>RSA key size only affects handshake, and should be costly client side only if >>using client-auth; are you?No; as client and server code is under my >responsability, I chosed to also asked for client-auth. Still, I don't see how >this could be the reason for my slowdown given the overall data transmission >length; I will anyways give a try with a smaller key but I'm pretty sure that >it will have no influence. >Data handling speed will normally be affected by >encryption *and* MAC (usually >HMAC). True, in my case, SHA is negociated; don't really know why HMAC is not selected BTW, any idea ? >You could certainly try different data (symmetric) cipher, such as 3DES or RC4. They are less secure than AES256 (that I'm using), but I guess I will have to make a compromise so yes I believe that's the most obvious hint.>I don’t know for Atom and ARM Ok; what about engines, is there anyone for SPEAr320 (the ARM-based SoC I will use along with Atom) ? It has its own cryptographic accelerator that supports AES but I hardly understand how I can use it; I only get that engines should be the way, but then I probably need a Linux kernel driver also right ?>If you have 1.0.1 at both ends, or otherwise have TLSv1.2 at both ends, you >could try the GCM ciphersuites, >which combine encryption with MAC into one operation. By 'MAC' you mean hashing operation right ? I will see if I can do this also.Thanks a lot for answering,Best regardsLaurent
Une messagerie gratuite, garantie à vie et des services en plus, ça vous tente ? Je crée ma boîte mail www.laposte.net