The US-based CDN and DNS provider rolled out free SSL to millions of websites through the Universal SSL scheme last fall. Now, the company has begun rolling out a new form of encryption to improve the performance and security of mobile browsing. Dubbed ChaCha20-Poly1305, the cipher suites have only previously been used by one major tech firm, Google, but all CloudFlare websites now support the new algorithm.
As of the time of writing, approximately 10 percent of CloudFlare HTTPS website connections are using the protocol, but more are to follow.
Nick Sullivan from CloudFlare described the deployment in a blog post on Tuesday, explaining that the protocol for encrypting HTTPS -- Transport Layer Security (TLS) -- allows the easy integration of new encryption algorithms. The new cipher, based on the ChaCha20 and Poly1305 algorithms, fills the gap left by mobile browsers and APIs in TLS right now for secure encryption.
In addition, ChaCha20-Poly1305 improves upon the security of the de facto stream cipher choice for TLS, RC4 -- which is no longer considered secure. Another alternative, the AES-GCM cipher, is a good choice, but can be costly when it comes to mobile battery life. Therefore, users have been stuck between power-hungry or insecure encryption options.
In order to combat this problem and find a power-friendly alternative for mobile devices, Google engineers developed ChaCha20-Poly1305, which was included in Chrome 31 in November 2013, and Chrome for Android and iOS at the end of April 2014.
"Having the option to choose a secure stream cipher in TLS is a good thing for mobile performance," Sullivan says. "Adding cipher diversity is also good insurance. If someone finds a flaw in one of the AES-based cipher suites sometime in the future, it gives a safe and fast option to fall back to."
ChaCha20-Poly1305, a mixture of ChaCha20, a stream cipher; and Poly1305, a code authenticator -- developed by Professor Dan Bernstein -- is designed to provide 256-bit security, in comparison to the AES-GCM cipher, which provides around 128 bits of security.
CloudFlare says this level is "more than sufficient" for HTTPS connections. In addition, ChaCha20-Poly1305 also protects TLS against cyberattackers inserting fake messages into secure streams.
"ChaCha20-Poly1305 is three times faster than AES-128-GCM on mobile devices. Spending less time on decryption means faster page rendering and better battery life."
While Chrome is currently the only web browser to support this algorithm, Mozilla is planning on adding support for ChaCha20-Poly1305 in Firefox.
Read on: In the world of security
Read on: Fixes and Flaws