TLS中的客户端密钥交换速度慢?

信息安全 密码学 tls
2021-08-21 05:53:18

我一直在对我的 TLS 性能进行基准测试,我注意到在“写入客户端密钥交换”阶段,与所有其他操作相比,开销很大。我想知道是否有什么我可以做的来加快这个速度?

40348.989720O ssl_info_callback SSL_connect SSLv3 read server certificate A
140348.989934O ssl_info_callback SSL_connect SSLv3 read server key exchange A
140348.989954O ssl_info_callback SSL_connect SSLv3 read server certificate request A
140348.989968O ssl_info_callback SSL_connect SSLv3 read server done A
140348.990606O ssl_info_callback SSL_connect SSLv3 write client certificate A
140349.29131O ssl_info_callback SSL_connect SSLv3 write client key exchange A
140349.35914O ssl_info_callback SSL_connect SSLv3 write certificate verify A
140349.36013O ssl_info_callback SSL_connect SSLv3 write change cipher spec A
140349.36062O ssl_info_callback SSL_connect SSLv3 write finished A
140349.36077O ssl_info_callback SSL_connect SSLv3 flush data
140349.36094O ssl_info_callback SSL_connect error in SSLv3 read server session ticket A

基于此,看起来客户端密钥交换大约需要 300 毫秒

1个回答

在您的客户端收到服务器的证书后,可能是客户端尝试检查证书吊销。

将服务器的 CA 证书保存到文件并使用 -CACert 参数(或 -CAPath)。

其它你可能感兴趣的问题
上一篇如何将下载的视频安全地存储到设备的 SD 卡中? 下一篇数字取证远程教育计划