ABSTRACT
Establishing secure connections fast to end-users is crucial to online services. However, when a client sets up a TLS session with a server, the TLS handshake needs one round trip time (RTT) to negotiate a session key. Additionally, establishing a TLS session also requires a DNS lookup (e.g., the A record lookup to fetch the IP address of the server) and a TCP handshake. In this paper, we propose ZTLS to eliminate the 1-RTT latency for the TLS handshake by leveraging the DNS. In ZTLS, a server distributes TLS handshake-related data (i.e., Diffie-Hellman elements), dubbed Z-data, as DNS records. A ZTLS client can fetch Z-data by DNS lookups and derive a session key. With the session key, the client can send encrypted data along with its ClientHello, achieving 0-RTT. ZTLS supports incremental deployability on the current TLS-based infrastructure. Our prototype-based experiments show that ZTLS is 1-RTT faster than TLS in terms of the first response time.
- [n. d.]. BIND9. https://www.isc.org/bind/. Retrieved: 2022-10-12.Google Scholar
- [n. d.]. Google Transparency Report. https://transparencyreport.google.com/https/overview¿hl=en. Retrieved: 2022-10-12.Google Scholar
- [n. d.]. integrity - Glossary | CSRC - NIST Computer Security Resource Center. https://csrc.nist.gov/glossary/term/integrity. Retrieved: 2022-10-11.Google Scholar
- [n. d.]. OpenSSL. https://www.openssl.org/source/. Retrieved: 2022-10-12.Google Scholar
- [n. d.]. Rescorla, E.: TLS 1.3 (2015). http://web.stanford.edu/class/ee380/Abstracts/151118-slides.pdf. Retrieved: 2022-10-12.Google Scholar
- 1981. Internet Protocol. RFC 791. https://doi.org/10.17487/RFC0791Google ScholarDigital Library
- 1984. A Standard for the Transmission of IP Datagrams over Ethernet Networks. RFC 894. https://doi.org/10.17487/RFC0894Google ScholarDigital Library
- 1987. Domain names - implementation and specification. RFC 1035. https://doi.org/10.17487/RFC1035Google ScholarDigital Library
- 2015. About enabling QUIC in android. https://groups.google.com/a/chromium.org/g/proto-quic/c/4fjpJ7hUtgg. Retrieved: 2022-10-12.Google Scholar
- 2016. Building a faster and more secure web with TCP Fast Open, TLS False Start, and TLS 1.3. https://blogs.windows.com/msedgedev/2016/06/15/building-a-faster-and-more-secure-web-with-tcp-fast-open-tls-false-start-and-tls-1-3/. Retrieved: 2022-10-12).Google Scholar
- 2017. QUIC fallback to TCP scenario. https://groups.google.com/a/chromium.org/g/proto-quic/c/zo7–OQLQBo. Retrieved: 2022-10-12.Google Scholar
- 2018. Encrypt it or lose it: how encrypted SNI works. https://blog.cloudflare.com/encrypted-sni/. Retrieved: 2022-10-12.Google Scholar
- 2019. ISO8601. https://www.iso.org/standard/70907.html. Retrieved: 2022-10-12.Google Scholar
- Len Bass, Paul Clements, and Rick Kazman. 2012. Software Architecture in Practice (3rd ed.). Addison-Wesley Professional.Google ScholarDigital Library
- Philip Lewis Bohannon. 2017. Transport layer security latency mitigation.Google Scholar
- Guillaume Bonnoron, Damien Crémilleux, Sravani Teja Bulusu, Xiaoyang Zhu, and Guillaume Valadon. 2016. Survey and analysis of DNS infrastructures. Research Report. CNRS. https://hal.archives-ouvertes.fr/hal-01407640Google Scholar
- Ilker Nadi Bozkurt, Anthony Aguirre, Balakrishnan Chandrasekaran, P. Brighten Godfrey, Gregory Laughlin, Bruce Maggs, and Ankit Singla. 2017. Why Is the Internet so Slow¿!. In Passive and Active Measurement (PAM), Mohamed Ali Kaafar, Steve Uhlig, and Johanna Amann (Eds.). Springer International Publishing, Cham, 173–187.Google Scholar
- Bob Briscoe, Anna Brunstrom, Andreas Petlund, David Hayes, David Ros, Ing-Jyh Tsang, Stein Gjessing, Gorry Fairhurst, Carsten Griwodz, and Michael Welzl. 2016. Reducing Internet Latency: A Survey of Techniques and Their Merits. IEEE Communications Surveys & Tutorials 18, 3 (2016), 2149–2196. https://doi.org/10.1109/COMST.2014.2375213Google ScholarDigital Library
- Ran Canetti, Shai Halevi, and Jonathan Katz. 2003. A Forward-Secure Public-Key Encryption Scheme. In Advances in Cryptology — EUROCRYPT 2003, Eli Biham (Ed.). Springer Berlin Heidelberg, Berlin, Heidelberg, 255–271.Google ScholarCross Ref
- Shan Chen, Samuel Jero, Matthew Jagielski, Alexandra Boldyreva, and Cristina Nita-Rotaru. 2019. Secure communication channel establishment: TLS 1.3 (over TCP fast open) vs. QUIC. In European Symposium on Research in Computer Security. Springer, 404–426.Google ScholarDigital Library
- Yuchung Cheng, Jerry Chu, Sivasankar Radhakrishnan, and Arvind Jain. 2014. TCP Fast Open. RFC 7413. https://doi.org/10.17487/RFC7413Google ScholarDigital Library
- David Cooper, Stefan Santesson, Stephen Farrell, Sharon Boeyen, Russell Housley, and William Polk. 2008. Internet X. 509 public key infrastructure certificate and certificate revocation list (CRL) profile. RFC 5280.Google Scholar
- Joao da Silva Damas, Michael Graff, and Paul A. Vixie. 2013. Extension Mechanisms for DNS (EDNS(0)). RFC 6891. https://doi.org/10.17487/RFC6891Google ScholarDigital Library
- T. Dierks and E. Rescorla. 2008. The Transport Layer Security (TLS) Protocol Version 1.2. RFC 5246. https://doi.org/10.17487/RFC5246Google ScholarDigital Library
- Danny Dolev and Andrew C. Yao. 1983. On the security of public key protocols. IEEE Transactions on information theory 29, 2 (1983), 198–208.Google ScholarDigital Library
- Wesley Eddy. 2022. Transmission Control Protocol (TCP). RFC 9293. https://doi.org/10.17487/RFC9293Google ScholarDigital Library
- Pasi Eronen, Hannes Tschofenig, Hao Zhou, and Joseph A. Salowey. 2008. Transport Layer Security (TLS) Session Resumption without Server-Side State. RFC 5077. https://doi.org/10.17487/RFC5077Google ScholarDigital Library
- Pouyan Fotouhi Tehrani, Eric Osterweil, Jochen H. Schiller, Thomas C. Schmidt, and Matthias Wählisch. 2021. Security of Alerting Authorities in the WWW: Measuring Namespaces, DNSSEC, and Web PKI. In Proceedings of the Web Conference 2021 (Ljubljana, Slovenia) (WWW ’21). Association for Computing Machinery, New York, NY, USA, 2709–2720. https://doi.org/10.1145/3442381.3450033Google ScholarDigital Library
- Alessandro Ghedini. 2019. Even faster connection establishment with QUIC 0-RTT resumption. https://blog.cloudflare.com/even-faster-connection-establishment-with-quic-0-rtt-resumption/. Retrieved: 2022-10-12.Google Scholar
- Daniel Kahn Gillmor. 2016. Negotiated Finite Field Diffie-Hellman Ephemeral Parameters for Transport Layer Security (TLS). RFC 7919. https://doi.org/10.17487/RFC7919Google ScholarDigital Library
- Paul E. Hoffman and Jakob Schlyter. 2012. The DNS-Based Authentication of Named Entities (DANE) Transport Layer Security (TLS) Protocol: TLSA. RFC 6698. https://doi.org/10.17487/RFC6698Google ScholarDigital Library
- Jana Iyengar and Martin Thomson. 2021. QUIC: A UDP-Based Multiplexed and Secure Transport. RFC 9000. https://doi.org/10.17487/RFC9000Google ScholarDigital Library
- Scott Kitterman. 2014. Sender Policy Framework (SPF) for Authorizing Use of Domains in Email, Version 1. RFC 7208. https://doi.org/10.17487/RFC7208Google ScholarDigital Library
- Dr. Hugo Krawczyk and Pasi Eronen. 2010. HMAC-based Extract-and-Expand Key Derivation Function (HKDF). RFC 5869. https://doi.org/10.17487/RFC5869Google ScholarDigital Library
- H. Krawczyk, M. Bellare, and R. Canetti. 1997. RFC2104: HMAC: Keyed-Hashing for Message Authentication.Google Scholar
- Murray Kucherawy, Dave Crocker, and Tony Hansen. 2011. DomainKeys Identified Mail (DKIM) Signatures. RFC 6376. https://doi.org/10.17487/RFC6376Google ScholarDigital Library
- Murray Kucherawy and Elizabeth Zwicky. 2015. Domain-based Message Authentication, Reporting, and Conformance (DMARC). RFC 7489. https://doi.org/10.17487/RFC7489Google ScholarDigital Library
- Adam Langley. 2010. Transport Layer Security (TLS) Snap Start. Internet-Draft draft-agl-tls-snapstart-00. Internet Engineering Task Force. https://datatracker.ietf.org/doc/draft-agl-tls-snapstart/00/ Work in Progress.Google Scholar
- Adam Langley, Nagendra Modadugu, and Bodo Moeller. 2016. Transport Layer Security (TLS) False Start. RFC 7918. https://doi.org/10.17487/RFC7918Google ScholarDigital Library
- Hyunwoo Lee, Doowon Kim, and Yonghwi Kwon. 2021. TLS 1.3 in Practice:How TLS 1.3 Contributes to the Internet. In Proceedings of the Web Conference 2021 (Ljubljana, Slovenia) (WWW ’21). Association for Computing Machinery, New York, NY, USA, 70–79. https://doi.org/10.1145/3442381.3450057Google ScholarDigital Library
- U. Lindqvist and E. Jonsson. 1997. How to systematically classify computer security intrusions. In Proceedings. 1997 IEEE Symposium on Security and Privacy (Cat. No.97CB36097). 154–163. https://doi.org/10.1109/SECPRI.1997.601330Google ScholarCross Ref
- Steve Lohr. 2012. For Impatient Web Users, an Eye Blink Is Just Too Long to Wait. https://www.nytimes.com/2012/03/01/technology/impatient-web-users-flee-slow-loading-sites.html. Retrieved: 2022-10-12.Google Scholar
- Daniel Margolis, Mark Risher, Binu Ramakrishnan, Alex Brotman, and Janet Jones. 2018. SMTP MTA Strict Transport Security (MTA-STS). RFC 8461. https://doi.org/10.17487/RFC8461Google ScholarDigital Library
- David Naylor, Alessandro Finamore, Ilias Leontiadis, Yan Grunenberger, Marco Mellia, Maurizio Munafò, Konstantina Papagiannaki, and Peter Steenkiste. 2014. The Cost of the "S" in HTTPS. In Proceedings of the 10th ACM International on Conference on Emerging Networking Experiments and Technologies (Sydney, Australia) (CoNEXT ’14). Association for Computing Machinery, New York, NY, USA, 133–140. https://doi.org/10.1145/2674005.2674991Google ScholarDigital Library
- Eric Rescorla. 2018. The Transport Layer Security (TLS) Protocol Version 1.3. RFC 8446. https://doi.org/10.17487/RFC8446Google ScholarDigital Library
- Eric Rescorla, Kazuho Oku, Nick Sullivan, and Christopher A. Wood. 2022. TLS Encrypted Client Hello. Internet-Draft draft-ietf-tls-esni-14. Internet Engineering Task Force. https://datatracker.ietf.org/doc/html/draft-ietf-tls-esni-14 Work in Progress.Google Scholar
- Florentin Rochet, Emery Assogba, Maxime Piraux, Korian Edeline, Benoit Donnet, and Olivier Bonaventure. 2021. TCPLS: Modern Transport Services with TCP and TLS. In Proceedings of the 17th International Conference on Emerging Networking EXperiments and Technologies (Virtual Event, Germany) (CoNEXT ’21). Association for Computing Machinery, New York, NY, USA, 45–59. https://doi.org/10.1145/3485983.3494865Google ScholarDigital Library
- Scott Rose, Matt Larson, Dan Massey, Rob Austein, and Roy Arends. 2005. DNS Security Introduction and Requirements. RFC 4033. https://doi.org/10.17487/RFC4033Google ScholarDigital Library
- Joseph A. Salowey, Hao Zhou, Hannes Tschofenig, and Pasi Eronen. 2006. Transport Layer Security (TLS) Session Resumption without Server-Side State. RFC 4507. https://doi.org/10.17487/RFC4507Google ScholarDigital Library
- Ankit Singla, Balakrishnan Chandrasekaran, P. Brighten Godfrey, and Bruce Maggs. 2014. The Internet at the Speed of Light. In Proceedings of the 13th ACM Workshop on Hot Topics in Networks (Los Angeles, CA, USA) (HotNets-XIII). Association for Computing Machinery, New York, NY, USA, 1–7. https://doi.org/10.1145/2670518.2673876Google ScholarDigital Library
- Sooel Son and Vitaly Shmatikov. 2010. The Hitchhiker’s Guide to DNS Cache Poisoning. In Security and Privacy in Communication Networks, Sushil Jajodia and Jianying Zhou (Eds.). Springer Berlin Heidelberg, Berlin, Heidelberg, 466–483.Google Scholar
- Drew Springall, Zakir Durumeric, and J. Alex Halderman. 2016. Measuring the Security Harm of TLS Crypto Shortcuts. In Proceedings of the 2016 Internet Measurement Conference (Santa Monica, California, USA) (IMC ’16). Association for Computing Machinery, New York, NY, USA, 33–47. https://doi.org/10.1145/2987443.2987480Google ScholarDigital Library
- Nick Sullivan. 2017. Introducing Zero Round Trip Time Resumption. https://blog.cloudflare.com/introducing-0-rtt. Retrieved: 2022-10-12.Google Scholar
- Srikanth Sundaresan, Nazanin Magharei, Nick Feamster, and Renata Teixeira. 2012. Accelerating Last-Mile Web Performance with Popularity-Based Prefetching. In Proceedings of the ACM SIGCOMM 2012 Conference on Applications, Technologies, Architectures, and Protocols for Computer Communication (Helsinki, Finland) (SIGCOMM ’12). Association for Computing Machinery, New York, NY, USA, 303–304. https://doi.org/10.1145/2342356.2342421Google ScholarDigital Library
- Martin Thomson and Sean Turner. 2021. Using TLS to Secure QUIC. RFC 9001. https://doi.org/10.17487/RFC9001Google ScholarDigital Library
- Filippo Valsorda. 2016. An overview of TLS 1.3 and Q&A. https://blog.cloudflare.com/tls-1-3-overview-and-q-and-a/. Retrieved: 2022-10-12.Google Scholar
- Zheng Wang. 2014. POSTER: On the Capability of DNS Cache Poisoning Attacks. In Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security (Scottsdale, Arizona, USA) (CCS ’14). Association for Computing Machinery, New York, NY, USA, 1523–1525. https://doi.org/10.1145/2660267.2662363Google ScholarDigital Library
- Paul Wouters, Hannes Tschofenig, John IETF Gilmore, Samuel Weiler, and Tero Kivinen. 2014. Using Raw Public Keys in Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS). RFC 7250. https://doi.org/10.17487/RFC7250Google ScholarDigital Library
- Noa Zilberman, Matthew Grosvenor, Diana Andreea Popescu, Neelakandan Manihatty-Bojan, Gianni Antichi, Marcin Wójcik, and Andrew W Moore. 2017. Where has my time gone¿. In International Conference on Passive and Active network measurement (PAM). Springer, 201–214.Google ScholarCross Ref
Index Terms
- ZTLS: A DNS-based Approach to Zero Round Trip Delay in TLS handshake
Recommendations
Impact of post-quantum hybrid certificates on PKI, common libraries, and protocols
In this work, we assessed the impact of post-quantum (PQ) cryptography on public key infrastructure (PKI). First, we modified a commercially available certification authority (CA) to issue 'hybrid' certificates (X.509 certificates with PQ extensions). ...
An Analysis of TLS Handshake Proxying
TRUSTCOM '15: Proceedings of the 2015 IEEE Trustcom/BigDataSE/ISPA - Volume 01Content delivery networks (CDNs) are an essential component of modern website infrastructures: edge servers located closer to users cache content, increasing robustness and capacity while decreasing latency. However, this situation becomes complicated ...
An Analysis of TLS Handshake Proxying
TRUSTCOM '15: Proceedings of the 2015 IEEE Trustcom/BigDataSE/ISPA - Volume 01Content delivery networks (CDNs) are an essential component of modern website infrastructures: edge servers located closer to users cache content, increasing robustness and capacity while decreasing latency. However, this situation becomes complicated ...
Comments