At STH we have been eagerly awaiting the release of OpenSSL 1.1.0. If you saw our Cavium ThunderX Performance Part II piece you will see that we were using a beta 2 (pre-release 5) version to show some of the improvements with OpenSSL 1.1.0. We also have Intel Quick Assist hardware that we were planning to benchmark just as OpenSSL 1.1.0 was released. OpenSSL 1.1.0 was originally slated to come out a few months ago. We finally received word of an expected release date, August 25, 2016:
Barring unforeseen severe defects, we will release OpenSSL 1.1.0 in August 25.
— Rich Salz (@RichSalz) July 30, 2016
There is a new Beta 3 / Pre-Release 6 version of OpenSSL 1.1.0 on the openssl.org website that can be used for testing in the meantime. We are very excited about OpenSSL 1.1.0 as we expect significant performance gains in some areas. Here is an example of a Cavium ThunderX 48 core ARM server’s benefit using the Pre-Release 5 version:
We also expect OpenSSL 1.1.0 to support QuickAssist out of the box. We believe this will make using Intel’s asynchronous OpenSSL technology significantly easier for software developers.
The benefits Intel claims from asynchronous mode are eye-opening. OpenSSL is the de-facto standard encryption tool for web communication. With QuickAssist claiming speed increases of over ten fold this technology has the opportunity to be game changing for many web operations.
We do plan to show off OpenSSL 1.1.0 final performance both as an update to our Cavium ThunderX performance figures as well as with Intel QuickAssist hardware (both add-in cards and integrated controllers.) We just got a new 40GbE switch to handle increased bandwidth needs for this testing.
For those building web applications the new OpenSSL version should offer game changing performance. The new version is expected to be supported through April 30, 2018 making this update important for those using OpenSSL for encryption duties. Stay tuned for more on this development.
