Top

Published in:

2020 | OriginalPaper | Chapter

rTLS: Lightweight TLS Session Resumption for Constrained IoT Devices

Authors : Koen Tange, David Howard, Travis Shanahan, Stefano Pepe, Xenofon Fafoutis, Nicola Dragoni

Published in: Information and Communications Security

Publisher: Springer International Publishing

Activate our intelligent search to find suitable subject content or patents.

search-config

AI-assisted search

Off

Abstract

The Transport Layer Security (TLS) 1.3 protocol supports a fast zero round-trip time (0-RTT) session resumption mechanism, enabling clients to send data in their first flight of messages. This protocol has been designed with Web infrastructure in mind, and requires these first messages to not change any state on the server side, as it is susceptible to replay attacks. This is disastrous for common IoT scenarios, where sensors often transmit state-changing data to servers. As bandwidth is a huge concern in the IoT, the field stands to benefit significantly from an efficient session resumption protocol that does not suffer from these limitations. Building on the observation that in IoT scenarios the set of clients is often bounded and fairly static, we propose rTLS (ratchet TLS), an efficient 0-RTT session resumption protocol that dramatically decreases bandwidth overhead, while adding forward secrecy and break-in resilience, and is not susceptible against replay attacks.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

previous chapter Attributes Affecting User Decision to Adopt a Virtual Private Network (VPN) App

next chapter PiDicators: An Efficient Artifact to Detect Various VMs

Authentication protocols for internet of things: A comprehensive survey. Security and Communication Networks

AT&T: LTE-M and NB-IoT. https://www.business.att.com/products/lpwa.html

Bergmann, O., Gerdes, S., Bormann, C.: Simple keys for simple smart objects. In: Workshop on Smart Object Security (2012)

Bormann, C., Ersue, M., Keränen, A.: Terminology for Constrained-Node Networks. RFC 7228, May 2014. https://doi.org/10.17487/RFC7228. https://rfc-editor.org/rfc/rfc7228.txt

Cohn-Gordon, K., Cremers, C., Dowling, B., Garratt, L., Stebila, D.: A formal security analysis of the signal messaging protocol. In: 2017 IEEE European Symposium on Security and Privacy (EuroS&P), pp. 451–466, April 2017. https://doi.org/10.1109/EuroSP.2017.27

Rescorla, E., Barnes, R., Tschofenig, H.: Compact TLS 1.3 (IETF draft). https://datatracker.ietf.org/doc/draft-rescorla-tls-ctls/

Gupta, V., et al.: Sizzle: a standards-based end-to-end security architecture for the embedded internet. Technical report, USA (2005)

Hall-Andersen, M., Wong, D., Sullivan, N., Chator, A.: NQUIC: noise-based QUIC packet protection. In: Proceedings of the Workshop on the Evolution, Performance, and Interoperability of QUIC, EPIQ 2018, pp. 22–28. Association for Computing Machinery, New York (2018). https://doi.org/10.1145/3284850.3284854

Hologram: Hologram pricing. https://hologram.io/pricing/

10.

Salowey, J., Zhou, H., Eronen, P., Tschofenig, H.: Transport Layer Security (TLS) Session Resumption without Server-Side State. RFC 5077, January 2008. https://doi.org/10.17487/RFC5077, https://rfc-editor.org/rfc/rfc8446.txt

11.

Kothmayr, T., Schmitt, C., Hu, W., Brünig, M., Carle, G.: A DTLS based end-to-end security architecture for the internet of things with two-way authentication. In: 37th Annual IEEE Conference on Local Computer Networks - Workshops, pp. 956–963, October 2012. https://doi.org/10.1109/LCNW.2012.6424088

12.

NIST: Lightweight Cryptography. https://csrc.nist.gov/projects/lightweight-cryptography

13.

OpenSSL Software Foundation: OpenSSL. https://www.openssl.org

14.

Perrin, T., Marlinspike, M.: The double ratchet algorithm (2016). https://www.signal.org/docs/specifications/doubleratchet/doubleratchet.pdf

15.

Raza, S., Trabalza, D., Voigt, T.: 6LoWPAN compressed DTLS for CoAP. In: 2012 IEEE 8th International Conference on Distributed Computing in Sensor Systems, pp. 287–289, May 2012. https://doi.org/10.1109/DCOSS.2012.55

16.

Rescorla, E.: The Transport Layer Security (TLS) Protocol Version 1.3. RFC 8446, August 2018. https://doi.org/10.17487/RFC8446, https://rfc-editor.org/rfc/rfc8446.txt

17.

Rescorla, E., Dierks, T.: The Transport Layer Security (TLS) Protocol Version 1.2. RFC 5246, August 2008. https://doi.org/10.17487/RFC5246, https://rfc-editor.org/rfc/rfc5246.txt

18.

Rescorla, E., Modadugu, N.: Datagram Transport Layer Security. RFC 4347, April 2006. https://doi.org/10.17487/RFC4347, https://rfc-editor.org/rfc/rfc4347.txt

19.

Santesson, S., Tschofenig, H.: Transport Layer Security (TLS) Cached Information Extension. RFC 7924, July 2016. https://doi.org/10.17487/RFC7924, https://rfc-editor.org/rfc/rfc7924.txt

20.

Systems, O.: Signal. https://www.signal.org

21.

Verizon: Verizon thingspace. https://thingspace.verizon.com/service/connectivity/

22.

WhatsApp: Whatsapp encryption overview. https://www.whatsapp.com/security/WhatsApp-Security-Whitepaper.pdf

23.

WolfSSL: TLS 1.3 Protocol Support. https://www.wolfssl.com/docs/tls13/

24.

Wouters, P., Tschofenig, H., Gilmore, J., Weiler, S., Kivinen, T.: Using Raw Public Keys in Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS). RFC 7250, June 2014. https://doi.org/10.17487/RFC7250, https://rfc-editor.org/rfc/rfc7250.txt

Title: rTLS: Lightweight TLS Session Resumption for Constrained IoT Devices
Authors: Koen Tange
David Howard
Travis Shanahan
Stefano Pepe
Xenofon Fafoutis
Nicola Dragoni
Publisher: Springer International Publishing
Book: Information and Communications Security
Print ISBN: 978-3-030-61077-7

Electronic ISBN: 978-3-030-61078-4

Copyright Year: 2020
DOI: https://doi.org/10.1007/978-3-030-61078-4_14

Springer Professional

Abstract

Please log in to get access to your license.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Springer Professional "Technik"

Springer Professional "Wirtschaft"

Premium Partner