To address the challenge of prohibitively high TLS handshake overhead for resource-constrained devices in Industrial Internet of Things (IIoT) deployments, this paper proposes the first bidirectional TLS handshake caching mechanism. Leveraging the reusability of static handshake elements—particularly certificates—the method implements message caching and reuse atop wolfSSL, significantly reducing bandwidth consumption and computational cost during connection establishment while preserving full TLS security guarantees. Experimental evaluation demonstrates up to 61.1% reduction in handshake bandwidth usage, an 8.5% decrease in computational overhead, and bounded, predictable memory overhead. This work pioneers the application of bidirectional caching to TLS handshake optimization, establishing a novel paradigm for lightweight secure communication that simultaneously achieves high efficiency and strict protocol compliance.

While TLS has become the de-facto standard for end-to-end security, its use to secure critical communication in evolving industrial IoT scenarios is severely limited by prevalent resource constraints of devices and networks. Most notably, the TLS handshake to establish secure connections incurs significant bandwidth and processing overhead that often cannot be handled in constrained environments. To alleviate this situation, we present BiTHaC which realizes bidirectional TLS handshake caching by exploiting that significant parts of repeated TLS handshakes, especially certificates, are static. Thus, redundant information neither needs to be transmitted nor corresponding computations performed, saving valuable bandwidth and processing resources. By implementing BiTHaC for wolfSSL, we show that we can reduce the bandwidth consumption of TLS handshakes by up to 61.1% and the computational overhead by up to 8.5%, while incurring only well-manageable memory overhead and preserving the strict security guarantees of TLS.