SSL performance results

The results for the DayTrader benchmark application are discussed in this topic.

The benchmark application was executed for both scenarios outlined in this paper. Observations made for each of the scenarios are illustrated in the following.

The benchmark runs are done with different combinations of IBM® System z® cryptographic features. Different key sizes for the asymmetric RSA cipher are also taken into account. The RSA cipher is the most CPU cost intensive part of a SSL cipher suite. The larger the RSA key size the more cost intensive are the cipher operations. This influences the SSL performance and limits the maximum possible transaction throughput.

For a description of the DayTrader benchmark application, see DayTrader.

Table 1 describes the labels used for the cryptographic setups on the following charts.

Table 1. Description of chart labels for the cryptographic setups used
Chart label	Cryptographic setup description
Software	Software means no IBM System z cryptographic features are used to accelerate or offload cryptographic operations. All cryptographic operations are done in fallback routines of the cryptographic libraries and hence will be calculated in software.
CPACF	Only the CP Assist for Cryptographic Function (CPACF) feature is used for symmetric cipher operation acceleration, but no Crypto Express3 (CEX3) features are involved.
1-CEX3[A/C]	One CEX3 adapter is used for the cryptographic setup. The adapter is either configured as a Co-Processor (C) or as an Accelerator (A). The setups also include the CPACF feature.
2-CEX3[A/C]	Two CEX3 adapters are used for the cryptographic setup. The adapters are either configured as Co-Processors (C) or as Accelerators (A). The setups also include the CPACF feature.