首页    期刊浏览 2024年12月05日 星期四
登录注册

文章基本信息

  • 标题:Vulnerability-Tolerant Transport Layer Security
  • 作者:Andr{\'e} Joaquim ; Miguel L. Pardal ; Miguel Correia
  • 期刊名称:LIPIcs : Leibniz International Proceedings in Informatics
  • 电子版ISSN:1868-8969
  • 出版年度:2018
  • 卷号:95
  • 页码:28:1-28:16
  • DOI:10.4230/LIPIcs.OPODIS.2017.28
  • 出版社:Schloss Dagstuhl -- Leibniz-Zentrum fuer Informatik
  • 摘要:SSL/TLS communication channels play a very important role in Internet security, including cloud computing and server infrastructures. There are often concerns about the strength of the encryption mechanisms used in TLS channels. Vulnerabilities can lead to some of the cipher suites once thought to be secure to become insecure and no longer recommended for use or in urgent need of a software update. However, the deprecation/update process is very slow and weeks or months can go by before most web servers and clients are protected, and some servers and clients may never be updated. In the meantime, the communications are at risk of being intercepted and tampered by attackers. In this paper we propose an alternative to TLS to mitigate the problem of secure commu- nication channels being susceptible to attacks due to unexpected vulnerabilities in its mechan- isms. Our solution, called Vulnerability-Tolerant Transport Layer Security (vtTLS), is based on diversity and redundancy of cryptographic mechanisms and certificates to ensure a secure communication even when one or more mechanisms are vulnerable. Our solution relies on a combination of k cipher suites which ensure that even if k − 1 cipher suites are insecure or vul- nerable, the remaining cipher suite keeps the communication channel secure. The performance and cost of vtTLS were evaluated and compared with OpenSSL, one of the most widely used implementations of TLS.
  • 关键词:Secure communication channels; Transport layer security; SSL/TLS; Diversity; Redundancy; Vulnerability tolerance
Loading...
联系我们|关于我们|网站声明
国家哲学社会科学文献中心版权所有