Employing Public Key Infrastructure to Encapsulate Messages During Transport Layer Security Handshake Procedure

Nayeem Ahmad, Khan and Adnan Shahid, Khan and Seleviawati, Tarmizi and Azlina, Ahmadi Julaihi and Zeeshan, Ahmad (2022) Employing Public Key Infrastructure to Encapsulate Messages During Transport Layer Security Handshake Procedure. In: AiIC2022: Applied Informatics International Conference 2022, 18-19 MAY 2022, UPM MALAYSIA-VIRTUAL CONFERENCE.

PDF Employing Public - Copy.pdf Download (631kB)

Abstract

—The Transport Layer ensures that data is sent transparently between end-users while also enabling reliable data transfer services to the higher levels. Cryptographic protocols Secure Socket Layer (SSL) and Transport Layer Security (TLS) enable data encryption and authentication between various homogeneous and heterogeneous devices such as servers, computers, and software applications running all over a network. These protocols have been successfully used to protect World Wide Web communication between a client and a server that has been encoded using the HTTP protocol for many years. When communicating between client and server, these algorithms address challenges like confidentiality, integrity, availability, and non-repudiation. The significant challenge faced is the attack on these protocols. Among the reported attacks on TSL is the Drown attack which is a prevalent type of attack. In order to prevent such types of attacks, a Public Key Infrastructure (PKI) method is proposed in this study for encapsulating messages between the client and the server while doing the TLS handshake process. The proposed method removes the need for credentials, including client-server certificates and client-server key exchange.

Actions (For repository members only: login required)

View Item