Pycrypto - active ??

[Paul Rubin]

"Frank Millman" <frank at chagford.com> writes:
> I have revisited what I did a week ago, and I now recall that I *did*
> successfully install GMPY, but it made no difference to the speed of
> TLSLite. I could try to dig deeper by examining the source code of
> TLSLite, but it is low priority for me at present. The fact that I got
> SSL/TLS working is a big win, and the speed test was a theoretical
> exercise. For practical purposes, it is fast enough.

TLSLite's main causes of slowness are: 1) time needed compiling and
loading all the modules, especially the first time you run it in a new
installation; 2) very slow speed of the symmetric ciphers implemented
in Python.  You need m2crypto, cryptlib, or pycrypto to speed these
symmetric operations up.

GMPY speeds up the public key operations, which otherwise use Python's
native long int arithmetic.  But the public key operation is done only
at the start of the session, and Python's arithmetic (though slower
than GMPY) is implemented in C and is not all that bad.  On a modern
machine, the difference from GMPY is maybe a few tens of milliseconds
at the start of the TLS session, and none at all (the public key phase
is finished) once the session is established.

TLSLite is so far not really a complete SSL implementation by itself.
It doesn't know how to properly check the signatures on certificate
chains.  It has to use an external module like m2crypto for that.