Intent to implement & ship: CHACHA20_POLY1305 ciphers

[David Benjamin]

Contact emails

davi...@chromium.org, a...@chromium.org

Summary

In 2013, Chrome 31 deployed a new TLS cipher suite based on Prof. Dan Bernstein's ChaCha20 and Poly1305 algorithms. These have now made their way through the standardization process.

We'll be deploying the standardized variant in Chrome 49. For now, these will be deployed alongside the pre-standard variants we currently deploy. We expect to remove them in favor of the standardized version not too long afterwards as only Chromium-based browsers ever implemented them, but this will be a separate announcement. 

On servers, OpenSSL 1.1.0 is expected to implement these ciphers. (Note: early adopters should be aware that 1.1.0 alpha 1 has several bugs fixed on their development branch.)

Standards

https://tools.ietf.org/html/rfc7539

https://tools.ietf.org/html/draft-ietf-tls-chacha20-poly1305-04

Platform support

These ciphers won't be available in Chrome for iOS as it hasn't switched to BoringSSL yet.

David