| SSL(Secure Socket Layer)is the most widely deployed security protocol in the world. TLS (Transport Layer Security)is the subsequence of SSL. Although protecting the security of Web communications is the most common use of TLS, actually it is a quite universal protocol, being the same with protection of the security of multiple communication data.Clients and Servers using TLS build up a secure channel for transporting sensitive information between two computers through a handshake negotiation. In the Internet environment, the encryption computation that the TLS handshake needs for connecting becomes the bottle-neck of the server's performance. TLS comes up with a session resumption mechanism by allowing the servers to maintain the connection parameters of the sessions and to avoid handshake while reconnecting with the Clients with which the Server had shared a session before. The abuse of this traditional session resumption is the spending falls almost completely on the side of the server. The server can't bear that much in the applications.Considered the Load-Balanced theory ,Transferring session parameters from the server-side cache to the client-side cache is a reasonable solution. The session parameters are dealt with encryption algorithm and MAC algorithm to guarantee its confidentiality and integrity and sent to the client-side cache as a authentication ticket for session resumption; The traditional handshake protocol and session resumption protocol are been extended compatibly to support this amelioration; the data structure of main extended protocol messages are defined in C ,and the core codes with which the extended protocols need to run are implemented using OpenSSL function-base. The server can maintain higher rate of session resumptions with clients through this improved extension implementation. |
PDF Full Text Request