Datagram Transport Layer Security

From Wikipedia, the free encyclopedia
  (Redirected from DTLS)
Jump to: navigation, search
Not to be confused with TDLS.

In information technology, the Datagram Transport Layer Security (DTLS) protocol provides communications privacy for datagram protocols. DTLS allows datagram-based applications to communicate in a way that is designed to prevent eavesdropping, tampering, or message forgery. The DTLS protocol is based on the stream-oriented Transport Layer Security (TLS) protocol and is intended to provide similar security guarantees. The datagram semantics of the underlying transport are preserved by the DTLS protocol — the application will not suffer from the delays associated with stream protocols, but will have to deal with packet reordering, loss of datagram and data larger than a datagram network packet size.

Definition[edit]

The following documents define DTLS:

DTLS 1.0 is based on TLS 1.1, and DTLS 1.2 is based on TLS 1.2.

TLS basis of DTLS
Version DTLS 1.0 DTLS 1.2
Based on TLS 1.1 TLS 1.2

Implementations[edit]

Libraries[edit]

Library support for DTLS
Implementation DTLS 1.0[2] DTLS 1.2[3]
Botan Yes Yes
cryptlib No No
CyaSSL Yes Yes
GnuTLS Yes Yes
libsystools[4] Yes No
MatrixSSL Yes Yes
Network Security Services Yes[5] Yes[6]
OpenSSL Yes Yes[7]
LibreSSL Yes No
mbed TLS (previously PolarSSL) Beta[8] Beta[8]
Python[9][10] Yes No
RSA BSAFE No No
SChannel XP/2003, Vista/2008 No No
SChannel 7/2008R2, 8/2012, 8.1/2012R2, 10 Technical Preview Yes[11] Yes[11]
Secure Transport OS X 10.2-10.7 / iOS 1-4 No No
Secure Transport OS X 10.8-10.10 / iOS 5-8 Yes[a] No
SharkSSL No No
Java Secure Socket Extension No No
Implementation DTLS 1.0 DTLS 1.2
  1. ^ DTLS 1.0 are available on iOS 5.0 and later, and OS X 10.8 and later.[12]

Applications[edit]

Vulnerabilities[edit]

In February 2013 two researchers from Royal Holloway, University of London discovered an attack[16] which allowed them to recover plaintext from a DTLS connection when Cipher Block Chaining mode encryption was used.

See also[edit]

References[edit]

External links[edit]

This article is based on material taken from the Free On-line Dictionary of Computing prior to 1 November 2008 and incorporated under the "relicensing" terms of the GFDL, version 1.3 or later.