network transfer performance

Nikos Mavrogiannopoulos nmav at
Fri Jun 15 08:31:51 CEST 2012

On Fri, Jun 15, 2012 at 12:17 AM, Michael Cronenworth <mike at> wrote:

> Yes, I realize SSL connections have overhead, but with my system[1] I
> feel like data transfer should be faster than 10MB/second.
> Is what I am seeing normal (AES processing) or is there anything I can
> do to speed any of this up?

> Core i5 750 (quad core 2.6ghz)
> Fedora 17 x86_64
> GnuTLS 2.12.17
> Priorities: "NONE:+VERS-TLS1.1:+AES-256-CBC:+RSA:+SHA1:+COMP-NULL"

Hello Michael,
 There are few things you can do to speed a connection up. But first a
question, is gnutls linked in your system with libgcrypt or libnettle?
The latter provides a 2x performance boost in most algorithms. Now
about your selection of algorithms. Why AES-256 and not 128? If
transfer speed is your only concern ARCFOUR-128 is the cipher with
best performance. You may also use HMAC-MD5 instead of HMAC-SHA1 to
boost speed at the cost of using a borderline algorithm.


More information about the Gnutls-help mailing list