Created
October 11, 2023 10:43
-
-
Save tolgahanakgun/4a0a99979e684adcc0179329a6957caa to your computer and use it in GitHub Desktop.
TLS 1.3 and SSH ciphersuites performance on Raspberry Pi4
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| tolgahan@rpi:~ $ uname -a | |
| Linux rpi 6.1.21-v8+ #1642 SMP PREEMPT Mon Apr 3 17:24:16 BST 2023 aarch64 GNU/Linux | |
| tolgahan@rpi:~ $ openssl version | |
| OpenSSL 1.1.1w 11 Sep 2023 | |
| tolgahan@rpi:~ $ openssl speed -aead -evp aes-128-gcm | |
| tolgahan@rpi:~ $ openssl speed -aead -evp aes-256-gcm | |
| tolgahan@rpi:~ $ openssl speed -aead -evp chacha20-poly1305 | |
| type 2 bytes 31 bytes 136 bytes 1024 bytes 8192 bytes 16384 bytes | |
| aes-128-gcm 1679.44k 18536.78k 29135.42k 36059.82k 36956.84k 37120.68k | |
| aes-256-gcm 1365.87k 15148.50k 22993.66k 28058.28k 28740.27k 28813.99k | |
| chacha20-poly1305 1996.19k 30099.06k 75620.26k 256402.77k 310569.64k 313833.05k | |
| tolgahan@rpi:~ $ | |
| # So, This order ciphersuite order is more performant in Apache: | |
| # SSLHonorCipherOrder On | |
| # SSLProtocol -all +TLSv1.3 +TLSv1.2 | |
| # SSLCipherSuite SSL ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256 | |
| # SSLCipherSuite TLSv1.3 TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256 | |
| # Cipher suite selection for sshd on Rock64 | |
| # Add these lines at the end of /etc/ssh/sshd_config file | |
| # Ciphers [email protected],[email protected] |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment