Rustls, raibhurari yeTLS inopfuura OpenSSL

Joseph Birr Pixton, mugadziri weTLS Rustls raibhurari akaita akateedzana bvunzo pakuvandudzwa kwayo y ndakaona iko kwekupedzisira kuita kuri kuita OpenSSL pamatanho akasiyana. Rustls raibhurari sosi yakavhurika, TLS, yakanyorwa muRust uye inowanikwa pasi peApache 2.0, MIT, uye ISC marezinesi, asi OpenSSL raibhurari inozivikanwa uye neyakajairika indasitiri mune angangoita ese makuru chikamu.

Zvinoenderana nezvakanyorwa, Rustls raibhurari yazvino yeTLS inovavarira kupa yakanaka nhanho yekuchengetedzwa kwekrisptographic. Izvo hazvidi chero gadziriso kuti uwane iyi chengetedzo uye haipe chero kusagadzikana mashandiro kana yechinyakare cryptography.

Iine zvinhu zvakawanda, senge ECDSA kana RSA server mutengi kuvimbiswa uye ECDSA kana RSA sevha server sisitimu, uku uchitsigira server chitupa sosi.

Izvi zvinoreva kuti haufanire kupa chero chinhu kunze kwecheti yemidzi zvitupa. Chitupa sosi haigone kuremerwa muiyo huru API.

Kune rimwe divi, OpenSSL yakasimba, yekutengesa-giredhi, izere-inoratidzirwa teki yekushandisa yeTransport Layer Security (TLS) uye Secure Sockets Layer (SSL) maprotocol. Iyo zvakare iri akasiyana-siyana crypto raibhurari.

Nezve Rustls bvunzo

Mune akateedzana bvunzo dzekuita, Joseph Birr Pixton anoti akafunga mapoinzi akati wandei kuti aone mashandiro acho inogona kusiyana pakati pemaraibhurari eTLS, i.e. kuchinjanisa mashandiro uye kuita kwese.

Kuita kwekubata maoko kunovhara kumhanya uko kunogona kugadzirirwa nhambo itsva dzeTLS. Panyaya yekuita kwese, vanovhara iko kumhanya uko data rekunyorera rinogona kuendeswa kuchikamu chakagadzirirwa kare.

Mhedzisiro yemiyedzo dzakasiyana yakaratidza kuti Rustls yaive 10% nekukurumidza kana ichimisikidza nekugadzira kubatana kutsva ine sevha uye 20-40% nekukurumidza kana uchimisikidza kubatana kwevatengi.

Asi kana kumhanya kwekubatana kweTLS kutsva kwakakwira, mizhinji yemigwagwa yeTLS inovimba nekutangazve kwehukama hwatovepo.

Pano zvakare, Rustls yakakunda raibhurari yeOpenSSL, ichitora server-parutivi kubatanidza 10-20%, uye 30-70% nekukurumidza kutangazve kubatana kwevatengi.

Pamusoro pezvo, maRustls akaita zvirinani maererano neyakajairika mashandiro kana kudhinda dhizaini pamusoro peiyo TLS kubatana.

Birr Pixton akati Rustls aigona kutumira data 15% nekukurumidza kupfuura OpenSSL uye gamuchira 5% nekukurumidza. Pakupedzisira, anodaro, raibhurari yeRustls yakangoshandisa hafu chete yechirangaridzo chinodiwa kumhanyisa OpenSSL, inova iri huru yekuwedzera. Akarangarira kuti kudivi iri, OpenSSL yakashoropodzwa kazhinji nekuda kwekurangarira kwayo kukuru uye nhamba hombe yezvinetso zvekuchengetedza zvinowanikwa mukodhi yayo.

Kupfupisa mhedzisiro, tinogona kuti:

• Rustls iri 15% nekukurumidza kutumira data
• Rustls iri 5% nekukurumidza kugamuchira data
• Rustls iri makumi maviri kusvika makumi mana muzana nekukurumidza kumisikidza kubatana kwevatengi
• Rustls iri 10% nekukurumidza kumisikidza sevha yekubatanidza
• Rustls iri 30 kusvika 70% nekukurumidza kuti itangezve kubatana kwevatengi
• Rustls iri 10-20% nekukurumidza kuti itangezve kubatana kune server
• Rustls inoshandisa isingasviki hafu yeiyo OpenSSL ndangariro

Birr Pixton akatsanangura kuti nekuda kwekuti Rustls akaiswa mukati meRust, nyaya dzekuchengetedza chengetedzo dzinogadziriswa kunyanya neiyo Rust mutauro dhizaini. Mutauro wakagadzirwa kubva pasi kumusoro kuti udzivise ndangariro-zvine chekuita nekuchengetedza tsikidzi.

Nzira iyo zvirongwa zvakanyorwa muRust programming mutauro zvinowirirana nendangariro ndeimwe yedudziro dzakakurumbira dzemitauro. Kana makambani makuru akaona kukosha kwemutauro wakagadzirwa neMozilla Research, kukura kwayo kunogona kuputika mumakore anotevera.

Mabhurawuza akadai seFirefox neBrave anotendwa zvakare kuti anoshandisa Rust zvinhu, asi makambani makuru senge Cloudflare, Dropbox, uye Yelp vakagamuchirawo masisitimu ekugadzira.

mabviro: https://jbp.io