Presentation is loading. Please wait.

Presentation is loading. Please wait.

Small(er) Footprint for TLS Implementations Hannes Tschofenig Smart Object Security workshop, March 2012, Paris.

Published byAbigail Powers Modified over 9 years ago

Similar presentations

Presentation on theme: "Small(er) Footprint for TLS Implementations Hannes Tschofenig Smart Object Security workshop, March 2012, Paris."— Presentation transcript:

1 Small(er) Footprint for TLS Implementations Hannes Tschofenig Smart Object Security workshop, March 2012, Paris

2 How do the communication relationships look like? For example: Does your smart object talk to only a small set of pre-defined servers?

3 Following the recommendations in RFC 4101 “Writing Protocol Models” helps to make these important design aspect transparent.

4 What security threats do you care about? What security services do you have to offer?

5 RFC 3552 “Guidelines for Writing RFC Text on Security Considerations” offers valuable guidance.

6 TLS (or DTLS) may be the right building block for your problem; it also offers a lot of flexibility. Different credentials (pre-shared secrets, passwords, asymmetric crypto, etc.) Various authentication and key exchange protocols Numerous algorithms for usage with data traffic protection Session Resumption (with and without server-side state) Alternative key validation techniques Possibility to replace record layer

7 Unfortunately, there is no magic! Lower footprint means fewer functions or more dependencies/assumptions

8 Note: The code was compiled under Ubuntu Linux using the -Os compiler flag setting for a 64- bit AMD machine.

9 Parts omitted by raw public key implementation

Download ppt "Small(er) Footprint for TLS Implementations Hannes Tschofenig Smart Object Security workshop, March 2012, Paris."

Similar presentations

RadSec – A better RADIUS protocol

RadSec – A better RADIUS protocol
Dynamic Symmetric Key Provisioning Protocol (DSKPP)

Dynamic Symmetric Key Provisioning Protocol (DSKPP)
Internet Protocol Security (IP Sec)

Internet Protocol Security (IP Sec)
Z39.50 and Cryptography ZIG July 13 th 2000 Poul Henrik Jørgensen, DBC

Z39.50 and Cryptography ZIG July 13 th 2000 Poul Henrik Jørgensen, DBC
TLS. 14.1 Introduction 14.2 TLS Record Protocol 14.3 TLS Handshake Protocol 14.4 Summary.

TLS Introduction 14.2 TLS Record Protocol 14.3 TLS Handshake Protocol 14.4 Summary.
Performance and Efficiency in Wireless Security Terry Fletcher, Senior Security Architect Chrysalis-ITS

Performance and Efficiency in Wireless Security Terry Fletcher, Senior Security Architect Chrysalis-ITS
Transport Layer Security (TLS) Protocol Introduction to networks and communications(CS555) Prof : Dr Kurt maly Student:Abhinav y.

Transport Layer Security (TLS) Protocol Introduction to networks and communications(CS555) Prof : Dr Kurt maly Student:Abhinav y.
IETF OAuth Proof-of-Possession

IETF OAuth Proof-of-Possession
Lecture 23 Internet Authentication Applications

Lecture 23 Internet Authentication Applications
Cryptography and Network Security

Cryptography and Network Security
Mobile Mobile OS and Application Team: Kwok Tak Chi Law Tsz Hin So Ting Wai.

Mobile Mobile OS and Application Team: Kwok Tak Chi Law Tsz Hin So Ting Wai.
Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.

Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.
IEEE 802.11 Wireless Local Area Networks (WLAN’s).

IEEE Wireless Local Area Networks (WLAN’s).
EECC694 - Shaaban #1 lec #16 Spring2000 5-4-2000 Properties of Secure Network Communication Secrecy: Only the sender and intended receiver should be able.

EECC694 - Shaaban #1 lec #16 Spring Properties of Secure Network Communication Secrecy: Only the sender and intended receiver should be able.
ACE – Design Considerations Corinna Schmitt IETF ACE WG meeting July 23, 2014 1.

ACE – Design Considerations Corinna Schmitt IETF ACE WG meeting July 23,
Chapter 17 TACACS+.

Chapter 17 TACACS+.
SSL (Secure Socket Layer) and Secure Web Pages Rob Sodders, University of Florida CIS4930 “Advanced Web Design” Spring 2004

SSL (Secure Socket Layer) and Secure Web Pages Rob Sodders, University of Florida CIS4930 “Advanced Web Design” Spring 2004
Key Management Guidelines. 1. Introduction 2. Glossary of Terms and Acronyms 3. Cryptographic Algorithms, Keys and Other Keying Material 4. Key Management.

Key Management Guidelines. 1. Introduction 2. Glossary of Terms and Acronyms 3. Cryptographic Algorithms, Keys and Other Keying Material 4. Key Management.
EAP Overview (Extensible Authentication Protocol) Team Golmaal: Vaibhav Sharma Vineet Banga Manender Verma Lovejit Sandhu Abizar Attar.

EAP Overview (Extensible Authentication Protocol) Team Golmaal: Vaibhav Sharma Vineet Banga Manender Verma Lovejit Sandhu Abizar Attar.
1 Confidential Authentication Session Hannes Tschofenig.

1 Confidential Authentication Session Hannes Tschofenig.

Similar presentations

Ads by Google