RATLS: Integrating Transport Layer Security with Remote Attestation
Research output: Contribution to book/Conference proceedings/Anthology/Report › Conference contribution › Contributed › peer-review
Contributors
Abstract
We present RATLS, a companion library for OpenSSL that integrates the Trusted Computing concept of Remote Attestation into Transport Layer Security (TLS). RATLS builds upon handshake extensions that are specified in version 1.3 of the TLS standard. It therefore does not require any changes to the TLS protocol or the OpenSSL library, which offers a suitable API for handshake extensions. RATLS supports remote attestation as part of a complete TLS handshake for new connections and it augments session resumption by binding session tickets to the platform state of TLS peers. We demonstrate that RATLS enables both client and server to attest their respective software stacks using widely-used Trusted Platform Modules. Our evaluation shows that the number of round trips during handshake is the same as for traditional TLS and that session resumption can reduce cryptographic overhead caused by remote attestation for frequently communicating peers.
Details
Original language | English |
---|---|
Title of host publication | Applied Cryptography and Network Security Workshops |
Publisher | Springer, Cham |
Pages | 361–379 |
Number of pages | 19 |
Edition | 1 |
ISBN (electronic) | 978-3-031-16815-4 |
ISBN (print) | 978-3-031-16814-7 |
Publication status | Published - 24 Sept 2022 |
Peer-reviewed | Yes |
External IDs
Scopus | 85140481071 |
---|
Keywords
ASJC Scopus subject areas
Keywords
- Remote attestation, TLS, TPM, Trusted computing