SSL Performance https://www.litespeedtech.com/images/logos/litespeed/litespeed-logo.png 2021-01-27 23:11:00 LiteSpeed delivers both speed and security with SSL/TLS features like TLS sendfile()-like API, SSL Handshake Offloading, Dynamic TLS Record Size, TLS Record Buffering, TLS Certificate Compression and more.

Superior SSL Performance

Don’t sacrifice speed for security. LiteSpeed delivers both!

Speeding Up SSL

You may have heard that secure TLS/SSL encryption must come at a cost to server performance, but LiteSpeed rejects that notion! Our implementation features the following speed-saving measures, all while continuing to keep security paramount.

  • tls record direct

    TLS Record Direct

    Rather than relying on third-party SSL libraries with their heavy, inflexible and bloated code path, LiteSpeed builds the TLS record directly. This minimizes data-copies, and allows the web server to directly control TLS record size in the process.
  • tls sendfile()

    TLS sendfile()

    By implementing an efficient sendfile()-like API, and loading file data directly into the TLS record buffer, LiteSpeed minimizes deep copies and beats kernel TLS (kTLS) efficiency. In a comparison with rival web servers Apache and nginx, LiteSpeed Web Server’s throughput of file streams over TLS almost doubled!
  • ssl handshake offloading

    SSL Handshake Offloading

    The SSL handshake is the most expensive operation in SSL. Event driven servers usually do the SSL handshake in the main event loop thread, But when there is a large number of incoming SSL connections, this method may cause the event loop to become heavily clogged. To utilize multi-core processors in a modern server, LiteSpeed Web Server offloads the handshake operation to separate worker threads. By avoiding blockage of the main event-loop, we improve SSL handshake performance.
  • dynamic tls record size

    Dynamic TLS Record Size

    LSWS dynamically adjusts TLS record size to deliver data in an optimal way under a variety of conditions. When it’s necessary to improve time to first byte, a small TLS record is used to deliver data quickly. When improving throughput is the goal, maximum sized TLS records are used to reduce TLS protocol overhead.
  • tls record buffering

    TLS Record Buffering

    In order to reduce system-call overhead and network-packet-level fragmentation, LSWS combines multiple TLS records together and sends them over one system call.
  • tls certificate compression

    TLS Certificate Compression

    While the IETF is working on the TLS Certificate Compression standard, Google Chrome already supports it. LiteSpeed supports certificate compression, too, thereby reducing the amount of data that server and client exchange during the handshake.

accelerate internet
[

Accelerate Your Internet Now!

]