Cipher 384 vs 256

Are there any performance difference between the two cipher as seen Centmod use AES 256 for Nginx and Caddy used AES 384?

You’re referring to elliptic curves p256 and p384 I presume? (Those are different from AES.)

It depends on hardware.

Go has hardware-optimized assembly implementations of curve p256 on amd64 architectures; I’m not sure what other optimizations it has.

p384 is not commonly used so I would be surprised if that was hardware-accelerated.

Most servers will probably not be bottlenecked by this choice; just stick with p256 unless you have a really good reason to use p384 instead.

Thanks, I seen the Cipher difference in this table but still it would be fair to have a proper benchmark to for reader sake. :grin:

Ah, you meant SHA256 vs SHA384.

The differences are going to be extremely minuscule. It won’t matter. Cipher performance here is not at all the bottleneck.

Actually difference to AES128-GCM for Nginx and AES256-GCM for Caddy 2 has different server preferred ssl ciphers and usually won’t make much of a difference. But it depends on how the crypto library used is optimised. I’m still new to Caddy 2 and GO so just tried doing AES128-GCM instead of AES256-GCM for preferred ssl cipher via

    tls internal {

But Caddy v2 still seems to use TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 for h2load HTTP/2 HTTPS tests and won’t choose TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 ? is that because SSL protocol max TLSv1.3 is set ?

You can’t customize cipher suites for TLS 1.3. It’s all in our documentation:

Note that cipher suites are not customizable with TLS 1.3.

so only way is to set ssl protocol min and max to TLSv1.2 right ?

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.