On Tue, 27 Nov 2018 16:32:43 -0800 (PST) Localhost shell <universal.localh...@gmail.com> wrote:
>> Is there a TLS package in go that supports NULL CIPHER in TLS >> communication in go? None I know of. But it can be done via forking crypto/tls ofc. See https://github.com/FiloSottile/crypto-tls-bogo-shim > > I couldn't find any null cipher from the listed cipher suite IDs > > https://golang.org/pkg/crypto/tls/#pkg-constants > > for ex: SSL_RSA_WITH_NULL_MD5 > > > > I am working on a project that involves a go client to communicate with a > > Kafka cluster. We plan to use Null Cipher based data exchange to just get > > authentication(without encryption) to prevent the significant performance > > impact we have observed in our testing when we use encryption. This performance impact likely comes from the asymmetric crypto operations and mac-ing data. Null symmetric cipher will NOT spare you costs of pubkey authentication and computing hmacs. The cpu costs of not encrypting data can be HIGHER as on any contemporary hardware the MAC/encrypt step is done together using GCM mode. This takes significantly less cycles/Byte than for doing an older hmac alone. See https://en.wikipedia.org/wiki/Galois/Counter_Mode > > --Unilocal Hope this helps, -- Wojciech S. Czarnecki << ^oo^ >> OHIR-RIPE -- You received this message because you are subscribed to the Google Groups "golang-nuts" group. To unsubscribe from this group and stop receiving emails from it, send an email to golang-nuts+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
