I think that .1 CPU second is about right for a fast RISC machine to do a DH key exchange + PK mutual authentication. A server dealing with many new clients per second would need to throw on another CPU to handle the load. Such is the cost of security.