1 / 17

A Comparison of HTTP and HTTPS Performance

A Comparison of HTTP and HTTPS Performance. Arthur Goldberg, Robert Buff, Andrew Schmitt [artg, buff, schm7136]@cs.nyu.edu Computer Science Department Courant Institute of Mathematical Science New York University. Computer Measurement Group, December 8, 1998. Outline.

elliot
Download Presentation

A Comparison of HTTP and HTTPS Performance

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. A Comparison of HTTP and HTTPS Performance Arthur Goldberg, Robert Buff, Andrew Schmitt [artg, buff, schm7136]@cs.nyu.edu Computer Science Department Courant Institute of Mathematical Science New York University Computer Measurement Group, December 8, 1998

  2. Outline • Review of secure Web communications • Experimental design • HTTP and HTTPS performance • Conclusions

  3. HTTP Transaction Client Browser Web Server TCP Connect HTTP GET transaction

  4. Measured Calls Socket = TCP-connect( URL ); start-timer; TCP-write( HTTP-Request ); while ( data-available ) { TCP-read( HTTP-Response ); } end-timer;

  5. HTTPS HTTPS SSL TCP

  6. HTTPS Transaction Client Browser Web Server TCP Connect SSL Connect HTTPS GET transaction

  7. Measured Calls Socket = TCP-connect( URL ); SSL-connect( Socket ); start-timer; SSL-write( HTTP-Request ); while ( data-available ) { SSL-read( HTTP-Response ); } end-timer;

  8. Secure Performance Issues • Comparison of HTTP and HTTPS GETs • SSL connect delay

  9. WebPerf System • Robot browser • HTTP 1.0 • Proxies • SSL • Oracle 7.3 SQL 92 Database • Experiments • Results

  10. Robot Browser Implementation • Visual C++ 5.0, optimized • Single-threaded • Winsock 1.1 • SSLeay 0.8.1 (by Eric A. Young) • RogueWave and Oracle OCI

  11. Experimental Setup • Intranet: Robot PC and Server PC • Measured downloads in • HTTP • HTTPS export grade encryption (40 bit keys) • HTTPS domestic grade encryption (128 bit keys)

  12. Robot PC • Windows NT Workstation 4.0 • 100 MHz Pentium, 32 MB,NE 2000 NIC • 10 Mbps Ethernet • Connected to server viaunswitched hub

  13. Server PC • Netscape Enterprise Server 3.5.1 • Microsoft Internet Information Server (IIS) 4.0 • Windows NT Server 4.0 • 200 MHz Pentium, 256 MB, 100baseT Ethernet NIC

  14. Downloaded documents • Prefix of HTTP Specificationin HTML • Sizes in KB: 1, 2, 3, …, 18, 19, 20 40, 60, 80, 100

  15. 95% 75% Duration (100K) Non-secure Secure (40) Secure (128) ms Netscape 200 150 100 50 Microsoft 200 150 100 50 20 60 100 20 60 100 20 60 100

  16. 95% 75% Duration (20K) Non-secure Secure (40) Secure (128) ms Netscape 100 60 20 Microsoft 100 60 20 0510 1520 0510 1520 0510 1520

  17. Conclusion • HTTPS only slightly slower than HTTP

More Related