diff options
Diffstat (limited to 'src/lib/libssl/test/times')
-rw-r--r-- | src/lib/libssl/test/times | 16 |
1 files changed, 8 insertions, 8 deletions
diff --git a/src/lib/libssl/test/times b/src/lib/libssl/test/times index 738d569b8f..6b66eb342e 100644 --- a/src/lib/libssl/test/times +++ b/src/lib/libssl/test/times | |||
@@ -1,7 +1,7 @@ | |||
1 | 1 | ||
2 | More number for the questions about SSL overheads.... | 2 | More number for the questions about SSL overheads.... |
3 | 3 | ||
4 | The following numbers were generated on a pentium pro 200, running linux. | 4 | The following numbers were generated on a Pentium pro 200, running Linux. |
5 | They give an indication of the SSL protocol and encryption overheads. | 5 | They give an indication of the SSL protocol and encryption overheads. |
6 | 6 | ||
7 | The program that generated them is an unreleased version of ssl/ssltest.c | 7 | The program that generated them is an unreleased version of ssl/ssltest.c |
@@ -11,7 +11,7 @@ interface. | |||
11 | 11 | ||
12 | How do I read this? The protocol and cipher are reasonable obvious. | 12 | How do I read this? The protocol and cipher are reasonable obvious. |
13 | The next number is the number of connections being made. The next is the | 13 | The next number is the number of connections being made. The next is the |
14 | number of bytes exchanged bewteen the client and server side of the protocol. | 14 | number of bytes exchanged between the client and server side of the protocol. |
15 | This is the number of bytes that the client sends to the server, and then | 15 | This is the number of bytes that the client sends to the server, and then |
16 | the server sends back. Because this is all happening in one process, | 16 | the server sends back. Because this is all happening in one process, |
17 | the data is being encrypted, decrypted, encrypted and then decrypted again. | 17 | the data is being encrypted, decrypted, encrypted and then decrypted again. |
@@ -55,10 +55,10 @@ SSLv3 DES-CBC3-SHA 1000 x 102400 336.61s 323.82s | |||
55 | 55 | ||
56 | What does this all mean? Well for a server, with no session-id reuse, with | 56 | What does this all mean? Well for a server, with no session-id reuse, with |
57 | a transfer size of 10240 bytes, using RC4-MD5 and a 512bit server key, | 57 | a transfer size of 10240 bytes, using RC4-MD5 and a 512bit server key, |
58 | a pentium pro 200 running linux can handle the SSLv3 protocol overheads of | 58 | a Pentium pro 200 running Linux can handle the SSLv3 protocol overheads of |
59 | about 49 connections a second. Reality will be quite different :-). | 59 | about 49 connections a second. Reality will be quite different :-). |
60 | 60 | ||
61 | Remeber the first number is 1000 full ssl handshakes, the second is | 61 | Remember the first number is 1000 full ssl handshakes, the second is |
62 | 1 full and 999 with session-id reuse. The RSA overheads for each exchange | 62 | 1 full and 999 with session-id reuse. The RSA overheads for each exchange |
63 | would be one public and one private operation, but the protocol/MAC/cipher | 63 | would be one public and one private operation, but the protocol/MAC/cipher |
64 | cost would be quite similar in both the client and server. | 64 | cost would be quite similar in both the client and server. |
@@ -72,21 +72,21 @@ eric (adding numbers to speculation) | |||
72 | killer in SSL. Often delays in the TCP protocol will make session-id | 72 | killer in SSL. Often delays in the TCP protocol will make session-id |
73 | reuse look slower that new sessions, but this would not be the case on | 73 | reuse look slower that new sessions, but this would not be the case on |
74 | a loaded server. | 74 | a loaded server. |
75 | - The TCP round trip latencies, while slowing indervidual connections, | 75 | - The TCP round trip latencies, while slowing individual connections, |
76 | would have minimal impact on throughput. | 76 | would have minimal impact on throughput. |
77 | - Instead of sending one 102400 byte buffer, one 8k buffer is sent until | 77 | - Instead of sending one 102400 byte buffer, one 8k buffer is sent until |
78 | - the required number of bytes are processed. | 78 | - the required number of bytes are processed. |
79 | - The SSLv3 connections were actually SSLv2 compatable SSLv3 headers. | 79 | - The SSLv3 connections were actually SSLv2 compatible SSLv3 headers. |
80 | - A 512bit server key was being used except where noted. | 80 | - A 512bit server key was being used except where noted. |
81 | - No server key verification was being performed on the client side of the | 81 | - No server key verification was being performed on the client side of the |
82 | protocol. This would slow things down very little. | 82 | protocol. This would slow things down very little. |
83 | - The library being used is SSLeay 0.8.x. | 83 | - The library being used is SSLeay 0.8.x. |
84 | - The normal mesauring system was commands of the form | 84 | - The normal measuring system was commands of the form |
85 | time ./ssltest -num 1000 -bytes 102400 -cipher DES-CBC-SHA -reuse | 85 | time ./ssltest -num 1000 -bytes 102400 -cipher DES-CBC-SHA -reuse |
86 | This modified version of ssltest should be in the next public release of | 86 | This modified version of ssltest should be in the next public release of |
87 | SSLeay. | 87 | SSLeay. |
88 | 88 | ||
89 | The general cipher performace number for this platform are | 89 | The general cipher performance number for this platform are |
90 | 90 | ||
91 | SSLeay 0.8.2a 04-Sep-1997 | 91 | SSLeay 0.8.2a 04-Sep-1997 |
92 | built on Fri Sep 5 17:37:05 EST 1997 | 92 | built on Fri Sep 5 17:37:05 EST 1997 |