Datagram Transport Layer Security (DTLS) is a communications protocol that provides security for datagram-based applications by allowing them to communicate in a way that is designed to prevent eavesdropping, tampering, or message forgery. The DTLS protocol is based on the stream-oriented Transport Layer Security (TLS) protocol and is intended to provide similar security guarantees. The DTLS protocol datagram preserves the semantics of the underlying transport -- the application does not suffer from the delays associated with stream protocols, but has to deal with packet reordering, loss of datagram and data larger than the size of a datagram network packet.
Video Datagram Transport Layer Security
Definition
The following documents define DTLS:
- RFC 6347 for use with User Datagram Protocol (UDP),
- RFC 5238 for use with Datagram Congestion Control Protocol (DCCP),
- RFC 5415 for use with Control And Provisioning of Wireless Access Points (CAPWAP),
- RFC 6083 for use with Stream Control Transmission Protocol (SCTP) encapsulation,
- RFC 5764 for use with Secure Real-time Transport Protocol (SRTP) subsequently called DTLS-SRTP in a draft with Secure Real-Time Transport Control Protocol (SRTCP).
DTLS 1.0 is based on TLS 1.1, and DTLS 1.2 is based on TLS 1.2.
Maps Datagram Transport Layer Security
Implementations
Libraries
Applications
- Cisco AnyConnect VPN Client uses TLS and DTLS, as does the AnyConnect-compatible open-source OpenConnect client
- Cisco InterCloud Fabric uses DTLS to form a tunnel between private and public/provider compute environments
- F5 Networks Edge VPN Client uses TLS and DTLS
- Citrix Systems NetScaler uses DTLS to secure UDP
- Web browsers: Google Chrome, Opera and Firefox support DTLS-SRTP for WebRTC
Vulnerabilities
In February 2013 two researchers from Royal Holloway, University of London discovered an attack which allowed them to recover plaintext from a DTLS connection using the OpenSSL implementation of DTLS when Cipher Block Chaining mode encryption was used.
See also
- ZRTP
- Reliable User Datagram Protocol
- QUIC
References
External links
- "Transport Layer Security (tls) - Charter". IETF.
- Modadugu, Nagendra; Rescorla, Eric (2003-11-21). "The Design and Implementation of Datagram TLS" (PDF). Stanford Crypto Group. Retrieved 2013-03-17.
- AlFardan, Nadhem J.; Paterson, Kenneth G. "Plaintext-Recovery Attacks Against Datagram TLS" (PDF). Retrieved 2013-11-25.
- Gibson, Steve; Laporte, Leo (2012-11-28). "Datagram Transport Layer Security". Security Now 380. Retrieved 2013-03-17. Skip to 1:07:14.
- Robin Seggelmann's Sample Code: echo, character generator, and discard client/servers.
This article is based on material taken from the Free On-line Dictionary of Computing prior to 1 November 2008 and incorporated under the "relicensing" terms of the GFDL, version 1.3 or later.
Source of article : Wikipedia