After debugging perf issues on lower-end devices like a Pi4 and Pi3, I found that the WebSocket lib was performing a masking operation over the entire buffer sent, as the websocket standard requires. Unfortunately, that masking operation is quite costly; I measured that it doubled the amount of time required to send a ~10kb buffer.

I looked into why the masking is done, and it was added due to the security issue discussed in this paper. The problem is that the paper was published in 2011 and deals with unencrypted web sockets. Since almost all internet traffic WebSockets now use SSL, there have been a few attempts to remove the masking from the protocol since it adds overhead and isn't needed anymore.

I added a simple optional flag to the send call that defaults to masking enabled (as the standard requires), but it allows the client to disable the mask if desired. As I said above, if the client knows the websocket is opened via SSL or it's only being used on a local LAN, the mask is not needed. As I also said, skipping the mask resulted in dropping the send time by half and reducing the CPU percentage required by 10% in my application.

From my testing, most modern web servers will accept client messages without masking, so this seems to be a helpful option for lower-end IOT devices.

If there are any questions, I would love to discuss them!