[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Should we settle on one SSL implementation?



On Sat, 27 Oct 2007, Steve Grubb wrote:

> During F9, there will be another parallel and somewhat related project to hunt
> down places where md-5 and sha-1 are being used and look at improving the
> situation so that sha-256, and in some cases other hash algorithms, could be
> used.

Also, as Michael Richardson <mcr xelerance com> reminded me:

	SHA256 is slower, and there are no hardware accelerators for it.
	(while, I think, VIA supports SHA1 acceleration?)
	If you want to switch, a switch to accelerated AES-XCBC would be a
	better choice, I think.  Or, AES-GCM mode, which hashes and encrypts in
	one step.

Paul


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]