ilariliusvaara@welho.com>
- Date: Sat, 5 Jun 2021 11:05:15 +0300
- To: Toerless Eckert <tte@cs.fau.de>
- Cc: ietf-http-wg@w3.org
On Thu, Jun 03, 2021 at 01:43:24PM +0200, Toerless Eckert wrote:
> Which RFC that is updating RFC8446 is providing null crypto ?
From IANA registry (despite not having "NULL" in name, these are NULL
ciphersuites):
0xC0,0xB4 TLS_SHA256_SHA256 Y N [draft-camwinget-tls-ts13-macciphersuites]
0xC0,0xB5 TLS_SHA384_SHA384 Y N [draft-camwinget-tls-ts13-macciphersuites]
The "Y N" there means: OK for DTLS, Not recommended.
However, these might not deliver the best throughput. If platform has
SIMD but no hardware SHA-2 acceleration, Chacha20-Poly1305 likely
delivers better throughput. If platform has hardware AES-GCM
acceleration, AES-GCM is likely higher throughput regardless of if
there is hardware SHA-2 acceleration or not (E.g., AMD Zen2 has both,
and AES-GCM is a lot faster).
And then record protection throughput might not be the biggest problem.
Having to do handshake and deal with possible peer authentication might
cause much more problems at application level, and NULL ciphers do
nothing for these issues.
-Ilari
Received on Saturday, 5 June 2021 08:05:54 UTC