[erlang-questions] SSL performance
Wed Feb 11 16:57:32 CET 2015
----- On 11 Feb, 2015, at 16:48, Jesper Louis Andersen jesper.louis.andersen@REDACTED wrote:
> On Wed, Feb 11, 2015 at 4:29 PM, Andreas Schultz <aschultz@REDACTED> wrote:
>> So, don't blame the speed on the cryptographic library, but on the
>> interface to it.
> This should perhaps have been in a highlighted position. Yes, indeed, the
> interface is the problem. Since `ssl`, the Erlang application is using this
> interface however, it becomes a bound on the speed, which was kind of the
> primary point.
> The secondary point about enacl is that we can do better, much better. The
> salsa20 suite of ciphers (salsa20, xsalsa20 and chacha20) are all
> considerably faster than AES, even with optimizations, for the same or
> better security margin. Combined with a bad interface, the speed difference
> becomes noticable to the point where it begins to matter. Enacl could be
> optimized further and currently includes a tradeoff where it copies the 200
> megabytes for a nicer interface. Exposing a worse interface could avoid
> that copy altogether for really speed-sensitive programs.
BTW: Erlang 18 when compiled on libressl or a recent/patched OpenSSL will have
the ChaCha20/Policy1305 AEAD cipher for TLS . The crypto interface is still not
optimal, but it would be interesting to compare that to enacl.
> Of couse I'm biased :P
More information about the erlang-questions