Skip to main content
Information Security

Questions tagged [dtls]

Ask Question

DTLS is a secure transport layer over datagram (UDP), similar to TLS.

7 questions
Newest Active Bountied Unanswered
1 vote
0 answers
32 views

Security considerations in choosing DTLS connection IDs

Are there any security concerns with choosing highly structured or short connection IDs for use in DTLS? For example: 32bit connection IDs handed out sequentially: There is obviously statistical data ...
Perseids's user avatar
Perseids
  • 262
0 votes
0 answers
26 views

Define DH parametes in python-mbedtls [migrated]

I'm using python-mbedtls library - https://github.com/Synss/python-mbedtls/tree/master my goal is to create handshake with different cipher suites, I've managed to do so with the given server and ...
some random dude's user avatar
some random dude
  • 1
1 vote
0 answers
105 views

With SCTP and SHA-1 the random parameters are exchanged in init and init ack. What is used as HMAC key?

SCTP INIT has client random parameter. SCTP INIT ACK has server random parameter. There are no shared keys. Using SHA-1, what key does the client or server use when performing the HMAC calculation? ...
Jay Johnson's user avatar
Jay Johnson
  • 11
0 votes
3 answers
1k views

DTLS vs direct use of AES. What are the threats unique for direct use of AES instead of DTLS?

For regular traffic in mesh network (between Internet of Thing devices) customer decided to use one of two options: DTLS PSK ciphersuite - DTLS based on pre-shared symmetric key or direct use of AES -...
Vlad's user avatar
Vlad
  • 51
3 votes
1 answer
635 views

Why is DTLS-SRTP more efficient for RTP/RTCP than just DTLS 1.2?

While I understand the differences between DTLS-SRTP and pure DTLS, I cannot find much information on why exactly is DTLS-SRTP really "optimized" over generic DTLS 1.2. RFC 5764's Introduction ...
asinix's user avatar
asinix
  • 261
6 votes
1 answer
1k views

How to pentest DTLS-SRTP?

I'm currently working on a penetration test about DTLS-SRTP strengths and weaknesses. But I'm stuck on an eavesdropping test using Wireshark. Yes, it's protected by SRTP, but: What's DTLS actually ...
alsterisk's user avatar
alsterisk
  • 61
39 votes
2 answers
45k views

What changed between TLS and DTLS

What did the DTLS (TLS over UDP) authors have to change so that it could run without TCP? Bonus points: Do any of the protocol difference affect the way it should be used, both in terms of interface ...
tylerl's user avatar
tylerl
  • 83.7k