ChaCha20-Poly1305 Crypto Core Compatible with Transport Layer Security 1.3

Protokol MQTT merupakan salah satu protokol IoT dengan konsep publisher, subscriber, dan broker. Penerapan protokol MQTT dengan fitur keamanan dapat menggunakan Transport Layer Security (TLS). Pada makalah ini, fitur keamanan TLS pada MQTT akan diimplementasikan untuk mengirim data sinyal EKG. Sinyal EKG berbeda setiap orang dan merupakan privasi bagi pasien, karena dari sinyal EKG ini juga dapat digunakan untuk melihat penyakit pasien tersebut. Proses transmisi pada MQTT Security (MQTTS) akan menggunakan file kunci yang telah dibuat oleh broker. File kunci ini akan diberikan kepada client supaya bisa melakukan komunikasi, mengirim dan menerima data yang telah terenkripsi. Enkripsi data dilakukan karena adanya file kunci ini sehingga proses transmisi lebih aman. Hasil analisis perhitungan selisih besar paket sebelum dan setelah pengiriman pada QoS 0 adalah 152,6458 byte dan 139,4504 byte. Sedangkan QoS 1 sebesar 99,7932 byte dan 115,5321 byte. Kedua QoS menunjukkan selisih yang cukup besar, tetapi disisi lain pegiriman data menjadi lebih aman. Pada pengujian waktu yang diperlukan untuk proses enkripsi, QoS 0 menghasilkan waktu rata-rata 0,7 ms, QoS 1 menunjukkan hasil lebih lama yaitu 9,6 ms dikarenakan penambahan sinyal kontrol pada QoS 1. Hasil uji integritas data dengan cross-correlation , QoS 0 dan QoS 1 menunjukkan nilai 1 pada lag ke-0 yang artinya data yang dikirim dan diterima tidak terdapat perubahan (sama).

Download Full-text

Session Description Protocol (SDP) Offer/Answer Procedures for Stream Control Transmission Protocol (SCTP) over Datagram Transport Layer Security (DTLS) Transport

10.17487/rfc8841 ◽

2021 ◽

Author(s):

C. Holmberg ◽

R. Shpount ◽

S. Loreto ◽

G. Camarillo

Keyword(s):

Transport Layer ◽

Transmission Protocol ◽

Stream Control Transmission Protocol ◽

Transport Layer Security ◽

Stream Control

Download Full-text

Transport Layer Security (TLS)/Secure Socket Layer (SSL)

Cyber-Sicherheit ◽

10.1007/978-3-658-25398-1_11 ◽

2019 ◽

pp. 407-438

Author(s):

Norbert Pohlmann

Keyword(s):

Transport Layer ◽

Secure Socket Layer ◽

Transport Layer Security

Download Full-text

The Quick UDP Internet Connection (QUIC) and Transport Layer Security 1.3 Standards

Global Standard Setting in Internet Governance ◽

10.1093/oso/9780198841524.003.0004 ◽

2020 ◽

pp. 62-79

Author(s):

Alison Harcourt ◽

George Christou ◽

Seamus Simpson

Keyword(s):

Shock Waves ◽

National Security ◽

Security Protocols ◽

Transport Layer ◽

Window Of Opportunity ◽

National Security Agency ◽

Digital Rights ◽

Security Issues ◽

Internet Connection ◽

Transport Layer Security

Chapter 4 examines the effect of Snowden on security protocols. For twenty years, Secure Sockets Layer (SSL) and its successor Transport Layer Security (TLS) provided security for Internet traffic. However, the TLS 1.2 protocol developed in 2008 suffered from a series of implementation and security issues. The 2013 Snowden revelations sent shock waves through the engineering community. The extent of the targeting of protocol vulnerabilities by security agencies had been greatly underestimated by the IETF. By 2016, Cisco, Fortinet, and Juniper revealed that the National Security Agency (NSA) had successfully targeted its firewalls for years. However, stasis within the IETF barred upgrade to TLS 1.3. The chapter analyses the emergence and contestation of potential solutions to TLS and how the parallel development of the QUIC protocol by Google opened a window of opportunity to enhance security. The agreement on TLS 1.3 in March 2018 was supported by digital rights groups.

Download Full-text

On Cryptographically Strong Bindings of SAML Assertions to Transport Layer Security

International Journal of Mobile Computing and Multimedia Communications ◽

10.4018/jmcmc.2011100102 ◽

2011 ◽

Vol 3 (4) ◽

pp. 20-35

Author(s):

Florian Kohlar ◽

Jörg Schwenk ◽

Meiko Jensen ◽

Sebastian Gajek

Keyword(s):

Identity Management ◽

Transport Layer ◽

The Public ◽

Web Technologies ◽

Transport Layer Security ◽

Man In The Middle ◽

Federated Identity Management ◽

Same Origin Policy ◽

Security Guarantees ◽

Federated Identity

In recent research, two approaches to protect SAML based Federated Identity Management (FIM) against man-in-the-middle attacks have been proposed. One approach is to bind the SAML assertion and the SAML artifact to the public key contained in a TLS client certificate. Another approach is to strengthen the Same Origin Policy of the browser by taking into account the security guarantees TLS gives. This work presents a third approach which is of further interest beyond IDM protocols, especially for mobile devices relying heavily on the security offered by web technologies. By binding the SAML assertion to cryptographically derived values of the TLS session that has been agreed upon between client and the service provider, this approach provides anonymity of the (mobile) browser while allowing Relying Party and Identity Provider to detect the presence of a man-in-the-middle attack.

Download Full-text