Increasing SSL and TLS performance
Situation
If you use a specific cipher suite, like TLS-ECDHE-ECDSA-WITH-AES-128-CBC-SHA256 on your embedded platform, when you benchmark the individual cipher and hash speeds, the performance may be:
AES-128-CBC: 321 Kb/s
SHA256-HMAC: 441 Kb/s
You expect a reasonable performance speed for your SSL connection as well. However, when you benchmark the sent and received SSL/TLS data, the performance is only about 9 Kb/s.
Explanation
The overhead of the SSL debug module should be negligible when mbedtls_debug_set_threshold( 0 );
is called. You may still want to disable MBEDTLS_DEBUG_C in mbedtls_config.h
in order to reduce the footprint and get the last few percent of performance improvement.