TLS 1.3 Taking too much CPU

0 votes
asked Aug 11 by tkhasss (220 points)

Hi! I'd like to know why does TLS 1.3 take too much CPU?

Applies to: Rebex TLS, Rebex HTTPS
commented Aug 11 by tkhasss (220 points)
Just 3-5 threads of concurrent HTTPS requests over TLS 1.3 connection makes my CPU work at 99%

1 Answer

0 votes
answered Sep 3 by Lukas Pokorny (124,570 points)

TLS 1.3 CPU usage indeed seems to be a bit too much in many scenarios, and we do plan improvements in this area in the future.

However, at the moment, we are still busy adding some features such as OCSP that are perceived us must-have by customers using Rebex HTTPS on legacy platforms, which are currently the component's major use case.

Also, due to the fact that Rebex HTTPS is mostly targeted at legacy platforms, it's HTTP internals are mostly implemented using classic synchronous code, which is not a good match for our fully-asynchronous TLS 1.3 implementation.

Therefore, users looking for performance and scalability are advised to consider using the low-level Rebex TLS API instead and check out the HttpsGet sample app - when compiled for .NET 5.0 and executed in quiet mode, its CPU usage is considerably lower (even compared with the same app compiled for .NET 4.x).

...