SSL / TLS

Contents

Introduction

Secure web servers, and many other kinds of servers that want to protect data from prying eyes during transmission, often use the Secure Socket Layer (SSL) originally developed by Netscape. It is now also known as the Transport Layer Security protocol (TLS), defined by the draft Internet standard RFC2246.

SSL, or more specifically, the RSA public-key cryptographic operations usually used to exchange the session key at the start of a connection, is computationally intensive. It takes far more CPU time to establish an SSL connection than a normal connection.

This page lists products and sources of information of interest to programmers trying to implement SSL in their software. I'm just learning about this stuff myself, and these are the notes I'm making as I go.

Related books

Related sites

APIs that implement SSL/TLS

SSL Benchmarks

HP seems to have developed a small SSL benchmark called SSL_rate; see the writeup at www.zeus.co.uk/library/technical/hp_bench.pdf. Supposedly the code is downloadable from ftp.cup.hp.com/dist/networking/benchmarks, but I haven't seen it yet.

In April, 2001, Coradiant published a SSL benchmark comparing a hand-coded highly optimized version of RSA for Itanium to an unoptimized off-the-shelf generic RSA compiled for UltraSparc III. (Gee, that's a fair test.) The original URL doesn't work anymore, but Google saved a copy.


Last Real Update: 25 Sept 2001
Last Minor Update: 4 Sept 2012 (!)
Copyright 2000-2012, Dan Kegel
[Return to kegel.com]