SSL Speed: 128 vs 256 bit


I've decided to encrypt my entire site with SSL, even if only parts of it are actually necessary. End result being that the site is now a bit slower. So, my questions are:

  1. Should I have only encrypted the members section of the site (keeping in mind I do have login forms on the frontpage)?
  2. Should I perhaps decrease the encryption to 128 bit?

Is the speed difference significant if the site is generally small?

Best Solution

There are a couple different factors that influence SSL speed.

  1. Server load. You'll increase your server's CPU workload by encrypting all traffic. However, especially on modern hardware, this shouldn't result in a really noticeable difference except for very high traffic sites.

  2. Key size of the symmetric encryption. This I assume is what you mean by decrease the encryption to 128 bit. Probably this is not a significant factor in the overall speed. You can benchmark openssl by running e.g. openssl speed aes. You'll probably find that AES 256 is not much slower than AES 128.

  3. SSL handshake speed. The SSL handshake introduces several additional round trips between client and server that aren't needed in plain HTTP. This means that especially on high latency links it will be longer before you start getting any data from the server. To mitigate this, you can do a few different things:

    a. Use a 2048 bit RSA private key. This is the currently recommended size as a tradeoff between security and speed. Larger keys will take longer to transfer between client and server, and will be marginally more CPU intensive. (See openssl speed rsa2048 rsa4096.)

    b. Make sure you're using HTTP keepalive and SSL session resumption. HTTP keepalive will allow clients to reuse existing connections to the server for multiple requests, avoiding the need to set up the connection again. SSL session resumption lets the client and server use their previously agreed upon SSL parameters to start up new sessions more quickly, reducing the number of round trip packets required for a new request.

It can be tricky to get the protection right when only some of your pages are served over SSL. You'll definitely want to serve the login form and the page it posts to over HTTPS. You should also set the Secure flag on session cookies, otherwise any plaintext communication with the server will contain the cookie and allow eavesdroppers to impersonate users' sessions.

But in general it's probably not worth the effort trying to figure out which pages need to be protected, given how easy it is to just encrypt everything. For best security, you should also be sure that you've set up your web server so that it passes the SSL Server Test from Qualys SSL Labs.

Good benchmarking tools will probably depend on your platform. If you're on linux, you might try the ab command which comes with apache: