Skip to content
This repository has been archived by the owner on Aug 19, 2022. It is now read-only.

use TLS session resumption #69

Open
wants to merge 2 commits into
base: master
Choose a base branch
from
Open

Conversation

marten-seemann
Copy link
Collaborator

The purpose of this PR is to evaluate what it would take to use TLS session resumption. Session tickets are stored in the peerstore. We store a maximum of 3 session tickets in a LIFO cache.

The improvements of session resumption in our case are moderate: We decrease the number of bytes that the server sends (as it doesn't have to present a certificate chain), however, the number of bytes the client sends doesn't enjoy the same benefit. This is because the Go standard library implementation saves the client's certificate chain in the session ticket (so it can re-verify it on resumed connections).

Here are some measurements for the 4 different key types that we support in libp2p:
RSA:
1st handshake: Sent: 1308. Received: 1281.
2nd handshake: Sent: 1336. Received: 517.

ECDSA:
1st handshake: Sent: 909. Received: 883.
2nd handshake: Sent: 938. Received: 517.

Ed25519:
1st handshake: Sent: 839. Received: 811.
2nd handshake: Sent: 868. Received: 517.

secp256k1:
1st handshake: Sent: 846. Received: 823.
2nd handshake: Sent: 876. Received: 517.

@marten-seemann marten-seemann force-pushed the session-resumption branch 2 times, most recently from 7c3be52 to 7605837 Compare August 1, 2020 04:21
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant