Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

I was just looking at the base latency for 37s servers:

  curl -sIX HEAD -o /dev/null -w "%{time_total} s\n"  https://asset1.basecamphq.com/rev_7ab3626/images/indicator.gif
gives me about 600 ms min. which is quite high compared to e.g. https://encrypted.google.com/textinputassistant/tia.png (45 ms min.)

Ping to 37s (204.62.114.1) is only about 109 ms, so it looks like the SSL handshake is very slow?



One thing I've noticed is that Google likes to use RC4_128 as their encryption method for SSL. Most people just pick AES_256_CBC like 37s has. RC4_128 is so much faster in tests we've run. Of course, there's a possible security trade off, sort of. RC4, I believe from reading, is still plenty strong when it's properly implemented.


I've definitely observed this performance difference, and it is quite significant. However, the new AES-NI instructions in more recent Intel chips may lessen the performance difference over time, as more users buy machines with these chips. (Of course, that won't help mobile devices yet, and it's possible that one could equivalently speed up RC4 with those instructions as well.)

But I know the latest OpenSSL does have an AES implementation that uses AES-NI when those instructions are supported.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: