Client-Side Caching for TLS

By Hovav Shacham, Dan Boneh, and Eric Rescorla.

ACM Transactions on Information and System Security (TISSEC), 7(4):553–75, Nov. 2004.


We propose two new mechanisms for caching handshake information on TLS clients. The “fast-track” mechanism provides a client side cache of a server's public parameters and negotiated parameters in the course of an initial, enabling handshake. These parameters need not be resent on subsequent handshakes. Fast-track reduces both network traffic and the number of round trips, and requires no additional server state. These savings are most useful in high latency environments such as wireless networks. The second mechanism, “client side session caching,” allows the server to store an encrypted version of the session information on a client, allowing a server to maintain a much larger number of active sessions in a given memory footprint. Our design is fully backward-compatible with TLS: extended clients can interoperate with servers unaware of our extensions and vice versa. We have implemented our fast-track proposal to demonstrate the resulting efficiency improvements.



@Article{SBR04, author = {Hovav Shacham and Dan Boneh and Eric Rescorla}, title = {Client Side Caching for {TLS}}, journal = {ACM Trans. Info.\ \& System Security}, year = 2004, volume = 7, number = 4, pages = {553-75}, month = nov }

Navigation: Hovav Shacham // Publications // [SBR04]