How does OpenSSL Compare with wolfSSL?
There are a lot of different metrics to compare when choosing between two TLS libraries. Some of those include heap usage and performance.
Heap Usage:
For heap usage wolfSSL can be significantly smaller — using 100’s of kilobytes less to handle an incoming TLS connection. The following is comparisons collected using a simple server example that was unaltered and linked against the two different TLS libraries. The same cipher suite ECDHE-RSA-AES256-GCM-SHA384 was used for all connections. The graphs were generated using Valgrinds massif tool.
OpenSSL 3.0.0 Used 800+Kb
OpenSSL 1.1.1 Used 200+ Kb
wolfSSL 5.2.0 Used 38.1 Kb
./configure –enable-opensslextra
wolfSSL 5.2.0 configured for a smaller build used 27.1 Kb
./configure –enable-opensslextra –enable-sp-math-all=small –enable-sp=small
Performance:
Both TLS implementations have assembly optimizations done for hardware commonly used in desktops. Such as Intel’s AVX or AESNI instructions and ARMv8’s crypto extensions. In many cases wolfSSL is slightly faster on those platforms. With embedded platforms like STM32F7 and PIC32MZ, only wolfSSL has hardware acceleration support. Independently done webserver stress tests making use of available optimizations in each of the TLS implementations have shown that wolfSSL can more than double the number of connections per second achieved when compared with OpenSSL version 1.1.1.
If you have questions about any of the above, please contact us at facts@wolfSSL.com or call us at +1 425 245 8247.
Download wolfSSL Now