The Design and Implementation of Datagram TLS
نویسندگان
چکیده
A number of applications have emerged over recent years that use datagram transport. These applications include real time video conferencing, Internet telephony, and online games such as Quake and StarCraft. These applications are all delay sensitive and use unreliable datagram transport. Applications that are based on reliable transport can be secured using TLS, but no compelling alternative exists for securing datagram based applications. In this paper we present DTLS, a datagram capable version of TLS. DTLS is extremely similar to TLS and therefore allows reuse of pre-existing protocol infrastructure. Our experimental results show that DTLS adds minimal overhead to a previously non-DTLS capable application.
منابع مشابه
Design and Implementation of SCTP-aware DTLS
There is currently no widely accepted and deployed approach to provide security for the Stream Control Transmission Protocol (SCTP). A promising new approach is to use the Datagram Transport Layer Security (DTLS) protocol, adding an encryption and authentication layer between transport and application protocol. The adaption for SCTP supports all features without compromising security or requiri...
متن کاملPlaintext-Recovery Attacks Against Datagram TLS
The Datagram Transport Layer Security (DTLS) protocol provides confidentiality and integrity of data exchanged between a client and a server. We describe an efficient and full plaintext recovery attack against the OpenSSL implementation of DTLS, and a partial plaintext recovery attack against the GnuTLS implementation of DTLS. The attack against the OpenSSL implementation is a variant of Vauden...
متن کاملPadding Oracle Attacks
For the security of communication channels in today’s networks and encryption of messages therein, applications and their users rely on cryptographic protocols. These are supposed to provide confidentiality and integrity of message contents. They are relied upon by online shopping, banking, communication, scientific applications, and many others. Design errors in standard definition documents o...
متن کاملAES-CCM Cipher Suites for Transport Layer Security (TLS)
This memo describes the use of the Advanced Encryption Standard (AES) in the Counter with Cipher Block Chaining Message Authentication Code (CBC-MAC) Mode (CCM) of operation within Transport Layer Security (TLS) and Datagram TLS (DTLS) to provide confidentiality and data origin authentication. The AES-CCM algorithm is amenable to compact implementations, making it suitable for constrained envir...
متن کاملSummarizing Known Attacks on Transport Layer Security (TLS) and Datagram TLS (DTLS)
Over the last few years, there have been several serious attacks on Transport Layer Security (TLS), including attacks on its most commonly used ciphers and modes of operation. This document summarizes these attacks, with the goal of motivating generic and protocol-specific recommendations on the usage of TLS and Datagram TLS (DTLS). (IETF). It represents the consensus of the IETF community. It ...
متن کامل