[erlang-questions] Using my own Diffie-Hellman + AES instead of SSL

Ingela Andin <>
Thu Jun 7 13:22:54 CEST 2012


Hi!

If you do not care about certificates you can use an anonymous chiper
suite. You have to
explicitly give such suites as arguments as they are not supported by
default for security reasons. This of course  will  save you some
memory as there are no own or peer certificate that will be saved. We
are also curious to know what you think is an acceptable  memory
footprint and why?

Regards Ingela Erlang/OTP team Ericsson AB

2012/6/7 Morgan Segalis <>:
> Hi everyone,
>
> As always (for those who remember my old posts), I'm looking to reduce the memory footprint of a secure connection to my server.
>
> I'm right now looking into doing my own Diffie-Hellman key exchange + AES 128-bit encryption over a TCP connection instead of using Erlang SSL.
> Using SSL with this kinda feels like using a bazooka for smashing a fly.
>
> The thing is, I do not really need certificates, since the connection url is embedded in a application, and it is using a proprietary protocol.
>
> Before trying to implement this solution, I would like to hear pros and cons, from Erlang experts on this mailing lists ! (others are welcome too of course ;-) )
>
> I'm actually looking to implement the same thing as here http://blog.diginux.net/2006/11/15/adding-aes-encryption-to-erlang-chat/
>
> Thanks for your help.
>
>
> _______________________________________________
> erlang-questions mailing list
> 
> http://erlang.org/mailman/listinfo/erlang-questions



More information about the erlang-questions mailing list