Thanks Steffan for your explanation but.... > Sent: Friday, December 16, 2016 at 6:05 AM > From: "Steffan Karger" <stef...@karger.me> > To: "openvpn-users@lists.sourceforge.net" > <openvpn-users@lists.sourceforge.net> > Subject: Re: [Openvpn-users] Experts' opinions needed: Is my VPN provider > using weak or strong encryption algorithms? > > > AES-GCM has a shorter authentication tag (128 bits) than HMAC-SHA256 > (256 bits). Also, AES-GCM doesn't need a unpredictable IV but rather > just a unique-per-key nonce, which mean we can transfer 8 less bytes > per packet for the IV. This saves us a total of 24 bytes per packet > overhead compared to cipher AES-256-CBC + auth SHA256. > > Furthermore, AES-GCM can maximallu leverage the AES-NI hardware > acceleration available in modern Intel CPUs, which will result is > *much* faster crypto.
in terms of cryptographic strength, AES-256-GCM is comparable to HMAC-SHA256? Regards. Sebastian ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, SlashDot.org! http://sdm.link/slashdot _______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
