|
School of Engineering
and Information Sciences
Research
Seminars
(Autumn Term 2009-10)
Abstract
Tcpcrypt: The Case for Ubiquitous Transport-Level Encryption
Andrea Bittau
UCL CS (soon to be Stanford CS)
Abstract
Ubiquitous network
traffic encryption, if integrated with application-level authentication,
could solve a variety of vexing
network problems. It would, among other benefits, thwart phishing,
increase the cost and reveal the extent of eavesdropping, and protect
against spoofed packets.
We argue that
such ubiquitous encryption is best achieved at the transport layer,
where it can work through NATs, protect the integrity of vital header
fields (such as TCP's RST bit), immediately offer some protection
to unmodified legacy applications, and naturally support sessions,
the most common granularity of authentication. Neither application-
nor network-level encryption enjoys all of these properties.
We present tcpcrypt,
a cryptographic TCP extension that is practical to enable by default.
Tcpcrypt requires no cryptographic setup. It provides complete interoperability
with legacy TCP. It is engineered for performance, with the bulk
of the key exchange computation pushed to clients. A server running
our tcpcrypt prototype can perform 20 times more key negotiations
per second than an SSL-based server.
|
