Size of Libgcrypt (and other libraries) and subsequent performance

John Brooks aspecialj at
Thu Apr 24 05:14:16 CEST 2008

Obvious reply is to make sure that they're not built with -g (debug symbols)
and to run `strip' on them (removes excess information such as debug symbols
from the binaries without changing their execution). Optimization flags may
also play a part (-Os to optimize for space, and -O1/2/3 may make the binary
larger, but should make execution faster).

It would also be interesting to profile both of those applications and see
how long the operations take in comparison to eachother, rather than just a
cold execution time.

- John
On Wed, Apr 23, 2008 at 3:19 AM, Ashish Gupta <ashishg2dec at> wrote:

> Hi,
> The size of the libraries (especially libgcrypt) claimed at
> is much lower than what
> is produced by default (note, the size claimed is 367kb whereas the defaule
> build for libgcrypt results in close of 1.2MB shared object). Can someone
> help in understanding how these binaries were created for the Debian and how
> can this much optimization be achieved?
> The default build of libgcrypt (1.2MB) is relatively comparable to the
> size of libcrypto (1.3MB) (used with openssl). Hence the effective load time
> of the (similar) programs using both these libraries yeilds better
> performance on openssl. The sample client timings as observed over
> itierations (taking into account TLB) gives:
> ashish at ashish-desktop:~/Atemp/SSLExamples$ time ./gnutls/client
> Finished
> real    0m0.294s
> user    0m0.046s
> sys     0m0.092s
> ashish at ashish-desktop:~/Atemp/SSLExamples$ time ./openssl/client
> real    0m0.117s
> user    0m0.004s
> sys     0m0.004s
> The libraries linked in were as follows:
> ashish at ashish-desktop:~/Atemp/SSLExamples$ ldd ./gnutls/client
> =>  (0xffffe000)
> => /usr/local/lib/ (0xb7e55000)
> => /usr/lib/ (0xb7e35000)
> => /usr/local/lib/ (0xb7dc5000)
> => /usr/local/lib/ (0xb7dc1000)
> => /lib/tls/i686/cmov/ (0xb7c80000)
> => /usr/lib/ (0xb7c6c000)
>         /lib/ (0xb7ef1000)
> ashish at ashish-desktop:~/Atemp/SSLExamples$ ldd ./openssl/client
> =>  (0xffffe000)
> => /usr/lib/i686/cmov/ (0xb7f61000)
> => /usr/lib/i686/cmov/
> (0xb7e1f000)
> => /lib/tls/i686/cmov/ (0xb7e1a000)
> => /lib/tls/i686/cmov/ (0xb7cd9000)
> => /usr/lib/ (0xb7cc5000)
>         /lib/ (0xb7fae000)
> The necessary programs are also attached. Both the programs simply connect
> to the same server over the internet and issue same queries. No
> certification check is done in either.
> In case I can provide more information on this please let me know.
> Regards,
> Ashish Gupta
> _______________________________________________
> Gnutls-devel mailing list
> Gnutls-devel at
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20080423/709d73dc/attachment.htm>

More information about the Gnutls-devel mailing list