Throughput benchmarks
There are the results of comparing the average throughput of a TLSv1.2 quantum insecure connection and a TLSv1.2 connection additionally protected by a post-quantum tunnel.

  • Intel Core i7-7500U CPU 2.7GHz

  • PQLR: v1.3-1011-69fdd8c6
  • OpenSSL: OpenSSL_1_1_1_pqlr_dev-834-v1.2-972-55e66d15
  • stunnel: stunnel-5.56_pqlr_dev-000-v0.4-73-f9ec67e5

Measurement method
  1. All services are started and measured inside one docker-container.
  2. Passing the --cap-add NET_ADMIN option to the container allows you to access the local loop of the docker-container.
  3. The tc utility is used to limit the throughput of the local loop.
  4. The throughput of the local loop during the measurement is limited to 100 Mbps.
  5. A 200MB random string is used as test data on the https-server side. The line is generated in RAM, which excludes the influence of the speed of the HDD / SSD on the measurement results.

The environment has four components:
  • https-client — cURL;
  • stunnel_client: post-quantum tunnel entry point;
  • stunnel_server: post-quantum tunnel exit point;
  • https-server Python based.



The throughput of a TLSv1.2 connection through a post-quantum tunnel is approximately 66% lower than the throughput of a direct TLSv1.2 connection. The results are close for both post-quantum algorithms: NewHope1024 and Saber.