Wireless Transport Layer Security (WTLS) Show
What is Wireless Transport Layer Security (WTLS)?Wireless Transport Layer Security (WTLS) is a security level for the Wireless Application Protocol (WAP), specifically for the applications that use WAP. It is based on Transport Layer Security (TLS) v1.0, which is a security layer used in the internet and is a successor to Secure Sockets Layer (SSL) 3.1. Wireless Transport Layer Security explainedWTLS was developed to address issues surrounding mobile network devices including limited memory capacity, lower processing power and low bandwidth. It also provides authentication, data integrity and privacy protection mechanisms. Designed to support datagrams in a high-latency, low-bandwidth environment, WTLS provides an optimized handshake through dynamic key refreshing, which allows encryption keys to be regularly updated during a secure session. The method helps clients and servers communicate over a secure and authenticated connection. Wireless Transport Layer Security is a security layer for the Wireless Application Protocol.TLS and Wireless Transport Layer SecurityThe WTLS layer operates above the transport protocol layer. TLS, a standard security protocol used between web browsers and web servers, was modified to develop WTLS. The modification was required because mobile networks could not guarantee end-to-end data security. Consequently, WTLS is optimized for low-bandwidth mobile devices compared to TLS (hence the "wireless"). WTLS is more efficient than TLS, and it requires fewer message exchanges. When a message is in the transport layer, WTLS provides privacy management, as well as data authorization and data integrity. Here are other differences between WTLS and TLS:
Despite these differences, WTLS offers similar functionality to TLS. Features of Wireless Transport Layer SecurityThere are several important features and benefits of WTLS. Data integrityWTLS achieves data integrity by using message authentication to ensure that the data sent between a client and gateway is not modified. PrivacyWTLS uses encryption to ensure that the data cannot be read by an unauthorized middleman or third party. AuthenticationWTLS uses digital certificates to authenticate the parties involved in a transaction or communication. Denial-of-service (DoS) protectionWTLS detects and rejects replayed messages and messages that are not successfully verified to prevent DoS attacks. Wireless Transport Layer Security helps prevent denial-of-service attacks.Wireless Transport Layer Security architectureWTLS includes two layers of protocols. The WTLS Record Protocol provides basic security to higher layer protocols. It takes user data from the next higher layer and encapsulates it in a protocol data unit. The following steps are involved in the protocol:
The record protocol header consists of record type, record length field indicator, sequence number field indicator, content type and cipher spec indicator. WTLS also defines several other important higher layer protocols. Handshake protocolThis complex WTLS protocol allows the server and client to authenticate each other. It also generates a pre-master secret, which is used to generate a master secret, which in turn is used to generate cryptographic keys. The handshake protocol must be used before application data is transmitted. How a Transport Layer Security handshake works.The protocol consists of multiple messages exchanged between client and server. The exchange consists of the following four phases:
Change cipher spec protocolConsidered the simplest WTLS protocol, the change cipher spec protocol consists of a single message of a single byte with a value of 1. The message copies the pending state into the current state, updating the cipher suite to be used on the connection. When the message arrives, the message sender sets the current write state to pending state, while the receiver does the same to the current read state. Alert protocolThis protocol conveys WTLS-related alerts to the peer entity. These alerts are compressed and encrypted. Each message consists of 2 bytes, with the first byte taking the value -- warning (1), critical (2) or fatal (3), signifying the message severity. The second byte houses the code that indicates the specific alert. For instance, if the level is fatal, WTLS immediately terminates the current secure connection. Although other connections using the session can continue, no new connections can be established on the session. Some examples of fatal alerts include the following:
WTLS sessions and connectionsWTLS supports secure connections and secure sessions. Secure connectionsA connection is a transport that provides a suitable type of service. In WTLS, connections are transient. Each connection is associated with one session. There may be multiple secure connections between any pair of parties. Secure sessionsIn WTLS, sessions define the cryptographic security parameters that can be shared across multiple connections. A session is an association between a client and a server. A number of parameters are used to define a session state, including session identifier, compression method, protocol version, sequence number and master secret. What are the security protocols at the application layer?For example, S/MIME protocol works at Application layer, SSL protocol is developed to work at transport layer, and IPsec protocol works at Network layer. In this chapter, we will discuss different processes for achieving security for e-mail communication and associated security protocols.
Is TLS endTLS is a cryptographic protocol that provides end-to-end security of data sent between applications over the Internet. It is mostly familiar to users through its use in secure web browsing, and in particular the padlock icon that appears in web browsers when a secure session is established.
Is TLS in the application layer?The TLS (and SSL) protocols are located between the application protocol layer and the TCP/IP layer, where they can secure and send application data to the transport layer. Because the protocols work between the application layer and the transport layer, TLS and SSL can support multiple application layer protocols.
What's the difference between https SSL and TLS?HTTPS is just the HTTP protocol but with data encryption using SSL/TLS. SSL is the original and now deprecated protocol created at Netscape in the mid 90s. TLS is the new protocol for secured encryption on the web maintained by IETF.
|