I wish there was an easy answer to this question. Like you pointed out it is hardware dependent but software stack plays a big part. For instance, the JVM you're running makes a difference too. Cassandra comes with netty and IIRC we include tcnative which accelerates TLS. You could also slip Amazon's Corretto Crypto Provider into your runtime. I am not suggesting using everything all at once but a combination of libraries, runtimes, JVM, OS, cipher suites can make a big difference. Therefore it is best to try it out on your stack.
Typically modern hardware has accelerators for common encryption algorithms. If the software stack enables you to optimally take advantage of the hardware then you could see very little to no impact on latencies. Cassandra maintains persistent connections therefore the visible impact is on connection establishment time (TLS handshake is expensive). Encryption will make thundering herd problems worse. You should watch out for those two issues. Dinesh > On Feb 5, 2022, at 3:53 AM, onmstester onmstester <onmstes...@zoho.com> wrote: > > Hi, > > Anyone measured impact of wire encryption using TLS > (client_encryption/server_encryption) on cluster latency/throughput? > It may be dependent on Hardware or even data model but I already did some > sort of measurements and got to 2% for client encryption and 3-5% for client > + server encryption and wanted to validate that with community. > > Best Regards > > Sent using Zoho Mail <https://www.zoho.com/mail/> > >
