Advanced
Mailing List Archive

Mailing List Archive

  1. Home >
  2. OpenSSH>
  3. Bugs
[Bug 3194] New: Please consider lowering chacha20-poly1305@openssh.com cipher priority on AES-NI capable CPU
bugzilla-daemon at mindrot
Jul 18, 2020, 10:33 AM
Post #1 of 1 (140 views)
Permalink
https://bugzilla.mindrot.org/show_bug.cgi?id=3194

Bug ID: 3194
Summary: Please consider lowering chacha20-poly1305@openssh.com
cipher priority on AES-NI capable CPU
Product: Portable OpenSSH
Version: 8.3p1
Hardware: amd64
OS: Linux
Status: NEW
Severity: enhancement
Priority: P5
Component: Miscellaneous
Assignee: unassigned-bugs@mindrot.org
Reporter: fabio.pedretti@unibs.it

Even in 8.3p1 (using libcrypto) chacha20-poly1305@openssh.com is a lot
slower than aes ciphers on AES-NI capable hardware.

aes128-gcm@openssh.com is 23% faster on Xeon Westmere (the first Intel
CPU with AES-NI) and 47% faster on Kaby Lake.

On Kaby Lake:

aes128-gcm@openssh.com : 540MB/s
aes256-gcm@openssh.com : 535MB/s

aes128-ctr : 445MB/s
aes192-ctr : 446MB/s
aes256-ctr : 436MB/s

chacha20-poly1305@openssh.com : 364MB/s

Please consider making aes128-gcm@openssh.com the default.

--
You are receiving this mail because:
You are watching the assignee of the bug.
_______________________________________________
openssh-bugs mailing list
openssh-bugs@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-bugs

©2024 GT.net. A Gossamer Threads company.
5th Floor, 455 Granville St., Vancouver, BC V6C 1T1, Canada | Legal