Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Ciphers: AES-256-GCM VS CHACHA20-POLY1305

    OpenVPN
    3
    4
    125
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • JonathanLeeJ
      JonathanLee
      last edited by

      Hello fellow Netgate community members can you please help?

      What cipher is the better choice for security? What cipher is better for speed and flexibility?

      AES-256-GCM vs CHACHA20-POLY1305

      I want to say AES-256-GCM is more secure, and is not as vulnerable to attacks.

      And CHACHA20 has massive speed advantages.

      What are your thoughts?

      Make sure to upvote

      K GertjanG 2 Replies Last reply Reply Quote 0
      • K
        kprovost @JonathanLee
        last edited by

        @JonathanLee AES-256-GCM is the faster cipher.

        As for security, you'd have to ask a cryptographer, but in practical terms there is no difference in security. You're at vastly higher risk for basically any other type of security problem than you are at risk of having your cryptography broken.

        1 Reply Last reply Reply Quote 1
        • GertjanG
          Gertjan @JonathanLee
          last edited by

          @JonathanLee

          Chacha might be a bit simpler to crypt/decrypt, thus faster then AES-GCM, if straight forward procedural language is used.
          But if there is hardware support for :
          e4ab7016-c736-4b50-a275-f8dba5de4091-image.png

          then don't even bother : AES-GCM will win hands down.

          No "help me" PM's please. Use the forum, the community will thank you.
          Edit : and where are the logs ??

          JonathanLeeJ 1 Reply Last reply Reply Quote 1
          • JonathanLeeJ
            JonathanLee @Gertjan
            last edited by

            @Gertjan does SafeXcel accelerate any of these ?

            Make sure to upvote

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.