Language:
You're in PublicationsThe Cost of the "S" in HTTPS

 

The Cost of the "S" in HTTPS

David Naylor, Alessandro Finamore, Ilias Leontiadis, Yan Grunenberger, Marco Mellia, Maurizio M. Munafò, Kostantina Papagiannaki, Peter Steenkiste.

The Cost of the "S" in HTTPS

Proceedings of the 10th ACM International on Conference on emerging Networking Experiments and Technologies (CoNEXT), Sidney, Australia, ISBN: 978-1-4503-3279-8, December 2-5, 2014

 

Abstract

 

Increased user concern over security and privacy on the Internet has led to widespread adoption of HTTPS, the secure version of HTTP. HTTPS authenticates the communicating end points and provides confidentiality for the ensuing communication. However, as with any security solution, it does not come for free. HTTPS may introduce overhead in terms of infrastructure costs, communication latency, data usage, and energy consumption. Moreover, given the opaqueness of the encrypted communication, any innetwork value added services requiring visibility into application layer content, such as caches and virus scanners, become ineffective.

This paper attempts to shed some light on these costs. First, taking advantage of datasets collected from large ISPs, we examine the accelerating adoption of HTTPS over the last three years. Second, we quantify the direct and indirect costs of this evolution. Our results show that, indeed, security does not come for free. This work thus aims to stimulate discussion on technologies that can mitigate the costs of HTTPS while still protecting the user’s privacy. 

 

Download Here