benchmarking mod_gnutls vs mod_ssl
Nikos Mavrogiannopoulos
nmav at gnutls.org
Sat Mar 8 12:41:53 CET 2008
Simon Josefsson wrote:
> All,
>
> Results from other architectures or operating systems are very welcome.
> Just add the output at the end of the page, under a new 'Results from X'
> heading.
Hello,
I've added results from an AMD64x2 cpu. The performance of gnutls is
dramatically better. For a small file (5k) and DHE-RSA ciphersuites the
performance is equivalent. For the plain RSA ciphersuite the performance
is still low (about 40% of the openssl performance).
For a larger (300k) file the performance for both ciphersuites is
exactly the same.
So it seems libgcrypt is quite optimized in amd64... However there seems
to be some overhead in the plain RSA ciphersuites that affects
performance when the number of transactions increases (the first case
with the small file). Possibly the RSA blinding...
> One interesting behaviour I noticed when running the tests was that with
> mod_ssl, the exchanged TCP packets as seen in wireshark were:
[...]
> In other words, gnutls sends each TLS packet in a separate TCP packet.
> This may have some impact on performance, but it is too early to tell
> for sure.
This could also affect the first case where a small file is sent and
many transactions occur per second.
regards,
Nikos
More information about the Gnutls-devel
mailing list