THE CASE FOR PREFETCHING AND PREVALIDATING TLS SERVER CERTIFICATES Emily Stark, Lin-Shung Huang, Dinesh Israni, Collin Jackson, Dan Boneh Presented by:

Slides:



Advertisements
Similar presentations
ForceHTTPS: Protecting High-Security Web Sites from Network Attacks Collin Jackson and Adam Barth.
Advertisements

Cryptography and Network Security Chapter 16
TLS Introduction 14.2 TLS Record Protocol 14.3 TLS Handshake Protocol 14.4 Summary.
Cryptography and Network Security
Secure Socket Layer.
SSL CS772 Fall Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.
Unifying the conceptual levels of network security through use of patterns Ph.D Dissertation Proposal Candidate: Ajoy Kumar, Advisor: Dr Eduardo B. Fernandez.
Socket Layer Security. In this Presentation: need for web security SSL/TLS transport layer security protocols HTTPS secure shell (SSH)
VOYAGER: Yet Another Secure Web Browser to Demonstrate Secure Socket Layer Working and Implementation By : Shrinivas G. Deshpande Advisor: Dr. Chung E.
Module 5: TLS and SSL 1. Overview Transport Layer Security Overview Secure Socket Layer Overview SSL Termination SSL in the Hosted Environment Load Balanced.
CSE 461 Section. “Transport Layer Security” protocol Standard protocol for encrypting Internet traffic Previously known as SSL (Secure Sockets Layer),
More Trick For Defeating SSL
By: Hassan Waqar.  A PROTOCOL for securely transmitting data via the internet.  NETWORK LAYER application.  Developed by NETSCAPE.
More on SSL/TLS. Internet security: TLS TLS is one of the more prominent internet security protocols. TLS is one of the more prominent internet security.
Module 5: Configuring Access to Internal Resources.
Mar 19, 2002Mårten Trolin1 This lecture On the assignment Certificates and key management SSL/TLS –Introduction –Phases –Commands.
Apr 2, 2002Mårten Trolin1 Previous lecture On the assignment Certificates and key management –Obtaining a certificate –Verifying a certificate –Certificate.
Electronic Transaction Security (E-Commerce)
WEB SECURITY. WEB ATTACK TYPES Buffer OverflowsXML InjectionsSession Hijacking Attacks WEB Attack Types.
CSCE 790: Computer Network Security Chin-Tser Huang University of South Carolina.
SSL By: Anthony Harris & Adam Shkoler. What is SSL? SSL stands for Secure Sockets Layer SSL is a cryptographic protocol which provides secure communications.
Seguridad en Sistemas de Información Francisco Rodríguez Henríquez SSL/TLS: An Introduction.
Application Layer Protocol Negotiation
How HTTPS Works J. David Giese. Hyper Text Transfer Protocol BrowserHTTP Server GET / HTTP/1.1 HOST: edge-effect.github.io HEADERS BODY HTTP/ OK.
Cisco Confidential © 2010 Cisco and/or its affiliates. All rights reserved. 1 SAN Certificate in Unity Connection Presenter Name: Bhawna Goel.
Bradley Cowie Supervised by Barry Irwin Security and Networks Research Group Department of Computer Science Rhodes University MANAGEMENT, PROCESSING AND.
11 Secure Sockets Layer (SSL) Protocol (SSL) Protocol Saturday, University of Palestine Applied and Urban Engineering College Information Security.
SSL and https for Secure Web Communication CSCI 5857: Encoding and Encryption.
BitTorrent Presentation by: NANO Surmi Chatterjee Nagakalyani Padakanti Sajitha Iqbal Reetu Sinha Fatemeh Marashi.
Session 10 Windows Platform Eng. Dina Alkhoudari.
MCSE Guide to Microsoft Exchange Server 2003 Administration Chapter Four Configuring Outlook and Outlook Web Access.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.1 ISP Services Working at a Small-to-Medium Business or ISP – Chapter 7.
Secure Socket Layer (SSL)
SAINT ‘01 Proactive DNS Caching: Addressing a Performance Bottleneck Edith Cohen AT&T Labs-Research Haim Kaplan Tel-Aviv University.
Implementing ISA Server Publishing. Introduction What Are Web Publishing Rules? ISA Server uses Web publishing rules to make Web sites on protected networks.
SSL / TLS in ITDS Arun Vishwanathan 23 rd Dec 2003.
Enabling Embedded Systems to access Internet Resources.
Behzad Akbari Spring 2012 (These slides are based on lecture slides by Lawrie Brown)
Configuring and Troubleshooting Identity and Access Solutions with Windows Server® 2008 Active Directory®
Module 10: Monitoring ISA Server Overview Monitoring Overview Configuring Alerts Configuring Session Monitoring Configuring Logging Configuring.
Introduction to Secure Sockets Layer (SSL) Protocol Based on:
Security Protocols and E-commerce University of Palestine Eng. Wisam Zaqoot April 2010 ITSS 4201 Internet Insurance and Information Hiding.
Network Security Essentials Chapter 5
Web Security : Secure Socket Layer Secure Electronic Transaction.
XMPP Concrete Implementation Updates: 1. Why XMPP 2 »XMPP protocol provides capabilities that allows realization of the NHIN Direct. Simple – Built on.
Cryptography and Network Security (SSL)
1 DCS 835 – Computer Networking and the Internet Digital Certificate and SSL (rev ) Team 1 Rasal Mowla (project leader) Alvaro Restrepo, Carlos.
CS 4244: Internet Programming Security 1.0. Introduction Client identification and cookies Basic Authentication Digest Authentication Secure HTTP.
SARVAJANIK COLLEGE OF ENGINEERING & TECHNOLOGY. Secure Sockets Layer (SSL) Protocol Presented By Shivangi Modi Presented By Shivangi ModiCo-M(Shift-1)En.No
Configuring and Troubleshooting Identity and Access Solutions with Windows Server® 2008 Active Directory®
Secure Sockets Layer (SSL) Protocol by Steven Giovenco.
Web Security Web now widely used by business, government, individuals but Internet & Web are vulnerable have a variety of threats – integrity – confidentiality.
Cryptography and Network Security Chapter 16 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.
Encryption protocols Monil Adhikari. What is SSL / TLS? Transport Layer Security protocol, ver 1.0 De facto standard for Internet security “The primary.
Web Cache. What is Cache? Cache is the storing of data temporarily to improve performance. Cache exist in a variety of areas such as your CPU, Hard Disk.
John S. Otto Mario A. Sánchez John P. Rula Fabián E. Bustamante Northwestern, EECS.
Whole Page Performance Leeann Bent and Geoffrey M. Voelker University of California, San Diego.
Secure Socket Layer Protocol Dr. John P. Abraham Professor, UTRGV.
Multicast in Information-Centric Networking March 2012.
Setting and Upload Products
Visit for more Learning Resources
Web Caching? Web Caching:.
How to Check if a site's connection is secure ?
Working at a Small-to-Medium Business or ISP – Chapter 7
Utilization of Azure CDN for the large file distribution
Chapter 3: Windows7 Part 4.
Working at a Small-to-Medium Business or ISP – Chapter 7
Working at a Small-to-Medium Business or ISP – Chapter 7
Unit 8 Network Security.
Presentation transcript:

THE CASE FOR PREFETCHING AND PREVALIDATING TLS SERVER CERTIFICATES Emily Stark, Lin-Shung Huang, Dinesh Israni, Collin Jackson, Dan Boneh Presented by: Nurul Atiqah Abu Talib

INTRODUCTION Prefetch and prevalidate server certificates before a user clicks on an HTTPS link Combines with Snap Start  less costly  removing time pressure from the certificate validation process

TRANSPORT LAYER SECURITY (TLS) A protocol for encrypting and authenticating traffic between a client and a server

TLS HANDSHAKE Initialize Handshake Certificate Response Certificate validation HTTP Request HTTP Respond Negotiate Key Certificate valid?

Online Certificate Status Protocol (OCSP) Client asks OCSP responder whether certificate is valid Responder specifies how long response is valid

TLS PROBLEMS Common TLS misconfigurations and certificate warnings TLS-enabled servers face heavier load discourages site-wide use of TLS, thereby exposing users to session hijacking and other exploits increases client latency

TLS SNAP START (1/2) Zero round trip handshake Initialize Handshake Certificate HTTP Request HTTP Respond Negotiate Key Certificate valid?

TLS SNAP START (2/2) Zero round trip handshake Initialize Handshake HTTP Request HTTP Respond Snap Start Extension

SNAP START CHALLENGE I (1/2) First visit: Initialize Handshake Snap Start Extension Selected Cipher Suite + orbit Cache

SNAP START CHALLENGE I (2/2) Next visit: Client must know server certificate Cached from previous visit Initialize Handshake Snap Start Extension + necessary information from cache HTTP Request HTTP Respond

SNAP START CHALLENGE II If cached certificate’s validation status from a previous handshake has expired, the browser still must communicate with a certificate validation authority

CONTRIBUTION Detailed statistics from OCSP responders in the real world Certificate prefetching and prevalidation Propose four prefetching strategies Compare strategies and benefits Implementation

OCSP IN THE WILD Experimental setup OCSP response times collected from users running Perspectives browser extensions 242 clients, 4474 certificates, 24 responders

OCSP MEASUREMENTS (1/2) Cumulative distribution of OCSP lookup response times Median: 291 ms Mean: 498 ms

OCSP MEASUREMENTS (2/2) Cumulative distribution of OCSP lookup response times 74.8%

METHOD Prefetch certificates Enables Snap Start handshakes more frequently Prevalidate certificates Removes OCSP lookup from critical path Question: When to prefetch? When to prevalidate? How to obtain certificates?

WHEN TO PREFETCH? Idea from DNS prefetching To increase responsiveness, resolves domain names before the user clicks on a link Triggered when: While the user is typing Mouse hovers over a link During browser startup

HOW TO PREFETCH? Naïve Method: Open TLS connection and obtain information Challenge: Full TLS handshake is expensive

SERVER CERTIFICATE PREFETCHING AND PREVALIDATING Prefetching with a truncated handshake Prefetching via HTTP GET Prefetching from a CDN Prefetching from DNS

PREFETCHING WITH A TRUNCATED HANDSHAKE (1/2) Initialize Handshake Certificate Alert Message

PREFETCHING WITH A TRUNCATED HANDSHAKE (2/2) AdvantagesDisadvantages No public key cryptographyImplementation requires new API in TLS Layer Server admin does nothingDirty server logs due to inaccurate alert usage

PREFETCHING VIA HTTP GET AdvantagesDisadvantages Simplest method Much less load than full TLS handshake, but still impacts the server

PREFETCHING FROM A CDN AdvantagesDisadvantages Avoid placing any extra load on the server Requests to multiple CDNs to enquire about certificate

PREFETCHING FROM DNS AdvantagesDisadvantages DNS TXT record can store certificates Limited Use minimal client bandwidthSwell DNS records No impact on web server

PREVALIDATE Certificate prefetched? Prevalidate Normal OCSP lookup

ANALYSIS How much does prefetching and prevalidating affect handshake latency?

HANDSHAKE LATENCY Normal TLS122 ms Snap Start, no prevalidation83 ms Snap Start, prevalidated certificate30 ms Remove round trips by using Snap Start Remove OCSP by prevalidating certificate and using snap start

CONCLUSION (CONT’D) Client latency from TLS handshakes costs websites in traffic and revenue, and discourages websites from using TLS Server certificate prefetching and prevalidation Snap Start handshake with a prevalidated certificate four times faster than a normal TLS handshake 74.8% of OCSP lookups took between 100 ms and 600 ms Prefetching enables an even more dramatic speed-up over standard TLS

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.