Menu
I'm looking for options for securing UDP traffic (mainly real-time video) on a wireless network (802.11). Any suggestions apart from Datagram Transport Layer Security (DTLS)?
Thanks.
421
DTLS (Datagram transport Layer Security) is a protocol that provides privacy for UDP communications.
Security for UDP The connection-oriented methods of TCP make security much easier to implement in that protocol in UDP. However, there are encryption standards available for UDP. The main option that directly aims at security UDP is the Datagram Transport Layer Security protocol or DTLS.
SSL/TLS typically runs on top of TCP, but there is nothing to stop you from running it on UDP, SCTP or any other transport layer protocol. As a matter of fact HTTPS over TCP and UDP are both defined as "well known" by IANA and have reserved port numbers.
UDP has no algorithm for verifying that the source of the sending packet is the source that it seems to be. An attacker can therefore eavesdrop on UDP/IP packets and make up a false packet pretending the packet is sent from another source (spoofing).
You must be more clear about the attacks you are trying to defend against. For instance if your only concern is spoofing then you can use a Diffie–Hellman key exchange to transfer a secret between 2 parties. Then this secret can be used to generate an Message Authentication Code for each packet.
If you need any more protection I strongly recommend using DTLS. It should be noted that all TLS/SSL connections can be resumed so you can cut down on the number of handshakes. Also, certificates are free.
171
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
