Transport Layer Security (TLS) is the most commonly used security protocol to encrypt web traffic. TLS connections are computationally expensive to set up, so the TLS protocol supports session resumption, where previously negotiated connection parameters can be used to short- circuit the TLS handshake. The server assigns new sessions a session identifier (ID) and caches each session by its ID so it can be retrieved later. As clients come and go, sessions in the server's cache will have to be evicted according to the server's eviction policy. We find that first-in-first-out (FIFO) and least-recently- used (LRU) are the most common session cache eviction policies among popular TLS libraries, however, for applications whose clients connect at regular intervals, such as mobile advertising, the performance of these policies may be far worse than randomly evicting policies from the cache. To handle this, we propose a novel eviction policy for TLS session caches, predictive eviction, that relies on the server knowing the next time each client will connect again. Using a real-world application of such a policy, Android in-application advertising, we build a client that is able to simulate the behavior of a large number of devices requesting mobile advertisements over TLS. We use this simulated client to benchmark the hit rate of the predictive policy compared with eviction policies found in popular TLS library implementations. In addition, we demonstrate that our policy can be implemented efficiently by benchmarking its performance in transactions per second compared with OpenSSL's session cache implementation, and compared with TLS session tickets (an alternative to session caching for resuming TLS sessions). We find that our policy has better hit rate performance than other eviction policies, and can achieve comparable performance to session tickets. To the best of our knowledge, this is the first study of the performance of TLS session resumption strategies.
[1]
Laszlo A. Belady,et al.
A Study of Replacement Algorithms for Virtual-Storage Computer
,
1966,
IBM Syst. J..
[2]
Arthur P. Goldberg,et al.
Secure Web Server Performance Dramatically Improved by Caching SSL Session Keys
,
1998
.
[3]
Debanjan Saha,et al.
Transport layer security: how much does it really cost?
,
1999,
IEEE INFOCOM '99. Conference on Computer Communications. Proceedings. Eighteenth Annual Joint Conference of the IEEE Computer and Communications Societies. The Future is Now (Cat. No.99CH36320).
[4]
R. Iyer,et al.
Architectural impact of secure socket layer on Internet servers
,
2000,
Proceedings 2000 International Conference on Computer Design.
[5]
OpenSSL.
OpenSSL : The open source toolkit for SSL/TSL
,
2002
.
[6]
D. Berbecaru.
On Measuring SSL-based Secure Data Transfer with Handheld Devices
,
2005,
2005 2nd International Symposium on Wireless Communication Systems.
[7]
Laxmi N. Bhuyan,et al.
Anatomy and Performance of SSL Processing
,
2005,
IEEE International Symposium on Performance Analysis of Systems and Software, 2005. ISPASS 2005..
[8]
Dan S. Wallach,et al.
Performance analysis of TLS Web servers
,
2006,
TOCS.
[9]
Eric Rescorla,et al.
The Transport Layer Security (TLS) Protocol Version 1.2
,
2008,
RFC.
[10]
Hao Zhou,et al.
Transport Layer Security (TLS) Session Resumption without Server-Side State
,
2008,
RFC.
[11]
Steven Myers,et al.
A Study of the Performance of SSL on PDAs
,
2009,
IEEE INFOCOM Workshops 2009.
[12]
Xuxian Jiang,et al.
Unsafe exposure analysis of mobile in-app advertisements
,
2012,
WISEC '12.
[13]
Hao Chen,et al.
Investigating User Privacy in Android Ad Libraries
,
2012
.
[14]
E. Heindl.
Falling Asleep with Angry Birds, Facebook and Kindle - A Large Scale Study on Mobile Application Usage
,
2014
.