Datagram Transport Layer Security
Datagram Transport Layer Security (DTLS) is a communications protocol that provides security for datagram-based applications by allowing them to communicate in a way that is designed[1][2] to prevent eavesdropping, tampering, or message forgery. The DTLS protocol is based on the stream-oriented Transport Layer Security (TLS) protocol and is intended to provide similar security guarantees. The DTLS protocol datagram preserves the semantics of the underlying transport — the application does not suffer from the delays associated with stream protocols, but because it uses UDP, the application has to deal with packet reordering, loss of datagram and data larger than the size of a datagram network packet. Because DTLS uses UDP rather than TCP, it avoids the "TCP meltdown problem".[3][4] when being used to create a VPN tunnel.
Definition
The following documents define DTLS:
- RFC 6347 for use with User Datagram Protocol (UDP),
- RFC 5238 for use with Datagram Congestion Control Protocol (DCCP),
- RFC 5415 for use with Control And Provisioning of Wireless Access Points (CAPWAP),
- RFC 6083 for use with Stream Control Transmission Protocol (SCTP) encapsulation,
- RFC 5764 for use with Secure Real-time Transport Protocol (SRTP) subsequently called DTLS-SRTP in a draft with Secure Real-Time Transport Control Protocol (SRTCP).[5]
DTLS 1.0 is based on TLS 1.1, and DTLS 1.2 is based on TLS 1.2. There is no DTLS 1.1; that version number was skipped in order to harmonize version numbers with TLS.[2]
Implementations
Libraries
| Implementation | DTLS 1.0[1] | DTLS 1.2[2] |
|---|---|---|
| Botan | Yes | Yes |
| cryptlib | No | No |
| GnuTLS | Yes | Yes |
| Java Secure Socket Extension | Yes | Yes |
| LibreSSL | Yes | No |
| libsystools[6] | Yes | No |
| MatrixSSL | Yes | Yes |
| mbed TLS (previously PolarSSL) | Yes[7] | Yes[7] |
| Network Security Services | Yes[8] | Yes[9] |
| OpenSSL | Yes | Yes[10] |
| PyDTLS[11][12] | Yes | Yes |
| RSA BSAFE | No | No |
| s2n | No | No |
| SChannel XP/2003, Vista/2008 | No | No |
| SChannel 7/2008R2, 8/2012, 8.1/2012R2, 10 | Yes[13] | No[13] |
| SChannel 10 (1607), 2016 | Yes | Yes[14] |
| Secure Transport OS X 10.2–10.7 / iOS 1–4 | No | No |
| Secure Transport OS X 10.8–10.10 / iOS 5–8 | Yes[15] | No |
| SharkSSL | No | No |
| tinydtls [16] | No | Yes |
| Waher.Security.DTLS [17] | No | Yes |
| wolfSSL (previously CyaSSL) | Yes | Yes |
| Implementation | DTLS 1.0 | DTLS 1.2 |
Applications
- Cisco AnyConnect VPN Client uses TLS and DTLS,[18] as does the AnyConnect-compatible open-source OpenConnect client
- Cisco InterCloud Fabric uses DTLS to form a tunnel between private and public/provider compute environments[19]
- F5 Networks Edge VPN Client uses TLS and DTLS[20]
- Citrix Systems NetScaler uses DTLS to secure UDP[21]
- Web browsers: Google Chrome, Opera and Firefox support DTLS-SRTP[22] for WebRTC
Vulnerabilities
In February 2013 two researchers from Royal Holloway, University of London discovered an attack[23] which allowed them to recover plaintext from a DTLS connection using the OpenSSL implementation of DTLS when Cipher Block Chaining mode encryption was used.
See also
References
- 1 2 RFC 4347
- 1 2 3 RFC 6347
- ↑ Titz, Olaf (2001-04-23). "Why TCP Over TCP Is A Bad Idea". Retrieved 2015-10-17.
- ↑ Honda, Osamu; Ohsaki, Hiroyuki; Imase, Makoto; Ishizuka, Mika; Murayama, Junichi (October 2005). "Understanding TCP over TCP: effects of TCP tunneling on end-to-end throughput and latency". Bibcode:2005SPIE.6011..138H. doi:10.1117/12.630496. Missing or empty
|url=(help);|access-date=requires|url=(help) - ↑ Peck, M.; Igoe, K. (2012-09-25). "Suite B Profile for Datagram Transport Layer Security / Secure Real-time Transport Protocol (DTLS-SRTP)". IETF.
- ↑ Julien Kauffmann. "libsystools: A TLS/DTLS open source library for Windows/Linux using OpenSSL". Sourceforge.
- 1 2 "mbed TLS 2.0.0 released". ARM. 2015-07-13. Retrieved 2015-08-25.
- ↑ "NSS 3.14 release notes". Mozilla Developer Network. Mozilla. Retrieved 2012-10-27.
- ↑ "NSS 3.16.2 release notes". Mozilla Developer Network. Mozilla. 2014-06-30. Retrieved 2014-06-30.
- ↑ "As of version 1.0.2". The OpenSSL Project. The OpenSSL Project. 2015-01-22. Retrieved 2015-01-26.
- ↑ Ray Brown. "pydtls - Datagram Transport Layer Security for Python". GitHub.
- ↑ Ray Brown. "DTLS for Python". Python Software Foundation.
- 1 2 "An update is available that adds support for DTLS in Windows 7 SP1 and Windows Server 2008 R2 SP1". Microsoft. Retrieved 13 November 2012.
- ↑ Justinha. "TLS (Schannel SSP) changes in Windows 10 and Windows Server 2016". docs.microsoft.com. Retrieved 2017-09-01.
- ↑ "Technical Note TN2287: iOS 5 and TLS 1.2 Interoperability Issues". iOS Developer Library. Apple Inc. Retrieved 2012-05-03.
- ↑ Olaf Bergmann. "tinydtls". Eclipse Foundation.
- ↑ Peter Waher. "Waher.Security.DTLS". Waher Data AB.
- ↑ "AnyConnect FAQ: tunnels, reconnect behavior, and the inactivity timer". Cisco. Retrieved 26 February 2017.
- ↑ "Cisco InterCloud Architectural Overview" (PDF). Cisco Systems.
- ↑ "f5 Datagram Transport Layer Security (DTLS)". f5 Networks.
- ↑ "Configuring a DTLS Virtual Server". Citrix Systems.
- ↑ "WebRTC Interop Notes". Archived from the original on 2013-05-11.
- ↑ Plaintext-Recovery Attacks Against Datagram TLS
External links
- "Transport Layer Security (tls) - Charter". IETF.
- Modadugu, Nagendra; Rescorla, Eric (2003-11-21). "The Design and Implementation of Datagram TLS" (PDF). Stanford Crypto Group. Retrieved 2013-03-17.
- AlFardan, Nadhem J.; Paterson, Kenneth G. "Plaintext-Recovery Attacks Against Datagram TLS" (PDF). Retrieved 2013-11-25.
- Gibson, Steve; Laporte, Leo (2012-11-28). "Datagram Transport Layer Security". Security Now 380. Retrieved 2013-03-17. Skip to 1:07:14.
- Robin Seggelmann's Sample Code: echo, character generator, and discard client/servers.
This article is based on material taken from the Free On-line Dictionary of Computing prior to 1 November 2008 and incorporated under the "relicensing" terms of the GFDL, version 1.3 or later.