URustls, umtapo wolwazi we-TLS udlula i-OpenSSL

Darkcrizt

Imizuzu ye-4

ukugqwala-logo-web

UJoseph Birr Pixton, unjiniyela welabhulali ye-TLS Rustls wenze uchungechunge lwezivivinyo ekukhuleni kwayo y uqaphele ukusebenza kokugcina kweqa i-OpenSSL emazingeni ahlukahlukene. Ama-Rustls ngumtapo wolwazi ovulekile, i-TLS, ebhalwe kuRust futhi itholakala ngaphansi kwelayisense le-Apache 2.0, MIT, ne-ISC, kepha i-OpenSSL iyilabhulali eyaziwayo kanye nezinga lomkhakha cishe kuzo zonke izigaba ezinkulu.

Ngokuya ngemibhalo yayo, URustls umtapo wezincwadi wanamuhla we-TLS ohlose ukuhlinzeka ngezinga elihle lokuphepha kwe-cryptographic. Akudingi ukulungiswa ukuze kuzuzwe lokhu kuvikeleka futhi akuhlinzeki ngokusebenza okungavikelekile noma i-cryptography ephelelwe yisikhathi.

Inezici eziningi, njengokuqinisekiswa kweklayenti le-ECDSA noma i-RSA kanye ne-ECDSA noma ukuqinisekiswa kweseva yeRSA, ngenkathi kusekelwa ukuqinisekiswa kwesitifiketi seseva.

Lokhu kusho ukuthi awudingi ukuhlinzeka nganoma yini enye ngaphandle kwesethi yezitifiketi zezimpande. Ukuqinisekiswa kwesitifiketi akukwazi ukukhutshazwa ku-API eyinhloko.

Ngakolunye uhlangothi, i-OpenSSL iyithuluzi lamathuluzi eliqinile, lokuhweba, eligcwele eligcwele le-Transport Layer Security (TLS) kanye ne-Secure Sockets Layer (SSL) protocol. Futhi ungumtapo wezincwadi we-crypto oguquguqukayo.

Mayelana nokuhlolwa kweRustls

Ochungechungeni lwezivivinyo zokusebenza, UJoseph Birr Pixton uthi ucubungule amaphuzu amaningana ukuhlola ukuthi kusebenza kanjani ingahluka phakathi kwemitapo yolwazi ye-TLS, okusho ukusebenza kokushintshana nokusebenza okuphelele.

Ukusebenza kwesandla kuhlanganisa isivinini lapho amaseshini amasha we-TLS angalungiswa khona. Ngokusebenza okuphelele, zimboza isivinini idatha yedatha yohlelo engadluliselwa ngaso kuseshini esivele isilungisiwe.

Imiphumela yezivivinyo ezahlukahlukene ikhombise ukuthi amaRustls ayeshesha nge-10% lapho kusethwa futhi kwenziwa ukuxhumana okusha ngeseva nange-20-40% ngokushesha lapho kusethwa ukuxhumana kwamakhasimende.

Kepha uma isivinini sokuxhuma okusha kwe-TLS siphezulu, iningi le-TLS traffic lincike ekuqalisweni kabusha kokuxhumeka osekuvele kumisiwe.

Nalapha futhi, AmaRustls adlula umtapo wolwazi we-OpenSSL, ethatha uxhumano lweseva ngo-10-20%, no-30-70% ngokushesha ukuqala kabusha ukuxhumana kwamakhasimende.

Ngokwengeziwe, amaRustls asebenze kangcono ngokuya ngokusebenza jikelele noma isivinini sokudluliswa kwedatha ngokuxhumeka kwe-TLS.

UBirr Pixton uthe uRustls angathumela idatha ngo-15% ngokushesha kune-OpenSSL futhi uthole u-5% ngokushesha. Ekugcineni, uthi, umtapo wolwazi weRustls usebenzise isigamu sememori esidingekayo ukusebenzisa i-OpenSSL, nokuhlanganiswa okukhulu kakhulu. Ukhumbule ukuthi kulolu hlangothi, i-OpenSSL ibigxekwa kaningi ngezimpawu zayo ezinkulu zememori nenombolo enkulu yezinkinga zokuphepha ezitholakala kwikhodi yayo.

Ukufingqa imiphumela, singasho ngokusobala ukuthi:

  • AmaRustls ashesha ngama-15% ukuthumela idatha
  • Ama-Rustls ashesha ngama-5% ukuthola idatha
  • Ama-Rustls ashesha ngama-20 kuye kuma-40% ukusetha ukuxhumana kwamakhasimende
  • Ama-Rustls ashesha nge-10% ukusetha ukuxhumeka kweseva
  • Ama-Rustls ashesha ngama-30 kuya ku-70% ukuqala kabusha ukuxhumana kwamakhasimende
  • Ama-Rustls ashesha ngo-10-20% ukuqala kabusha ukuxhumana neseva
  • Ama-Rustls asebenzisa ngaphansi kwengxenye yememori ye-OpenSSL

UBirr Pixton uchaze ukuthi ngenxa yokuthi amaRustls anekhodi kuRust, izinkinga zamaphutha ezokuphepha ziyaxazululwa ikakhulu ngokuklanywa kolimi lweRust. Ulimi lwakhiwe kusuka phansi kuya phansi ukugwema izimbungulu zokuphepha ezihlobene nememori.

Indlela izinhlelo ezibhalwe ngolimi lohlelo lweRust ezihlangana ngayo nenkumbulo kungenye yezincazelo ezivelele zezilimi. Uma izinkampani ezinkulu zikuqaphela ukuba lusizo kolimi olwenziwe yiMozilla Research, ukukhula kwazo kungaqhuma eminyakeni ezayo.

Iziphequluli ezinjengeFirefox neBrave nazo zikholelwa ukuthi njengamanje zisebenzisa izinto zeRust, kepha izinkampani ezinkulu ezinjengeCloudflare, iDropbox, neYelp nazo sezisebenzise izinhlelo zokukhiqiza.

Umthombo: https://jbp.io


Shiya umbono wakho

Ikheli lakho le ngeke ishicilelwe. Ezidingekayo ibhalwe nge *

*

*

  1. Ubhekele imininingwane: Miguel Ángel Gatón
  2. Inhloso yedatha: Lawula Ugaxekile, ukuphathwa kwamazwana.
  3. Ukusemthethweni: Imvume yakho
  4. Ukuxhumana kwemininingwane: Imininingwane ngeke idluliselwe kubantu besithathu ngaphandle kwesibopho esisemthethweni.
  5. Isitoreji sedatha: Idatabase ebanjwe yi-Occentus Networks (EU)
  6. Amalungelo: Nganoma yisiphi isikhathi ungakhawulela, uthole futhi ususe imininingwane yakho.

  1.   I-Autopilot kusho
    kwenza iminyaka 5

    Izinombolo ezinhle zamaRustls. Ngicabanga ukuthi kungani bengazange bayiqhathanise neLibreSSL.
    Kusazobonakala ukuthi ukusebenza kukaRust kuphakeme ngokwanele yini ukukhipha i-C ++, futhi ikakhulukazi i-C / Asm, ngokwazi kwami ​​ubunzima bokushintsha izilimi kwakuphakeme kunoshukela owenziwe nge-Rust.

    Phendula ku-Autopilot