Bug 39544

Summary: Prefer stream ciphers over blocks ones
Product: Wocky Reporter: Marco Barisione <marco.barisione>
Component: GeneralAssignee: Marco Barisione <marco.barisione>
Status: RESOLVED FIXED QA Contact: Telepathy bugs list <telepathy-bugs>
Severity: normal    
Priority: medium Keywords: patch
Version: git master   
Hardware: Other   
OS: All   
URL: http://cgit.collabora.com/git/user/bari/wocky.git/log/?h=stream-ciphers
Whiteboard: review+
i915 platform: i915 features:

Description Marco Barisione 2011-07-26 02:58:13 UTC 
On cellular networks there is a big difference in power consumption if packets
(including the TCP and IP overhead) are smaller than about 125 bytes. See
http://xmpp.org/extensions/xep-0286.html#sect-id152122 for details.
Making sure that the activity due to keepalives only uses the low power FACH
channel means we can visibly increase the battery life of phones.

Usually I would say it's ridiculous to do anything to save just a few bytes,
but, considering how cellular networks work, switching to a stream ciphers could help with smaller packets.
I took some measurements:
- AES-128-CBC: the packet is always bigger than 125 bytes.
- ARCFOUR-128 with XMPP pings: the packet is 92 bytes. To big when we also
  consider TCP and IP overhead.
- ARCFOUR-128 with whitespace pings: 26 bytes.

So using RC4 + whitespace pings (see bug #39543) would make us use the FACH channel for keepalive pings.

We could always prefer RC4 over AES-128-CBC, but RC4 is less secure (it's easy to crack if you get a lot of data).
From a performance point of view (both CPU and memory), I'm not sure if there is any significant difference.
Comment 1 Marco Barisione 2011-08-01 09:24:26 UTC 
http://cgit.collabora.com/git/user/bari/wocky.git/log/?h=stream-ciphers contains the proposed fix.
I added an --enable-prefer-stream-ciphers option as I'm not particularly sure using RC4 by default would be a great idea.
Comment 2 Will Thompson 2011-08-01 09:45:31 UTC 
+    [prefer stream ciphers over block ciphers to save bandwidth]),

Add “(at the possible expense of security)” maybe? But looks fine, functionally.
Comment 3 Marco Barisione 2011-08-03 06:52:01 UTC 
(In reply to comment #2)
> Add “(at the possible expense of security)” maybe? But looks fine,
> functionally.

Fixed.

Pushed to wocky master (that is now used by gabble master due to bug #39543).

Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.