We have done a litte performance test here. A slow device is downloading a 3,5 MByte file from Google Drive utilizing Rebex HTTPS Version 2019 R3.5, using different TLS 1.2 ciphers forced by SslAllowedSuites configuration:
Connection secured using cipher: TLS 1.2, RSA with ephemeral ECDH, AES with 128-bit key in GCM mode, AEAD.
Download took 24 seconds
Connection secured using cipher: TLS 1.2, ECDSA with ephemeral ECDH, AES with 128-bit key in GCM mode, AEAD.
Download took 23 seconds
Connection secured using cipher: TLS 1.2, ECDSA with ephemeral ECDH, Chacha20Poly1305 with 256-bit key, AEAD.
Download took 18 seconds
On this device your managed Chacha20/Poly1305 implementation is faster than AES/GCM. Do you think we should compare download speed on more devices?