Browse > Article
http://dx.doi.org/10.7840/kics.2017.42.3.595

SSLmTCP Handshake : Embedding the SSL Handshake into the TCP 3-Way Handshake  

Byun, Ki-Seok (Cryptosystem Development PKI Team, Penta Security Systems)
Park, Jun-Cheol (Department of Computer Engineering, Hongik University)
Publication Information
The Journal of Korean Institute of Communications and Information Sciences / v.42, no.3, 2017 , pp. 595-603 More about this Journal
Abstract
We propose a scheme to reduce the time for the SSL/TLS handshake by embedding it into the TCP 3-way handshake. The scheme can be selectively applied on the standard TCP for making the SSL/TCP handshake happen within the TCP handshake, rather than performing the TCP handshake and SSL/TLS handshake in sequence. We implemented a prototype of the scheme and did some experiments on its performance. Experimental results showed that, compared to the sequential handshakes of the TCP and the SSL/TLS, the time reduction achieved by the scheme varied in the range of 3.2% and 14%(when the elapsed time by the ping program from the client to the server was 11.6ms). The longer the time measured by the ping program, which would grow as the propagation and queuing delays do, the larger the reduction rate. It accords with the supposition that the reduced time due to the scheme will increase in proportion to the amount of the elapsed time measured by the ping program.
Keywords
SSL/TLS Handshake; TCP Handshake; Embedding Handshake; Time Reduction; Linux Kernel Hacking;
Citations & Related Records
Times Cited By KSCI : 3  (Citation Analysis)
연도 인용수 순위
1 E. Rescorla and A.Schiffman, The Secure HyperText Transfer Protocol(1999), Retrieved Dec., 20, 2016, from https://tools.ietf.org/html/rfc2660
2 HTTPS usage statistics on top websites(2016), Retrieved Nov., 29, 2016, from statoperator, https://statoperator.com/research/https-usage-statistics-on-top-websites/
3 Josh Aas, Enabling HTTP Over SSL(2016), Retrieved Nov., 29, 2016, from https://letsenc rypt.org/2016/06/22/https-progress-june-2016.html
4 J. Hodges and C. Jackson, HTTP Strict Transport Security(2012), Retrieved Dec., 20, 2016, from https://tools.ietf.org/html/rfc6797
5 T. Socolofsky and C. Kale, A TCP/IP Tutorial(1991), Retrieved Dec., 20, 2016, from https://tools.ietf.org/html/rfc1180
6 W. J. Choi, Ramneek, and W. J. Seok, "Yellow-light TCP: Energy-saving protocol for mobile data transmission," J. KICS, vol. 40, no. 03, pp. 478-490, Mar. 2015.   DOI
7 Microsoft, Explanation of the 3-way Handshake via TCP/IP, Retrieved Nov., 28, 2016, from https://support.microsoft.com/en-us/kb/172983
8 A. Freier, P. Karlton, and P. Kocher, The Secure Sockets Layer(SSL) Protocol Version 3.0(2001), Retrieved Nov, 21, 2016, from https://tools.ietf.org/html/rfc6101
9 T. Dierks and C. Allen, The TLS Protocol Version 1.0(1991), Retrieved Nov., 21, 2016, from https://www.ietf.org/rfc/rfc2246.txt
10 IBM, Supported SSL and Transport Layer Security protocols, Retrieved Nov., 26, 2016, from http://www.ibm.com/support/knowledgecenter/ko/ssw_ibm_i_72/rzain/rzainrzaintls.htm
11 G. T. Park, H. J. Han, and J. H. Lee, "Design and implementation of lightweight encryption algorithm on OpenSSL," J. KICS, vol. 39B, no. 12, pp. 822-830, Dec. 2014.   DOI
12 S. M. Kim, J. S. Park, S. H. Yoon, J. H. Kim, S. O. Choi, and M. S. Kim, "Service identification method for encrypted traffic based on SSL/TLS," J. KICS, vol. 40, no. 11, pp. 2160-2168, Nov. 2015.   DOI
13 IBM, How SSL and TLS provide identification, authentication, confidentiality, and integrity, Retrieved Nov., 26, 2016, from http://www.ibm.com/support/knowledgecenter/en/SSFKSJ_7.1.0/com.ibm.mq.doc/sy10670_.htm
14 A. Langley, Transport Layer Security (TLS) Snap Start(2010), Retrieved Nov., 26, 2016, from https://tools.ietf.org/html/draft-agl-tls-snapstart-00
15 E. Stark, LS. Huang, D. Israni, C. Jackson, and D. Boneh, "The case for prefetching and prevalidating TLS server certificate," in Proc. Netw. and Distrib. Sys. Secur. Symp. 2012, San Diego, USA, Feb. 2012.
16 R. Braud, Measuring Performance with HTTP Proxies(2013), Retrieved Feb., 13, 2017, from https://blog.thousandeyes.com/measuring-performance-with-http-proxies
17 Gordon McKinney, TCP state Transition Diagram(2002), Retrieved Dec., 17, 2016, from http://www.cs.northwestern.edu/-agupta/cs340/project2/TCPIP_State_Transition_Diagram.pdf