Use of KTLS (kernel TLS) for speeding up handshake

[Zabrah]

I've read of kTLS (kernel TLS), which puts some of the processing of a TLS handshake right into the kernel (Linux, FreeBSD), which speeds up the handshake.

Since TLS is one of the slowest parts of some Node Webservers (the first handshake before session resumption) and since a team was built up especially for upgrading Node.js performance, this could be a project to do so.

[bnoordhuis]

As someone who has written kTLS code for Linux: it isn't noticeably faster than openssl unless the kernel can offload encryption to dedicated hardware. In fact, without hardware support openssl probably has a small edge over the kernel.

[bnoordhuis]

Oh, and to address this point:

Since TLS is one of the slowest parts of some Node Webservers (the first handshake before session resumption)

You still need to perform the handshake in user space. kTLS doesn't really handle the protocol, only encryption/decryption.

[bnoordhuis]

#47970 reminded me of the one use case where kTLS does have a clear edge over openssl: sending large files over TLS.

That's not a common use case for node however (people normally hand off file serving to a reverse proxy like nginx) and, as the pull request shows, we're not even close to doing it well over HTTP, let alone HTTPS.

Having said that, openssl supports this specific use case through its SSL_sendfile() function. If properly configured, it uses sendfile(2) over kTLS on Linux and FreeBSD. Callers must handle ERR_R_INTERNAL_ERROR in case kTLS isn't functional, however.

Long story short, if you or anyone else want to investigate, you know where to start now =)