1 / 8

Datagram Transport Layer Security (DTLS)

Datagram Transport Layer Security (DTLS). Eric Rescorla IETF 60 Apps Open Area Meeting. Overview. One liner: Secure communication layer for unreliable datagram transport TLS only works over reliable transport Broken by packet loss and reordering Our approach:

hthurston
Download Presentation

Datagram Transport Layer Security (DTLS)

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Datagram Transport Layer Security (DTLS) Eric Rescorla IETF 60 Apps Open Area Meeting

  2. Overview • One liner: • Secure communication layer for unreliable datagram transport • TLS only works over reliable transport • Broken by packet loss and reordering • Our approach: • DTLS, derived from TLS: works over Datagram transport (UDP, SCTP unreliable mode)

  3. Motivation (1) • Datagram protocols are in wide use • Internet Telephony Signaling (SIP) • Video streaming/conferencing • Online gaming • Network management (SNMP) • None of these can use TLS or IPsec • Lots of ad-hoc security/key-exchange protocols (SIP/S-MIME, SNMPv3, … ) • Why not IPsec?

  4. Motivation (2) • Why not use IPsec? • Better suited for host-host security, than application-application security • Runs in the kernel • Non-uniform IPsec API’s • Complicated, inter-operability issues • Key exchange complicated (IKE, JFK, IKEv2) • Neither TLS nor IPsec are suitable, so design something new...

  5. Why begin with TLS? • TLS is popular (and it works) • Inherit desirable properties from TLS • Familiar model • Simple API • In-band key exchange • Easy to implement per connection policies • Availability of stable open-source code • No kernel changes • Runs in user-land • Can be packaged with applications • Relatively easy to patch

  6. Basic principle: bang for the buck • Start with TLS • Make only the most minimal required changes • To deal with loss and reordering • Avoid making any “improvements” • Be as similar to TLS as possible

  7. DTLS Protocol Overview • Protocol flow same as TLS • Initial handshake (2-3 round trips) • Data sent in DTLS records • Provide reliability for handshake phase • Using standard timeout and retransmits • Stateless processing of application data records • TLS 1.1 already supports this for block ciphers • No support for stream ciphers

  8. Status • Currently an individual submission • draft-rescorla-dtls-00.txt • Looking for input • Paper in ISOC NDSS 2004 • http://crypto.stanford.edu/~nagendra/dtls.pdf • Reference implementation in progress • Based on OpenSSL • API looks just like sockets... • Plan to make this publicly available

More Related