TLS connection setup time benchmarks
There are the results of comparing the time taken to install TLSv1.3, using post-quantum algorithms and classical algorithms. A comparison is made for various combinations of quantum-resistant KEMs and signatures versus using the common ECDH and RSA.

The benchmark was carried out in the environment of CI benchmark_1

  • PQLR: 1.4 - 4c440394
  • OpenSSL: OpenSSL_1_1_1_pqlr_v1.3rc8-78c5230c
  • PQLR engines: v0.4-rc5-fa46e9c5

Measurement method
Measurement occurs from the start of the call to establish a connection until the arrival of a successful connection event in the client's callback. The network device used is a bridge to the docker virtual device, the choice is due to the desire to minimize the impact of network interaction.



    1. The quantum-resistant KEM NewHope1024 algorithm is about 25% lower than the classic X25519 curves.
    2. Sphincs + quantum-resistant signature is two orders slower than classic RSA.
    3. Falcon's quantum-resistant signature combined with KEM NewHope1024 wins over classical algorithms by 14%.
    4. Falcon's quantum-resistant signature in combination with Saber classic performs 26% better than classic algorithms. KEM Saber classic faster or comparable to ECDH.