The Design and Implementation of Datagram TLS

A number of applications have emerged over recent years that use datagram transport. These applications include real time video conferencing, Internet telephony, and online games such as Quake and StarCraft. These applications are all delay sensitive and use unreliable datagram transport. Applications that are based on reliable transport can be secured using TLS, but no compelling alternative exists for securing datagram based applications. In this paper we present DTLS, a datagram capable version of TLS. DTLS is extremely similar to TLS and therefore allows reuse of pre-existing protocol infrastructure. Our experimental results show that DTLS adds minimal overhead to a previously non-DTLS capable application.

[1]  Marshall T. Rose,et al.  Post Office Protocol: Version 3 , 1988, RFC.

[2]  David Brumley,et al.  Remote timing attacks are practical , 2003, Comput. Networks.

[3]  Mark R. Crispin Internet Message Access Protocol - Version 4rev1 , 1996, RFC.

[4]  Serge Vaudenay,et al.  Password Interception in a SSL/TLS Channel , 2003, CRYPTO.

[5]  Eric Rescorla,et al.  HTTP Over TLS , 2000, RFC.

[6]  William Allen Simpson,et al.  Photuris: Session-Key Management Protocol , 1999, RFC.

[7]  Erik Wilde Hypertext Transfer Protocol (HTTP) , 1999 .

[8]  Christopher Allen,et al.  The TLS Protocol Version 1.0 , 1999, RFC.

[9]  Mark Handley,et al.  SIP: Session Initiation Protocol , 1999, RFC.

[10]  Hugo Krawczyk,et al.  A Security Architecture for the Internet Protocol , 1999, IBM Syst. J..

[11]  Blake Ramsdell,et al.  S/MIME Version 3 Message Specification , 1999, RFC.

[12]  Baugher,et al.  The Secure Real-Time Transport Protocol , 2003 .

[13]  Jeffrey C. Mogul,et al.  Fragmentation considered harmful , 1987, CCRV.

[14]  Joyce K. Reynolds Post Office Protocol , 1984, RFC.

[15]  T. Dierks,et al.  The TLS protocol , 1999 .

[16]  Christian Huitema,et al.  Media Gateway Control Protocol (MGCP) Call Flows , 1999 .

[17]  Tim Berners-Lee,et al.  Hypertext transfer protocol--http/i , 1993 .

[18]  Dawn Xiaodong Song,et al.  Timing Analysis of Keystrokes and Timing Attacks on SSH , 2001, USENIX Security Symposium.

[19]  Stephen E. Deering,et al.  Path MTU discovery , 1990, RFC.

[20]  Donald E. Eastlake,et al.  Domain Name System Security Extensions , 1997, RFC.

[21]  Dan Harkins,et al.  The Internet Key Exchange (IKE) , 1998, RFC.

[22]  Mark Handley,et al.  Datagram Congestion Control Protocol (DCCP) , 2006, RFC.

[23]  Serge Vaudenay,et al.  Security Flaws Induced by CBC Padding - Applications to SSL, IPSEC, WTLS , 2002, EUROCRYPT.

[24]  G. Pal,et al.  Congestion control , 1995 .

[25]  Adi Shamir,et al.  Weaknesses in the Key Scheduling Algorithm of RC4 , 2001, Selected Areas in Cryptography.

[26]  John Nagle,et al.  Congestion control in IP/TCP internetworks , 1995, CCRV.

[27]  Randall J. Atkinson,et al.  IP Encapsulating Security Payload (ESP) , 1995, RFC.

[28]  Craig Metz,et al.  PF_KEY Key Management API, Version 2 , 1998, RFC.

[29]  Ilya Mironov,et al.  (Not So) Random Shuffles of RC4 , 2002, IACR Cryptol. ePrint Arch..

[30]  Markku-Juhani O. Saarinen Attacks against the WAP WTLS protocol , 1999, Communications and Multimedia Security.

[31]  Randall J. Atkinson,et al.  Security Architecture for the Internet Protocol , 1995, RFC.

[32]  Khawaja Amer Hayat,et al.  Password Interception in a SSL/TLS Channel , 2004 .

[33]  Henning Schulzrinne,et al.  RTP: A Transport Protocol for Real-Time Applications , 1996, RFC.