OpenSSL performance issue

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

> From: openssl-users On Behalf Of Michael Wojcik
> Sent: Thursday, December 18, 2014 21:27

> > From: openssl-users [mailto:openssl-users-bounces at openssl.org] On
> Behalf
> > Of Kurt Roeckx
> > Sent: Thursday, December 18, 2014 16:36
> > To: openssl-users at openssl.org
> > Subject: Re: [openssl-users] OpenSSL performance issue
> >
> > So the differnce here is that jave picks a DHE ciphersuite while
otherwise
> you
> > didn't.  DHE gives you forward secrecy but is slower.
> 
> And if DH parameters have not been set, OpenSSL will have to generate
> them on the fly, which can be *very* slow (relative to normal conversation
> establishment).
> 
I think this is new in trunk; in all released versions of OpenSSL server 
it won't use DHE/A and or ECDHE/A if parameters have not been set.

And the case here is OpenSSL client to Java proxy acting as server.
JSSE server uses hardcoded parameters, from some standard -- 
I vaguely recall it being Oakley but don't remember details.
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux