SSL FalseStart Performance Results
Wednesday, May 18, 2011
Labels: chromium, security, ssl
Last year, Google’s Adam Langley, Nagendra Modadugu, and Bodo Moeller proposed SSL False Start, a client-side only change to reduce one round-trip from the SSL handshake.
We implemented SSL False Start in Chrome 9, and the results are stunning, yielding a significant decrease in overall SSL connection setup times. SSL False Start reduces the latency of a SSL handshake by 30%1. That is a big number. And reducing the cost of a SSL handshake is critical as more and more content providers move to SSL.
Our biggest concern with implementing SSL False Start was backward compatibility. Although nothing in the SSL specification (also known as TLS) explicitly prohibits FalseStart, there was no easy way to know whether it would work with all sites. Speed is great, but if it breaks user experience for even a small fraction of users, the optimization is non-deployable.
To answer this question, we compiled a list of all known https websites from the Google index, and tested SSL FalseStart with all of them. The result of that test was encouraging: 94.6% succeeded, 5% timed out, and 0.4% failed. The sites that timed out were verified to be sites that are no longer running, so we could ignore them.
To investigate the failing sites, we implemented a more robust check to understand how the failures occurred. We disregarded those sites that failed due to certificate failures or problems unrelated to FalseStart. Finally, we discovered that the sites which didn’t support FalseStart were using only a handful of SSL vendors. We reported the problem to the vendors, and most have fixed it already, while the others have fixes in progress. The result is that today, we have a manageable, small list of domains where SSL FalseStart doesn’t work, and we’ve added them to a list within Chrome where we simply won’t use FalseStart. This list is public and posted in the chromium source code. We are actively working to shrink the list and ultimately remove it.
All of this represents a tremendous amount of work with a material gain for Chrome SSL users. We hope that the data will be confirmed by other browser vendors and adopted more widely.
1Measured as the time between the initial TCP SYN packet and the end of the TLS handshake.
12 comments:
Nick Wiedenbrück said...
Well done!
May 19, 2011 12:10 AM
Mantas Pakenas said...
Great feat! Thank you!
May 19, 2011 12:36 AM
MK said...
Cool!
May 19, 2011 12:57 AM
fordred said...
For anyone interested, the list can be found here,
http://codesearch.google.com/codesearch/p#OAMlx_jo-ck/src/net/base/ssl_false_start_blacklist.txt
May 19, 2011 2:36 AM
Marcelo said...
Great! But I have two questions:
1) False Start is already running in Chrome/Chromium since version...? 12?
2) Can it be disabled from somewhere without recompiling?
Regards
May 19, 2011 10:26 AM
Chrelad said...
Great job Chrome team :)
May 19, 2011 10:29 AM
wtc said...
Marcelo: you can disable False Start with the
--disable-ssl-false-start command-line option.
May 19, 2011 2:10 PM
richardwhiuk said...
Google's approach seems to be the same to every problem. Take problem, apply huge dataset and then produce result.
I'm glad your pushing the future of the web along so quickly!
May 20, 2011 3:46 PM
Gary said...
This is great work - HTTPS Sites are often slow to load so well done to the Google team working on this to get such positive results.
May 21, 2011 12:45 AM
Tomer said...
Faster SSL handshake is good, but unless we find a way to make valid SSL/TLS certificates available to multiple sites on the same host, SSL won't get common.
As soon as hosting sites such as DreamHost would be able to offer SSL for everyone on shared hosting without additional costs, secure web would be a reality.
May 21, 2011 5:00 AM
David said...
May 21, 2011 7:12 AM
David said...
@Tomer - I suggest pushing for widespread SNI (Server Name Indication) adoption!
http://tools.ietf.org/html/rfc6066#section-3
May 21, 2011 7:14 AM
Post a Comment