Title: Enhanced performance for the encrypted web through TLS resumption across hostnames
Abstract: TLS can resume previous connections via abbreviated resumption handshakes that decrease the delay and save expensive cryptographic operations by reusing cryptographic TLS state from previous connections. TLS version 1.3 recommends avoiding resumption handshakes, when connecting to a different hostname. In this work, we reassess this recommendation, as we find that sharing cryptographic TLS state across hostnames is a common practice on the web. We propose a TLS extension that allows the server to inform the client about TLS state sharing with other hostnames. This information enables the client to efficiently resume TLS sessions across hostnames. Our evaluation indicates that our TLS extension provides performance gains for the web. For example, about 58.7% of the 20.24 full TLS handshakes that are required to retrieve an average website on the web can be converted to resumed connection establishments which reduces the CPU time consumed for TLS connection establishments by 44%. Furthermore, our TLS extension accelerates the connection establishment with an average website by up to 30.7%. Thus, our proposal significantly reduces the (energy) costs and the delay overhead in the encrypted web.