Current state of Tinc 1.1?

Etienne Dechamps etienne at edechamps.fr
Sun Dec 28 19:50:20 CET 2014


Last time I checked there was a number of new libraries implementing
Ed25519 and ChaCha-Poly1305, but everything seemed quite immature - I
think it would be wise to wait until things settle down (maybe when it
gets into OpenSSL).

That said, there are significant advantages to using external
libraries for this: some of them use heavily optimized (assembly,
tuned for SSE etc.) code for ChaCha-Poly1305, which is a big win for
tinc because it dramatically lowers CPU usage and increases maximum
achievable throughput. See
http://bench.cr.yp.to/impl-stream/chacha20.html

On Sun, Dec 28, 2014 at 6:00 PM, Pedro Côrte-Real <pedro at pedrocr.net> wrote:
> On Mon, Dec 22, 2014 at 9:30 PM, Guus Sliepen <guus at tinc-vpn.org> wrote:
>> Although the cryptography is now separated from the rest of the logic in
>> tinc, it is not really replaceable, since only OpenSSL is supported.
>> However, there is also a new protocol in tinc 1.1, which uses Ed25519
>> and ChaCha-Poly1305. The code for those algorithms is included in tinc,
>> so the new protocol has no dependencies on external libraries.
>
> Any reason not to use libsodium for this?
>
> Pedro
> _______________________________________________
> tinc mailing list
> tinc at tinc-vpn.org
> http://www.tinc-vpn.org/cgi-bin/mailman/listinfo/tinc


More information about the tinc mailing list