rTLS: Secure and Efficient TLS Session Resumption for the Internet of Things †

In recent years, the Transport Layer Security (TLS) protocol has enjoyed rapid growth as a security protocol for the Internet of Things (IoT). In its newest iteration, TLS 1.3, the Internet Engineering Task Force (IETF) has standardized a zero round-trip time (0-RTT) session resumption sub-protocol,...

Descripción completa

Detalles Bibliográficos
Autores principales: Tange, Koen, Mödersheim, Sebastian, Lalos, Apostolos, Fafoutis, Xenofon, Dragoni, Nicola
Formato: Online Artículo Texto
Lenguaje:English
Publicado: MDPI 2021
Materias:
Article
Acceso en línea:https://www.ncbi.nlm.nih.gov/pmc/articles/PMC8512771/
https://www.ncbi.nlm.nih.gov/pubmed/34640844
http://dx.doi.org/10.3390/s21196524
_version_ 1784583076525899776
author Tange, Koen
Mödersheim, Sebastian
Lalos, Apostolos
Fafoutis, Xenofon
Dragoni, Nicola
author_facet Tange, Koen
Mödersheim, Sebastian
Lalos, Apostolos
Fafoutis, Xenofon
Dragoni, Nicola
author_sort Tange, Koen
collection PubMed
description In recent years, the Transport Layer Security (TLS) protocol has enjoyed rapid growth as a security protocol for the Internet of Things (IoT). In its newest iteration, TLS 1.3, the Internet Engineering Task Force (IETF) has standardized a zero round-trip time (0-RTT) session resumption sub-protocol, allowing clients to already transmit application data in their first message to the server, provided they have shared session resumption details in a previous handshake. Since it is common for IoT devices to transmit periodic messages to a server, this 0-RTT protocol can help in reducing bandwidth overhead. Unfortunately, the sub-protocol has been designed for the Web and is susceptible to replay attacks. In our previous work, we adapted the 0-RTT protocol to strengthen it against replay attacks, while also reducing bandwidth overhead, thus making it more suitable for IoT applications. However, we did not include a formal security analysis of the protocol. In this work, we address this and provide a formal security analysis using OFMC. Further, we have included more accurate estimates on its performance, as well as making minor adjustments to the protocol itself to reduce implementation ambiguity and improve resilience.
format Online
Article
Text
id pubmed-8512771
institution National Center for Biotechnology Information
language English
publishDate 2021
publisher MDPI
record_format MEDLINE/PubMed
spelling pubmed-85127712021-10-14 rTLS: Secure and Efficient TLS Session Resumption for the Internet of Things † Tange, Koen Mödersheim, Sebastian Lalos, Apostolos Fafoutis, Xenofon Dragoni, Nicola Sensors (Basel) Article In recent years, the Transport Layer Security (TLS) protocol has enjoyed rapid growth as a security protocol for the Internet of Things (IoT). In its newest iteration, TLS 1.3, the Internet Engineering Task Force (IETF) has standardized a zero round-trip time (0-RTT) session resumption sub-protocol, allowing clients to already transmit application data in their first message to the server, provided they have shared session resumption details in a previous handshake. Since it is common for IoT devices to transmit periodic messages to a server, this 0-RTT protocol can help in reducing bandwidth overhead. Unfortunately, the sub-protocol has been designed for the Web and is susceptible to replay attacks. In our previous work, we adapted the 0-RTT protocol to strengthen it against replay attacks, while also reducing bandwidth overhead, thus making it more suitable for IoT applications. However, we did not include a formal security analysis of the protocol. In this work, we address this and provide a formal security analysis using OFMC. Further, we have included more accurate estimates on its performance, as well as making minor adjustments to the protocol itself to reduce implementation ambiguity and improve resilience. MDPI 2021-09-29 /pmc/articles/PMC8512771/ /pubmed/34640844 http://dx.doi.org/10.3390/s21196524 Text en © 2021 by the authors. https://creativecommons.org/licenses/by/4.0/Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/).
spellingShingle Article
Tange, Koen
Mödersheim, Sebastian
Lalos, Apostolos
Fafoutis, Xenofon
Dragoni, Nicola
rTLS: Secure and Efficient TLS Session Resumption for the Internet of Things †
title rTLS: Secure and Efficient TLS Session Resumption for the Internet of Things †
title_full rTLS: Secure and Efficient TLS Session Resumption for the Internet of Things †
title_fullStr rTLS: Secure and Efficient TLS Session Resumption for the Internet of Things †
title_full_unstemmed rTLS: Secure and Efficient TLS Session Resumption for the Internet of Things †
title_short rTLS: Secure and Efficient TLS Session Resumption for the Internet of Things †
title_sort rtls: secure and efficient tls session resumption for the internet of things †
topic Article
url https://www.ncbi.nlm.nih.gov/pmc/articles/PMC8512771/
https://www.ncbi.nlm.nih.gov/pubmed/34640844
http://dx.doi.org/10.3390/s21196524
work_keys_str_mv AT tangekoen rtlssecureandefficienttlssessionresumptionfortheinternetofthings
AT modersheimsebastian rtlssecureandefficienttlssessionresumptionfortheinternetofthings
AT lalosapostolos rtlssecureandefficienttlssessionresumptionfortheinternetofthings
AT fafoutisxenofon rtlssecureandefficienttlssessionresumptionfortheinternetofthings
AT dragoninicola rtlssecureandefficienttlssessionresumptionfortheinternetofthings

Ejemplares similares