[stunnel-users] none cipher
Michal.Trojnara at mirt.net
Mon Jun 9 15:44:12 CEST 2014
-----BEGIN PGP SIGNED MESSAGE-----
Mark Sullivan wrote:
> How can I use the none cipher with SSL?
"ciphers = NULL" should do it, although personally I haven't tried it.
Make sure to configure it on *both* server and client. Otherwise the
peer will refuse to accept the NULL cipher.
> which ciphers allow for the best throughput?
Raw throughput of the symmetric cipher is rarely the bottleneck for
SSL (except for network links faster than 1gbps or very slow CPUs).
More often it's either network stack/hardware or asymmetric encryption.
To identify the fastest ciphers on your particular platform use:
I think CAMELLIA128 provides a nice balance between security and
RC4 is much faster, but not nearly as secure.
Unfortunately OpenSSL does not support any modern stream ciphers...
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
-----END PGP SIGNATURE-----
More information about the stunnel-users