Abstract
The Transport Layer Security (TLS) 1.3 protocol supports a fast zero round-trip time (0-RTT) session resumption mechanism, enabling clients to send data in their first flight of messages. This protocol has been designed with Web infrastructure in mind, and requires these first messages to not change any state on the server side, as it is susceptible to replay attacks. This is disastrous for common IoT scenarios, where sensors often transmit state-changing data to servers. As bandwidth is a huge concern in the IoT, the field stands to benefit significantly from an efficient session resumption protocol that does not suffer from these limitations. Building on the observation that in IoT scenarios the set of clients is often bounded and fairly static, we propose rTLS (ratchet TLS), an efficient 0-RTT session resumption protocol that dramatically decreases bandwidth overhead, while adding forward secrecy and breakin resilience, and is not susceptible against replay attacks.
Original language | English |
---|---|
Title of host publication | Proceedings of the 22nd International Conference on Information and Communications Security |
Place of Publication | 9783030610777 |
Publisher | Springer |
Publication date | 2020 |
Pages | 243-258 |
DOIs | |
Publication status | Published - 2020 |
Event | 2020 International Conference on Information and Communications Security - Virtual event Duration: 24 Aug 2020 → 27 Aug 2020 |
Conference
Conference | 2020 International Conference on Information and Communications Security |
---|---|
Location | Virtual event |
Period | 24/08/2020 → 27/08/2020 |
Keywords
- Network
- Security
- IoT
- IIoT
- TLS
- Protocol