{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,9,17]],"date-time":"2025-09-17T15:53:57Z","timestamp":1758124437605,"version":"3.41.0"},"reference-count":28,"publisher":"Association for Computing Machinery (ACM)","issue":"4","license":[{"start":{"date-parts":[[2004,11,11]],"date-time":"2004-11-11T00:00:00Z","timestamp":1100131200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":["ACM Trans. Inf. Syst. Secur."],"published-print":{"date-parts":[[2004,11,11]]},"abstract":"<jats:p>We propose two new mechanisms for caching handshake information on TLS clients. The \"fast-track\" mechanism provides a client-side cache of a server's public parameters and negotiated parameters in the course of an initial, enabling handshake. These parameters need not be resent on subsequent handshakes. Fast-track reduces both network traffic and the number of round trips, and requires no additional server state. These savings are most useful in high-latency environments such as wireless networks. The second mechanism, \"client-side session caching,\" allows the server to store an encrypted version of the session information on a client, allowing a server to maintain a much larger number of active sessions in a given memory footprint. Our design is fully backward-compatible with TLS: extended clients can interoperate with servers unaware of our extensions and vice versa. We have implemented our fast-track proposal to demonstrate the resulting efficiency improvements.<\/jats:p>","DOI":"10.1145\/1042031.1042034","type":"journal-article","created":{"date-parts":[[2005,1,26]],"date-time":"2005-01-26T16:35:53Z","timestamp":1106757353000},"page":"553-575","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":14,"title":["Client-side caching for TLS"],"prefix":"10.1145","volume":"7","author":[{"given":"Hovav","family":"Shacham","sequence":"first","affiliation":[{"name":"Stanford University, Stanford, CA"}]},{"given":"Dan","family":"Boneh","sequence":"additional","affiliation":[{"name":"Stanford University, Stanford, CA"}]},{"given":"Eric","family":"Rescorla","sequence":"additional","affiliation":[{"name":"Stanford University, Stanford, CA"}]}],"member":"320","published-online":{"date-parts":[[2004,11,11]]},"reference":[{"key":"e_1_2_1_1_1","unstructured":"Abbott S. and Keung S. 1998. CryptoSwift Version 2 Performance on Netscape Enterprise Server. Available at http:\/\/www.cryptoswift.cz\/csw-labs\/NSE351-CSv2-NT\/NS351-CSv2.html.]]  Abbott S. and Keung S. 1998. CryptoSwift Version 2 Performance on Netscape Enterprise Server. Available at http:\/\/www.cryptoswift.cz\/csw-labs\/NSE351-CSv2-NT\/NS351-CSv2.html.]]"},{"volume-title":"Proceedings of IEEE Infocom '99","author":"Apostolopoulos G.","key":"e_1_2_1_2_1","unstructured":"Apostolopoulos , G. , Peris , V. , and Saha , D . 1999. Transport layer security: How much does it really cost? In Proceedings of IEEE Infocom '99 , A. K. Choudhury and N. Shroff, Eds. IEEE, 717--725.]] Apostolopoulos, G., Peris, V., and Saha, D. 1999. Transport layer security: How much does it really cost? In Proceedings of IEEE Infocom '99, A. K. Choudhury and N. Shroff, Eds. IEEE, 717--725.]]"},{"key":"e_1_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1109\/65.855475"},{"key":"e_1_2_1_4_1","unstructured":"Blake-Wilson S. Nystrom M. Hopwood D. Mikkelsen J. and Wright T. 2003. RFC 3546: TLS Extensions.]]  Blake-Wilson S. Nystrom M. Hopwood D. Mikkelsen J. and Wright T. 2003. RFC 3546: TLS Extensions.]]"},{"key":"e_1_2_1_5_1","volume-title":"Proceedings of Crypto","author":"Bleichenbacher D.","year":"1998","unstructured":"Bleichenbacher , D. 1998. Chosen ciphertext attacks against protocols based on RSA encryption standard pkcs &num;1 . In Proceedings of Crypto 1998 , H. Krawczyk, Ed . Lecture Notes in Computer Science, vol. 1462 . Springer-Verlag , Berlin, 1--12.]] Bleichenbacher, D. 1998. Chosen ciphertext attacks against protocols based on RSA encryption standard pkcs &num;1. In Proceedings of Crypto 1998, H. Krawczyk, Ed. Lecture Notes in Computer Science, vol. 1462. Springer-Verlag, Berlin, 1--12.]]"},{"key":"e_1_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1145\/362686.362692"},{"key":"e_1_2_1_7_1","volume-title":"Tech. Rep. CSTR-95-021, Department of Computer Science","author":"Bradley J.","year":"1995","unstructured":"Bradley , J. and Davies , N . 1995 . Analysis of the SSL protocol. Tech. Rep. CSTR-95-021, Department of Computer Science , University of Bristol.]] Bradley, J. and Davies, N. 1995. Analysis of the SSL protocol. Tech. Rep. CSTR-95-021, Department of Computer Science, University of Bristol.]]"},{"key":"e_1_2_1_8_1","first-page":"V","article-title":"Remote timing attacks are practical","volume":"2003","author":"Brumley D.","year":"2003","unstructured":"Brumley , D. and Boneh , D. 2003 . Remote timing attacks are practical . In Proceedings of USENIX Security 2003 , V . Paxson, Ed. USENIX.]] Brumley, D. and Boneh, D. 2003. Remote timing attacks are practical. In Proceedings of USENIX Security 2003, V. Paxson, Ed. USENIX.]]","journal-title":"Proceedings of USENIX Security"},{"key":"e_1_2_1_9_1","volume-title":"Proceedings of Crypto","volume":"2729","author":"Canvel B.","year":"2003","unstructured":"Canvel , B. , Hiltgen , A. , Vaudenay , S. , and Vuagnoux , M . 2003. Password interception in a SSL\/TLS channel . In Proceedings of Crypto 2003 , D. Boneh, Ed. Lecture Notes in Computer Science , vol. 2729 . Springer-Verlag, Berlin, 583--599.]] Canvel, B., Hiltgen, A., Vaudenay, S., and Vuagnoux, M. 2003. Password interception in a SSL\/TLS channel. In Proceedings of Crypto 2003, D. Boneh, Ed. Lecture Notes in Computer Science, vol. 2729. Springer-Verlag, Berlin, 583--599.]]"},{"key":"e_1_2_1_10_1","volume-title":"Proceedings of NDSS","author":"Coarfa C.","year":"2002","unstructured":"Coarfa , C. , Druschel , P. , and Wallach , D . 2002. Performance analysis of TLS web servers . In Proceedings of NDSS 2002 , M. Tripunitara, Ed. Internet Society, 183--194.]] Coarfa, C., Druschel, P., and Wallach, D. 2002. Performance analysis of TLS web servers. In Proceedings of NDSS 2002, M. Tripunitara, Ed. Internet Society, 183--194.]]"},{"key":"e_1_2_1_11_1","doi-asserted-by":"crossref","unstructured":"Dierks T. and Allen C. 1999. RFC 2246: The TLS Protocol Version 1.]]   Dierks T. and Allen C. 1999. RFC 2246: The TLS Protocol Version 1.]]","DOI":"10.17487\/rfc2246"},{"key":"e_1_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1109\/PROC.1979.11256"},{"key":"e_1_2_1_13_1","volume-title":"Proceedings of WISP","author":"Goldberg A.","year":"1998","unstructured":"Goldberg , A. , Buff , R. , and Schmitt , A . 1998. Secure web server performance dramatically improved by caching SSL session keys . In Proceedings of WISP 1998 , P. Cao and S. Sarukkai, Eds.]] Goldberg, A., Buff, R., and Schmitt, A. 1998. Secure web server performance dramatically improved by caching SSL session keys. In Proceedings of WISP 1998, P. Cao and S. Sarukkai, Eds.]]"},{"volume-title":"Proceedings of NDSS '04","author":"Gupta V.","key":"e_1_2_1_14_1","unstructured":"Gupta , V. , Stebila , D. , Fung , S. , Shantz , S.C. , Gura , N. , and Eberle , H . 2004. Speeding up secure web transactions using elliptic curve cryptography . In Proceedings of NDSS '04 , M. Tripunitara, Ed. Internet Society.]] Gupta, V., Stebila, D., Fung, S., Shantz, S.C., Gura, N., and Eberle, H. 2004. Speeding up secure web transactions using elliptic curve cryptography. In Proceedings of NDSS '04, M. Tripunitara, Ed. Internet Society.]]"},{"key":"e_1_2_1_15_1","volume-title":"RSA, DSS, and other systems. In Proceedings of Crypto","author":"Kocher P.","year":"1996","unstructured":"Kocher , P. 1996. Timing attacks on implementations of Diffie-Hellman , RSA, DSS, and other systems. In Proceedings of Crypto 1996 , N. Koblitz, Ed . Lecture Notes in Computer Science, vol. 1109 . Springer-Verlag , Berlin, 104--113.]] Kocher, P. 1996. Timing attacks on implementations of Diffie-Hellman, RSA, DSS, and other systems. In Proceedings of Crypto 1996, N. Koblitz, Ed. Lecture Notes in Computer Science, vol. 1109. Springer-Verlag, Berlin, 104--113.]]"},{"key":"e_1_2_1_16_1","volume-title":"Proceedings of Crypto","author":"Krawczyk H.","year":"2001","unstructured":"Krawczyk , H. 2001. The order of encryption and authentication for protecting communications . In Proceedings of Crypto 2001 , J. Killian, Ed . Lecture Notes in Computer Science, vol. 2139 . Springer-Verlag , Berlin, 310--31.]] Krawczyk, H. 2001. The order of encryption and authentication for protecting communications. In Proceedings of Crypto 2001, J. Killian, Ed. Lecture Notes in Computer Science, vol. 2139. Springer-Verlag, Berlin, 310--31.]]"},{"key":"e_1_2_1_17_1","volume-title":"Proceedings of USENIX Security","author":"Mitchell J.","year":"1998","unstructured":"Mitchell , J. , Shmatikov , V. , and Stern , U . 1998. Finite-state analysis of SSL 3.0 . In Proceedings of USENIX Security 1998 , A. Rubin, Ed. USENIX, 201--216.]] Mitchell, J., Shmatikov, V., and Stern, U. 1998. Finite-state analysis of SSL 3.0. In Proceedings of USENIX Security 1998, A. Rubin, Ed. USENIX, 201--216.]]"},{"key":"e_1_2_1_18_1","unstructured":"M\u00f6ller B. 2004. Security of CBC Ciphersuites in SSL\/TLS: Problems and Countermeasures. Available at http:\/\/www.openssl.org\/~bodo\/tls-cbc.txt.]]  M\u00f6ller B. 2004. Security of CBC Ciphersuites in SSL\/TLS: Problems and Countermeasures. Available at http:\/\/www.openssl.org\/~bodo\/tls-cbc.txt.]]"},{"key":"e_1_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1145\/322510.322530"},{"key":"e_1_2_1_20_1","volume-title":"Proceedings of USENIX Security","author":"Rescorla E.","year":"2002","unstructured":"Rescorla , E. , Cain , A. , and Korver , B . 2002. SSLACC: A clustered SSL accelerator . In Proceedings of USENIX Security 2002 , D. Boneh, Ed. USENIX, 229--246.]] Rescorla, E., Cain, A., and Korver, B. 2002. SSLACC: A clustered SSL accelerator. In Proceedings of USENIX Security 2002, D. Boneh, Ed. USENIX, 229--246.]]"},{"key":"e_1_2_1_21_1","unstructured":"Shacham H. and Boneh D. Fast-track TLS Prototype Implementation. Available at http:\/\/hovav.net\/dist\/sslex-dr0.1.tar.gz.]]  Shacham H. and Boneh D. Fast-track TLS Prototype Implementation. Available at http:\/\/hovav.net\/dist\/sslex-dr0.1.tar.gz.]]"},{"key":"e_1_2_1_22_1","unstructured":"Shacham H. and Boneh D. 2001. TLS Fast-Track Session Establishment. Internet Draft: draft-shacham-tls-fasttrack-00.txt. Work in progress.]]  Shacham H. and Boneh D. 2001. TLS Fast-Track Session Establishment. Internet Draft: draft-shacham-tls-fasttrack-00.txt. Work in progress.]]"},{"volume-title":"UNIX Network Programming: Interprocess Communications","author":"Stevens W. R.","key":"e_1_2_1_23_1","unstructured":"Stevens , W. R. 1999. UNIX Network Programming: Interprocess Communications , vol. 2 . Prentice-Hall , Englewood Cliffs, NJ .]] Stevens, W. R. 1999. UNIX Network Programming: Interprocess Communications, vol. 2. Prentice-Hall, Englewood Cliffs, NJ.]]"},{"key":"e_1_2_1_24_1","unstructured":"Thorpe G. Distcache: Distributed Session Caching. Available at http:\/\/distcache.sourceforge.net\/.]]  Thorpe G. Distcache: Distributed Session Caching. Available at http:\/\/distcache.sourceforge.net\/.]]"},{"key":"e_1_2_1_25_1","volume-title":"IPSEC, WTLS\u2026 In Proceedings of Eurocrypt","author":"Vaudenay S.","year":"2002","unstructured":"Vaudenay , S. 2002. Security flaws induced by CBC padding---applications to SSL , IPSEC, WTLS\u2026 In Proceedings of Eurocrypt 2002 , L. Knudsen, Ed . Lecture Notes in Computer Science, vol. 2332 . Springer-Verlag , Berlin, 534--545.]] Vaudenay, S. 2002. Security flaws induced by CBC padding---applications to SSL, IPSEC, WTLS\u2026 In Proceedings of Eurocrypt 2002, L. Knudsen, Ed. Lecture Notes in Computer Science, vol. 2332. Springer-Verlag, Berlin, 534--545.]]"},{"volume-title":"Proceedings of 2nd USENIX Workshop on Electronic Commerce, D. Tygar, Ed. USENIX.]]","author":"Wagner D.","key":"e_1_2_1_26_1","unstructured":"Wagner , D. and Schneier , B . 1996. Analysis of the SSL 3.0 protocol . In Proceedings of 2nd USENIX Workshop on Electronic Commerce, D. Tygar, Ed. USENIX.]] Wagner, D. and Schneier, B. 1996. Analysis of the SSL 3.0 protocol. In Proceedings of 2nd USENIX Workshop on Electronic Commerce, D. Tygar, Ed. USENIX.]]"},{"key":"e_1_2_1_27_1","unstructured":"Wireless Application Forum. 2000. Wireless Transport Layer Security Specification. Available at http:\/\/www.wapforum.org\/.]]  Wireless Application Forum. 2000. Wireless Transport Layer Security Specification. Available at http:\/\/www.wapforum.org\/.]]"},{"key":"e_1_2_1_28_1","unstructured":"Wolverton T. 2000. Amazon reports wider loss but book business profits. CNET. Available at http:\/\/news.com.com\/2100-1017-236436.html?legacy=cnet.]]  Wolverton T. 2000. Amazon reports wider loss but book business profits. CNET. Available at http:\/\/news.com.com\/2100-1017-236436.html?legacy=cnet.]]"}],"container-title":["ACM Transactions on Information and System Security"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/1042031.1042034","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/1042031.1042034","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T22:43:15Z","timestamp":1750286595000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/1042031.1042034"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2004,11,11]]},"references-count":28,"journal-issue":{"issue":"4","published-print":{"date-parts":[[2004,11,11]]}},"alternative-id":["10.1145\/1042031.1042034"],"URL":"https:\/\/doi.org\/10.1145\/1042031.1042034","relation":{},"ISSN":["1094-9224","1557-7406"],"issn-type":[{"type":"print","value":"1094-9224"},{"type":"electronic","value":"1557-7406"}],"subject":[],"published":{"date-parts":[[2004,11,11]]},"assertion":[{"value":"2004-11-11","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}