SecureTLS: Preventing DoS Attacks with Lower Layer Authentication
Abstract:
SSL/TLS has been designed to protect authenticity, integrity, and confidentiality. However, considering the possibility of TCP data injection, as described in [Wa04], it becomes obvious that this protocol is vulnerable to DoS attacks just because it is layered upon TCP. In this paper, we analyze DoS-attacks on SSL/TLS and describe a simple, yet effective way to provide protection for SSL/TLS by protecting the underlying TCP connection. We focus on a simple, feasible, and efficient solution, trying to balance security and usability issues by using the built-in key exchange of SSL/TLS to initialize TCP's MD5 option.
| Zugehörige Institution(en) am KIT | Institut für Telematik (TM) |
| Publikationstyp | Buchaufsatz |
| Publikationsjahr | 2007 |
| Sprache | Englisch |
| Identifikator | ISBN: 978-3-540-69961-3 KITopen-ID: 1000013735 |
| Erschienen in | Kommunikation in Verteilten Systemen (KiVS) 2007. Hrsg.: T. Braun |
| Verlag | Springer-Verlag |
| Seiten | 235-248 |
| Serie | Informatik aktuell |