Performance between tls with hpkp

0 投票
最新提问 用户: (140 分)

I'm looking for a performance comparison between a connection to one server with "classic" tls (no hpkp enabled) and another one with tls with hpkp enabled. Where I can find these information or where can I find steps or a guide to follow?

Any help would be highly appreceated.


0 投票
最新回答 用户: (2.1k 分)

HPKP only consists of an additional check which compares the fingerprint of the public key in the certificate against a known value. This is a very cheap operation compared to all the other operations which need also to be done on a full TLS handshake, like:

  • validating the certificate chain is more expensive than checking the fingerprint only
  • key exchange is way more expensive then validating the certificate chain
  • and the costs of communication are usually way higher unless you have a low-latency connection or a very slow CPU

In summary: you will probably not be able to measure any performance impact caused by HPKP.

欢迎来到 Security Q&A ,有什么不懂的可以尽管在这里提问,你将会收到社区其他成员的回答。