For those interested: https://www.ncbi.nlm.nih.gov/pmc/articles/PMC6806263/ A quick summary, focussing on stuff relevant for TLS 1.3 or TLS 1.2 limited to TLS 1.3 ciphersuites: on tested Samsung and Xioami phones, ChaCha20-Poly1305 is both faster and consumes less battery than AES in GCM mode - and it's not a small difference, either. This will not necessarily generalise to PCs with modern Intel CPUs in them, which can have dedicated hardware instructions for AES. But on phones, tablets, RaspberryPi's etc. it is very likely the case that prefering ChaCha20-Poly1305 over AES will make Gemini faster and greener. TLS allows both the server and client to express a preference for ciphersuites, and IIRC it's up to the server to decide whether its preferences or the client's have the final say. It seems to me that servers running on VPSes, or otherwise in scenarios where they have reliable and abundant power, ought to defer to the client's preferences (at least by default), that mobile clients ought to explicitly prefer ChaCha20-Poly1305 over AES, and that non-mobile clients ought to allow users to configure this preference for themselves. People using RPis, older PCs without hardware AES support, etc. can then configure a ChaCha20-Poly1305 preference and things will be faster for them. Maybe not noticably faster to the naked eye, but faster. Cheers, Solderpunk
---
Next in thread (2 of 4): 🗣️ defdefred (defdefred (a) protonmail.com)