TLS session resume concurrency?

Victor Duchovni Victor.Duchovni at MorganStanley.com
Fri Feb 11 14:00:10 EST 2005


On Fri, Feb 11, 2005 at 11:31:16AM -0500, Tim Dierks wrote:

> On Thu, 10 Feb 2005 15:59:04 -0500, Victor Duchovni
> <Victor.Duchovni at morganstanley.com> wrote:
> > If the symmetric cypher is fully re-keyed when sessions are resumed
> > while avoiding the fresh start PKI overhead, then life is simple
> > and sessions can be re-used unmodified. Otherwise I may need to
> > ponder on designs for a multi-valued cache.
> 
> I don't fully understand how you phrased the question in the two deleted
> paragraphs, but this one accurately describes the SSL/TLS session cache:
> it holds a shared secret derived from the original key exchange. For each
> connection, completely new encryption & authentication keys are derived
> from this shared secret and per-connection random nonces provided by each
> party. One session can be safely reused for many connections, either
> serially or in parallel. The session cache is also write-once: starting a
> new connection from a session needn't update the cached secret or other
> parameters.
> 

Thanks, this is very useful. This means that the Postfix session cache
does not need multiple cached sessions per end-point. That makes TLS
session management much easier. A single initial session can be re-used
by overlapping subsequent deliveries.

-- 

 /"\ ASCII RIBBON                  NOTICE: If received in error,
 \ / CAMPAIGN     Victor Duchovni  please destroy and notify
  X AGAINST       IT Security,     sender. Sender does not waive
 / \ HTML MAIL    Morgan Stanley   confidentiality or privilege,
                                   and use is prohibited.

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com



More information about the cryptography mailing list