KIT | KIT-Bibliothek | Impressum | Datenschutz

SecureTLS: Preventing DoS Attacks with Lower Layer Authentication

Völker, Lars; Schöller, Marcus

Abstract:
SSL/TLS has been designed to protect authenticity, integrity, and confidentiality. However, considering the possibility of TCP data injection, as described in [Wa04], it becomes obvious that this protocol is vulnerable to DoS attacks just because it is layered upon TCP. In this paper, we analyze DoS-attacks on SSL/TLS and describe a simple, yet effective way to provide protection for SSL/TLS by protecting the underlying TCP connection. We focus on a simple, feasible, and efficient solution, trying to balance security and usability issues by using the built-in key exchange of SSL/TLS to initialize TCP's MD5 option.


Zugehörige Institution(en) am KIT Institut für Telematik (TM)
Publikationstyp Buchaufsatz
Jahr 2007
Sprache Englisch
Identifikator ISBN: 978-3-540-69961-3
KITopen-ID: 1000013735
Erschienen in Kommunikation in Verteilten Systemen (KiVS) 2007. Hrsg.: T. Braun
Verlag Springer, Berlin
Seiten 235-248
Serie Informatik aktuell
KIT – Die Forschungsuniversität in der Helmholtz-Gemeinschaft KITopen Landing Page