论文信息 - Design of an enhancement for SSL/TLS protocols

Design of an enhancement for SSL/TLS protocols

When studying the Transport Layer Security (TLS) Protocol, it is noticed that the most time-consuming phase is the handshaking process between the client and the server, since many messages should be sent until successful negotiation is done and a secure session is created. The goal of this work is to design a security management system (SMS) to improve the handshaking process by making use of TLS client-side session caching, and allowing trusted users to share sessions with others, as well as giving the client an option to create his own private session with the server even when there is no trusted digital certificate from a certificate authority (CA) to link them. According to our experimental setup, the use of the proposed design has improved the performance by 3.5 times relative to the handshaking of traditional TLS.

Tarek S. Sobh | Mohammed Zaki | Ashraf Elgohary

[1] Gregorio Díaz,et al. Automatic verification of the TLS handshake protocol , 2004, SAC '04.

[2] Christopher Allen,et al. The TLS Protocol Version 1.0 , 1999, RFC.

[3] Hovav Shacham,et al. Client-side caching for TLS , 2004, TSEC.

[4] Partha Dasgupta,et al. Secure wireless gateway , 2002, WiSE '02.

[5] Satoshi Hada,et al. Session authentication protocol for Web services , 2002, Proceedings 2002 Symposium on Applications and the Internet (SAINT) Workshops.

[6] Chris McDonald,et al. Kerberos Assisted Authentication in Mobile Ad-hoc Networks , 2004, ACSC.

[7] Eric Rescorla,et al. SSL and TLS: Designing and Building Secure Systems , 2000 .

[8] Angelos D. Keromytis,et al. Trust management for IPsec , 2002, TSEC.

[9] Hovav Shacham,et al. Improving SSL Handshake Performance via Batching , 2001, CT-RSA.

[10] W. Chou. Inside SSL: accelerating secure transactions , 2002 .

[11] Srivaths Ravi,et al. System design methodologies for a wireless security processing platform , 2002, DAC '02.

[12] Anand Raghunathan,et al. Securing wireless data: system architecture challenges , 2002, 15th International Symposium on System Synthesis, 2002..