Re: [TLS] TLS Record Size Limitation

"Yngve N. Pettersen" <> Tue, 08 December 2015 11:20 UTC

Return-Path: <>
Received: from localhost ( []) by (Postfix) with ESMTP id 628281B29BB for <>; Tue, 8 Dec 2015 03:20:59 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -0.002
X-Spam-Status: No, score=-0.002 tagged_above=-999 required=5 tests=[BAYES_40=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id LQRy-GDboOuR for <>; Tue, 8 Dec 2015 03:20:57 -0800 (PST)
Received: from ( [IPv6:2a01:5b40:0:252::55]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 383C41AD1F5 for <>; Tue, 8 Dec 2015 03:20:56 -0800 (PST)
Received: from ([]:63612 helo=killashandra.invalid.invalid) by with esmtpsa (TLS1.2:DHE_RSA_AES_256_CBC_SHA256:256) (Exim 4.80) (envelope-from <>) id 1a6GKD-0007KQ-S6; Tue, 08 Dec 2015 12:20:53 +0100
Content-Type: text/plain; charset=iso-8859-15; format=flowed; delsp=yes
To: "Dave Garrett" <>, "Software Engineer 979" <>, "Peter Gutmann" <>
References: <> <> <>
Date: Tue, 08 Dec 2015 12:20:39 +0100
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: "Yngve N. Pettersen" <>
Message-ID: <op.x9bogpkt3dfyax@killashandra.invalid.invalid>
In-Reply-To: <>
User-Agent: Opera Mail/12.17 (Win32)
Archived-At: <>
Cc: "" <>
Subject: Re: [TLS] TLS Record Size Limitation
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Tue, 08 Dec 2015 11:20:59 -0000

On Tue, 08 Dec 2015 11:11:52 +0100, Peter Gutmann  
<> wrote:

> Dave Garrett <> writes:
>> A TLS extension to negotiate max length might be viable.
> I think a better starting point would be to look at the implementation  
> that's
> causing the problem.  There's nothing magical about a 16K max segment  
> size
> that causes poor performance, TCP typically has an MSS of 1400-1500  
> bytes, one
> tenth of the TLS segment size, without there being a 187% loss in  
> throughput
> so it looks like the problem is in the implementation, not the  
> protocol.  I
> don't see any reason why you couldn't get close to wire speeds, or at  
> least
> min( crypto speed, wire speed ) for TLS for a properly-done  
> implementation.

Based on my past experience, a possible reason is that the code does the  

   read data from socket
   decrypt data
   handle application data

rather than:

read event handler:
   read data from socket
   queue data for decryption
   signal decryption handler

decryption handler:
   decrypt data
   handle application data

Another factor I have seen influencing speed is the size of the buffer  
reading from the socket, bigger buffer gives better speed. Within reason,  
of course; IIRC the benefit of increasing the buffer stops at around 5-10%  
of the connection speed. A good rule of thumb is that the buffer should be  
larger than the largest block that you will ever receive over the  
computer's local connection, provided you read the arriving data when you  
are notified about the data.

I recently saw 10x+ speed increase by changing an application's handling  
of these two aspects (on Windows). In that case 300KB buffer was  
sufficient, but I prefer a 1 MB buffer.

Yngve N. Pettersen