Go crypto: bridging the performance gap
The text discusses how CloudFlare uses the programming language Go extensively and has developed assembly implementations of Elliptic Curves and AES-GCM for improved cryptographic performance on amd64 architecture. These improvements bring the performance up to par with OpenSSL, which is used by CloudFlare for Universal SSL. The fork includes constant-time and side-channel protected implementations, as well as small improvements to Go's RSA implementation. AES-GCM is an Authenticated Encryption with Associated Data (AEAD) that combines a cipher and a MAC algorithm into a single robust algorithm using a single key. By supporting the two state-of-the-art AEADs - AES-GCM and ChaCha20-Poly1305, together with ECDSA and ECDH algorithms, CloudFlare can provide the fastest, most flexible, and most secure TLS experience possible on all platforms.
Company
Cloudflare
Date published
May 7, 2015
Author(s)
Vlad Krasnov
Word count
1053
Language
English
Hacker News points
211