Abstract
We present RATLS, a companion library for OpenSSL that integrates the Trusted Computing concept of Remote Attestation into Transport Layer Security (TLS). RATLS builds upon handshake extensions that are specified in version 1.3 of the TLS standard. It therefore does not require any changes to the TLS protocol or the OpenSSL library, which offers a suitable API for handshake extensions. RATLS supports remote attestation as part of a complete TLS handshake for new connections and it augments session resumption by binding session tickets to the platform state of TLS peers. We demonstrate that RATLS enables both client and server to attest their respective software stacks using widely-used Trusted Platform Modules. Our evaluation shows that the number of round trips during handshake is the same as for traditional TLS and that session resumption can reduce cryptographic overhead caused by remote attestation for frequently communicating peers.
Author supplied keywords
Cite
CITATION STYLE
Walther, R., Weinhold, C., & Roitzsch, M. (2022). RATLS: Integrating Transport Layer Security with Remote Attestation. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 13285 LNCS, pp. 361–379). Springer Science and Business Media Deutschland GmbH. https://doi.org/10.1007/978-3-031-16815-4_20
Register to see more suggestions
Mendeley helps you to discover research relevant for your work.
