[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [libmicrohttpd] HTTPS delay
From: |
Avner Flesch |
Subject: |
Re: [libmicrohttpd] HTTPS delay |
Date: |
Tue, 01 Nov 2011 10:10:30 +0200 |
I used "NORMAL" - and it used CAMELLIA-256-CBC, now it is using ARCFOUR-128
I estimate the improvement by at list 50%
I also made the files smaller, and arrived to about 75% improvement
Thanks
Avner
-----Original Message-----
From: Christian Grothoff <address@hidden>
To: address@hidden
Cc: Avner Flesch <address@hidden>
Subject: Re: [libmicrohttpd] HTTPS delay
Date: Mon, 31 Oct 2011 15:13:16 +0100
On Monday, October 31, 2011 02:57:01 PM Avner Flesch wrote:
> Thanks
>
> I have big improvement.
What did you use? How much did performance improve?
> Do you have idea also how to short the authentication delay?
If you don't already, I'd first try to use a short(er) private key (for
example, 1024 bit -- you can try less, but it won't be really secure anymore).
Happy hacking,
Christian
> Thanks
>
> Avner
>
> -----Original Message-----
> From: Christian Grothoff <address@hidden>
> Reply-to: libmicrohttpd development and user mailinglist
> <address@hidden>
> To: libmicrohttpd development and user mailinglist
> <address@hidden>
> Subject: Re: [libmicrohttpd] HTTPS delay
> Date: Sun, 30 Oct 2011 18:53:11 +0100
>
> On 10/30/2011 06:12 PM, Avner Flesch wrote:
> > Thanks for the fast reply.
> > I am using Linux on powerpc 875 (50 MHz).
>
> Then 6s could totally be encryption. This article might be a good start
> for cipher choices:
>
> http://journal.paul.querna.org/articles/2010/07/10/overclocking-mod_ssl/
>
> Also make sure that you compiled libgcrypt with optimizations (-O3).
>
> Best regards,
>
> Christian
>
> > -----Original Message-----
> > From: Christian Grothoff<address@hidden>
> > Reply-to: libmicrohttpd development and user mailinglist
> > <address@hidden>
> > To: address@hidden
> > Subject: Re: [libmicrohttpd] HTTPS delay
> > Date: Sun, 30 Oct 2011 17:56:01 +0100
> >
> > On 10/30/2011 05:16 PM, Avner Flesch wrote:
> >> Hi,
> >>
> >> I am developing simple secured HTTP (HTTPS) server for embedded system.
> >> It seems that the delay is rather long - for example ~230 KB file delay
> >> is almost 6 seconds.
> >> Is there a way to speed it up?
> >
> > On an embedded system, I suspect the main contributor to latency is CPU
> > time for the cryptographic operations (you didn't say what kind of
> > embedded system, so it's hard for me to say if 6s is good or bad).
> >
> > You could configure MHD to use different (faster) ciphers, which may
> > give you significant performance improvements (if CPU speed is the
> > problem). Google's choices for HTTPS might be a good starting point.
> >
> > Changing the default cipher suite in MHD is done using
> > MHD_OPTION_HTTPS_PRIORITIES followed by a string specifying the ciphers
> > (see 'gnutls_priority_init' documentation for the format of that string).
> >
> > Other than that, there is little you can do: HTTPS is slow, and I'm
> > generally pretty sure that MHD and GNUtls are about as fast as they can
> > be (so switching to a different HTTP(S) server would also most likely
> > not help you --- unless that server uses a different cipher suite by
> > default, and in that case you could just use the option I gave above).
> >
> > Happy hacking!
> >
> > Christian
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- Re: [libmicrohttpd] HTTPS delay,
Avner Flesch <=