Name
Abstract | ||
|---|---|---|
End-to-end encryption is becoming the norm for many applications and services. While this improves privacy of individuals and organizations, the phenomenon also raises new kinds of challenges. For instance, with the increase of devices using encryption, the volumes of outdated, exploitable encryption software also increases. This may create some distrust amongst the users against security unless its quality is enforced in some ways. Unfortunately, deploying new mechanisms at the end-points of the communication is challenging due to the sheer volume of devices, and modifying the existing services may not be feasible either. Hence, we propose a novel method for improving the quality of the secure sessions in a centralized way based on the SDN architecture. Instead of inspecting the encrypted traffic, our approach enhances the quality of secure sessions by analyzing the plaintext handshake messages exchanged between a client and server. We exploit the fact that many of today's security protocols negotiate the security parameters such as the protocol version, encryption algorithms or certificates in plaintext in a protocol handshake before establishing a secure session. By verifying the negotiated information in the handshake, our solution can improve the security level of SSL/TLS sessions. While the approach can be extended to many other protocols, we focus on the SSL/TLS protocol in this paper because of its wide-spread use. We present our implementation for the OpenDaylight controller and evaluate its overhead to SSL/TLS session establishment in terms of latency. |
Year | Venue | Keywords |
|---|---|---|
2016 | IEEE IFIP Network Operations and Management Symposium | Software-Defined Networking,SSL/TLS,Centralized policy management,Handshake analysis,Flow verification |
Field | DocType | ISSN |
SSL acceleration,Handshake,Cryptographic protocol,Computer security,Computer science,Computer network,Encryption,Transport Layer Security,Encryption software,Authenticated encryption,Plaintext | Conference | 1542-1201 |
Citations | PageRank | References |
2 | 0.36 | 15 |
Authors | ||
4 | ||
Name | Order | Citations | PageRank |
|---|---|---|---|
| Alireza Ranjbar | 1 | 3 | 0.71 |
| Miika Komu | 2 | 88 | 10.24 |
| Patrik Salmela | 3 | 24 | 3.26 |
| Tuomas Aura | 4 | 552 | 77.28 |