• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 354
  • Last Modified:

How much over head does SSL or TLS introduced

Hi Experts,

I know how basically how public key encryption works and SSL works,  so after the handshaking all the data that is transfering is encrypted by the private key, so how much overhead (% growth) is introduced compare to unencrypted data? Thanks in advance.
2 Solutions

Here's another experts exchange Q&A on the same topic.

The general rule of thumb for sizing Websense applications is that you can have one SSL connection for every 2 or 3 normal ones. from http://e-docs.bea.com/wls/docs81/capplan/capfact.html#1015724

I would think that the over head for mulitple users is significant enough that high volume web services want to minimize the ammount of time that it is being used. Look at your favorite webmail implimentation, and where it uses SSL. Hotmail for example only uses SSL long enough to establish the session ID, and thats it.

My feeling is that the security provided has diminishing returns in the pric vs. performance comparison and that is what it always seems to boil down to.

Hope this helps,

Rich RumbleSecurity SamuraiCommented:
It would also depend on the cipher chosen, some are faster than others. There are plenty of extras you can buy to off-load ssl load, cisco CSS load-balancers and cisco SCA's can take the burden off the servers for you and issue the ssl from themselves for example. Secure content accelerators http://www.scmagazine.com/us/grouptest/details/63b2d709-2278-4350-953d-b15b085d3808/ssl+accelerators+2005/

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now