Client-side caching for TLS

11 November 2004

journal article
Published by Association for Computing Machinery (ACM) in ACM Transactions on Information and System Security

Vol. 7 (4) , 553-575
https://doi.org/10.1145/1042031.1042034

Abstract

We propose two new mechanisms for caching handshake information on TLS clients. The "fast-track" mechanism provides a client-side cache of a server's public parameters and negotiated parameters in the course of an initial, enabling handshake. These parameters need not be resent on subsequent handshakes. Fast-track reduces both network traffic and the number of round trips, and requires no additional server state. These savings are most useful in high-latency environments such as wireless networks. The second mechanism, "client-side session caching," allows the server to store an encrypted version of the session information on a client, allowing a server to maintain a much larger number of active sessions in a given memory footprint. Our design is fully backward-compatible with TLS: extended clients can interoperate with servers unaware of our extensions and vice versa. We have implemented our fast-track proposal to demonstrate the resulting efficiency improvements.

Keywords

This publication has 5 references indexed in Scilit:

Securing electronic commerce: reducing the SSL overhead
IEEE Network, 2000
Inductive analysis of the Internet protocol TLS
ACM Transactions on Information and System Security, 1999
The TLS Protocol Version 1.0
Published by RFC Editor ,1999
Privacy and authentication: An introduction to cryptography
Proceedings of the IEEE, 1979
Space/time trade-offs in hash coding with allowable errors
Communications of the ACM, 1970