Diego R. L?pez

Multi-Context TLS (mcTLS): Enabling Secure In-Network Functionality in TLS

By: 
David Naylor, Kyle Schomp, Matteo Varvello, Ilias Leontiadis, Jeremy Blackburn, Diego R. L?pez, Konstantina Papagiannaki, Pablo Rodriguez Rodriguez, Peter Steenkiste
Appears in: 
CCR August 2015

A significant fraction of Internet traffic is now encrypted and HTTPS will likely be the default in HTTP/2. However, Transport Layer Security (TLS), the standard protocol for encryption in the Internet, assumes that all functionality resides at the endpoints, making it impossible to use in-network services that optimize network resource usage, improve user experience, and protect clients and servers from security threats. Re-introducing in-network functionality into TLS sessions today is done through hacks, often weakening overall security.

Syndicate content