Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Remove suggestion about RC4 cipher #611

Closed
hugbug opened this issue Feb 28, 2019 · 1 comment

Comments

Projects
None yet
2 participants
@hugbug
Copy link
Member

commented Feb 28, 2019

Settings page of web-interface suggests RC4-MD5 as fastest cipher. This is not true for modern CPUs with hardware support for AES.

The settings page should be updated to reflect that. The same applies to article Choosing Cipher.

@hugbug hugbug added the improvement label Feb 28, 2019

@hugbug hugbug added this to the v21 milestone Feb 28, 2019

hugbug added a commit that referenced this issue Feb 28, 2019

hugbug added a commit to nzbget/nzbget.github.io that referenced this issue Feb 28, 2019

@hugbug hugbug closed this Feb 28, 2019

@animetosho

This comment has been minimized.

Copy link

commented May 17, 2019

Hi, I thought I'd bring this up as there was some discussion around this topic.

I note that the page now mentions AES128-SHA or AES256-SHA (though you actually tested AES128 in your benchmark here and found that to be fastest).

My general recommendation would be:

  • AES128 for most users
  • CHACHA20:RC4-MD5 if running an old CPU without AES acceleration. This may not work (CHACHA20 has low adoption and not available in OpenSSL 1.0.1, and RC4-MD5 is removed in OpenSSL 1.0.2 (?) or later), so if it doesn't, AES128+SHA (note the + instead of -) is probably the best bet
  • I don't know about GnuTLS, but OpenSSL is generally faster from experience (may no longer be true, I've done no testing with GnuTLS in the last few years). If my presumption holds true, performance conscious users may wish to use OpenSSL instead
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.