Supporting Pre-Shared Keys in Closed Implementations of TLS

Diogo Regateiro, Óscar Mortágua Pereira, Rui L. Aguiar, "Supporting Pre-Shared Keys in Closed Implementations of TLS", Proc. 6th DATA - Intl. Conf. on Data Science, Technology and Applications, Madrid, Spain, Jul 2017

Abstract

In the business world, data is generally the most important asset of a company that must be protected. However, it must be made available to provide a wide variety of services, and so it can become the target of attacks by malicious users. Such attacks can involve eavesdropping the network or gaining unauthorized access, allowing such an attacker to access sensitive information. Secure protocols, such as TLS, are usually used to mitigate these attacks. Unfortunately, most implementations force applications to use digital certificates, which may not always be desirable due to trust or monetary issues. Furthermore, implementations are usually closed and cannot be extended to support other authentication methods. In this article a methodology is proposed to slightly modify closed implementations of the TLS protocol that only support digital certificates, so pre-shared keys are used to protect the communication between two entities instead. A performance assessment is carried out on a proof-of-concept to demonstrate its feasibility and performance.

Information

Conference: 6th DATA - Intl. Conf. on Data Science, Technology and Applications in Madrid, Spain