network transfer performance

Michael Cronenworth mike at
Fri Jun 15 09:12:04 CEST 2012

On 06/15/2012 01:31 AM, Nikos Mavrogiannopoulos wrote:
>   There are few things you can do to speed a connection up. But first a
> question, is gnutls linked in your system with libgcrypt or libnettle?
> The latter provides a 2x performance boost in most algorithms. Now
> about your selection of algorithms. Why AES-256 and not 128? If
> transfer speed is your only concern ARCFOUR-128 is the cipher with
> best performance. You may also use HMAC-MD5 instead of HMAC-SHA1 to
> boost speed at the cost of using a borderline algorithm.

Fedora uses libgcrypt. 128-bit vs 256-bit didn't provide any tangible 
difference in my testing. I'll give all those ciphers a shot and look 
into using libnettle. Thanks!

More information about the Gnutls-help mailing list