Google makes the web secure and fast
Google makes the web secure and fast
Written by Kay Ewbank   
Friday, 27 May 2011

SSL False Start, a new feature added to Chromium 9, decreases the load time of Secure Sockets Layer (SSL) connections by a claimed 30%.


Making the Internet more secure isn’t easy; too often measures that would increase security are rejected because they slow things down. Web users would, it seems, rather see a site quickly but insecurely than wait for a secure connection.

Researchers at Google say they’ve come up with a way to set up secure connections 30 percent more quickly.

An application called SSL False Start decreases the load time of Secure Sockets Layer (SSL) connections. SSL provides the means to encrypt data between a web browser and server, but because connections are slow to set up, very few major websites have moved on to add permanent SSL/TLS protection to turn HTTP into the more secure HTTPS.

Following recent high-profile hacks of Facebook and Twitter, the option of permanent HTTPS has been added to these sites, and most financial sites insist on it, but far too many other sites let the user connect in an insecure way.

The Google researchers have added a feature to Chrome 9 that makes setting up secure connections more rapid. According to a post on the Chromium Blog, developers at Google have:

"implemented SSL False Start in Chrome 9, and the results are stunning, yielding a significant decrease in overall SSL connection setup times. SSL False Start reduces the latency of a SSL handshake by 30%."



Of course, adding features to a new product is easy; making sure the feature works no matter where it’s used is another matter. If current websites that use HTTPS don’t work with SSL False Start, the developers say, it wouldn’t be deployed. According to the blog post:

“we compiled a list of all known https websites from the Google index, and tested SSL FalseStart with all of them. The result of that test was encouraging: 94.6% succeeded, 5% timed out, and 0.4% failed. The sites that timed out were verified to be sites that are no longer running, so we could ignore them.”

The sites that failed were of more concern, but once sites that failed because of certificate failures or problems unrelated to FalseStart were ruled out, the list of problem sites came down to those that were using SSL from a handful of vendors. The Google team says most of the vendors have fixed the reason behind the problem, while the others have fixes in progress:

“The result is that today, we have a manageable, small list of domains where SSL FalseStart doesn’t work, and we’ve added them to a list within Chrome where we simply won’t use FalseStart.This list is public and posted in the Chromium source code."

A 30 percent reduction in connection setup time is good, but it’s still not perfect. The problem, as any developer who has dabbled with encryption will know only too well, remains both messy and processor hungry.


If you would like to be informed about new articles on I Programmer you can either follow us on Twitter or Facebook or you can subscribe to our weekly newsletter.



Chromebook Tablets - The End of Android?

By Betteridge's law of headlines the answer should be no, but it all depends on what you mean by Android. The first tablet running Chrome OS is now available from Acer, and it is almost certainly [ ... ]

Google Upgrades AIY Project Kits

This is as much about a statement that Google is still serious about its AI education efforts as it is about any new features. The two new kits are complete and ready to go. They take a sort of "batte [ ... ]

More News

Last Updated ( Saturday, 28 May 2011 )

RSS feed of news items only
I Programmer News
Copyright © 2018 All Rights Reserved.
Joomla! is Free Software released under the GNU/GPL License.