veyron/runtimes/google/ipc/stream/crypto: Add benchmarks for connection
setup.
This commit only adds the benchmarks and make a strong case for using nacl/box
as the encryption layer since by avoiding unnecessary certification
verification, the handshake time improves by 140x on my desktop and 10x on the
raspberry pi.
The benchmarks demonstrate (and mimic real-world usage) that connection setup
to a Pi takes 3 seconds with the current code and can be improved to 200ms
using the box crypter.
I also tried the TLS benchmarks using an ECDSA certificate and the
ECDHE_ECDSA_WITH_RC4_128_SHA cipher suite instead of an RSA certificate
with TLS_ECDHE_RSA_WITH_RC4_128_SHA. Switching to ECDSA certificates
also improves time considerably, but really we need to figure out
a way to avoid certificate verification (especially since we do not
place any faith in these certificates). Either by switching to box
or by using TLS_DH_anon_* or some family of cipher suites in TLS.
Benchmark summary:
Desktop (Intel Xeon 3.2Ghz)
us-per-handshake speedup
TLS with RSA keys 32938 1x (baseline)
TLS with ECDSA keys 8143 4x
Box 223 147x
Raspberri Pi ms-per-handshake speedup
TLS with RSA keys 2856 1x (baseline)
TLS with ECDSA keys 739 3x
Box 290 10x
Change-Id: Icb60a3cc1be33ff63c3b2a0562fbf18feff38753
1 file changed