X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=blobdiff_plain;f=test%2Ftimes;h=6b66eb342e6cd3eeab425de80b46ebd99e6b1710;hp=49aeebf216e8c345b25b71aed5e308f81e3ced97;hb=6922ddee1b7b1bddbe0d59a5bbdcf8ff39343434;hpb=78414a6a897db42c9bcf06aa21c705811ab33921 diff --git a/test/times b/test/times index 49aeebf216..6b66eb342e 100644 --- a/test/times +++ b/test/times @@ -1,7 +1,7 @@ More number for the questions about SSL overheads.... -The following numbers were generated on a pentium pro 200, running linux. +The following numbers were generated on a Pentium pro 200, running Linux. They give an indication of the SSL protocol and encryption overheads. The program that generated them is an unreleased version of ssl/ssltest.c @@ -11,7 +11,7 @@ interface. How do I read this? The protocol and cipher are reasonable obvious. The next number is the number of connections being made. The next is the -number of bytes exchanged bewteen the client and server side of the protocol. +number of bytes exchanged between the client and server side of the protocol. This is the number of bytes that the client sends to the server, and then the server sends back. Because this is all happening in one process, the data is being encrypted, decrypted, encrypted and then decrypted again. @@ -55,10 +55,10 @@ SSLv3 DES-CBC3-SHA 1000 x 102400 336.61s 323.82s What does this all mean? Well for a server, with no session-id reuse, with a transfer size of 10240 bytes, using RC4-MD5 and a 512bit server key, -a pentium pro 200 running linux can handle the SSLv3 protocol overheads of +a Pentium pro 200 running Linux can handle the SSLv3 protocol overheads of about 49 connections a second. Reality will be quite different :-). -Remeber the first number is 1000 full ssl handshakes, the second is +Remember the first number is 1000 full ssl handshakes, the second is 1 full and 999 with session-id reuse. The RSA overheads for each exchange would be one public and one private operation, but the protocol/MAC/cipher cost would be quite similar in both the client and server. @@ -68,25 +68,25 @@ eric (adding numbers to speculation) --- Appendix --- - The time measured is user time but these number a very rough. - Remember this is the cost of both client and server sides of the protocol. -- The TCP/kernal overhead of connection establishment is normally the +- The TCP/kernel overhead of connection establishment is normally the killer in SSL. Often delays in the TCP protocol will make session-id reuse look slower that new sessions, but this would not be the case on a loaded server. -- The TCP round trip latencies, while slowing indervidual connections, +- The TCP round trip latencies, while slowing individual connections, would have minimal impact on throughput. - Instead of sending one 102400 byte buffer, one 8k buffer is sent until - the required number of bytes are processed. -- The SSLv3 connections were actually SSLv2 compatable SSLv3 headers. +- The SSLv3 connections were actually SSLv2 compatible SSLv3 headers. - A 512bit server key was being used except where noted. - No server key verification was being performed on the client side of the protocol. This would slow things down very little. - The library being used is SSLeay 0.8.x. -- The normal mesauring system was commands of the form +- The normal measuring system was commands of the form time ./ssltest -num 1000 -bytes 102400 -cipher DES-CBC-SHA -reuse This modified version of ssltest should be in the next public release of SSLeay. -The general cipher performace number for this platform are +The general cipher performance number for this platform are SSLeay 0.8.2a 04-Sep-1997 built on Fri Sep 5 17:37:05 EST 1997