2014
DOI: 10.17487/rfc7250
|View full text |Cite
|
Sign up to set email alerts
|

Using Raw Public Keys in Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS)

Abstract: This document specifies a new certificate type and two TLS extensions for exchanging raw public keys in Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS). The new certificate type allows raw public keys to be used for authentication.

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
1
1
1
1

Citation Types

0
6
0

Year Published

2017
2017
2021
2021

Publication Types

Select...
4
2
2

Relationship

0
8

Authors

Journals

citations
Cited by 28 publications
(6 citation statements)
references
References 9 publications
0
6
0
Order By: Relevance
“…In the first approach, the two peers own one or more symmetric pre-shared keys [19], and the Client can suggest to the Server which key it intends to use during the Handshake. In the second approach, the peers rely on asymmetric key pairs, and public keys are exchanged either as conveyed in public certificates [8] or as raw public keys [51] generated by manufacturers and installed on nodes before deployment. A node must use out-of-band means for validating raw public keys received from other peers, and usually retains a list of trusted peer identities.…”
Section: Transport Layer Securitymentioning
confidence: 99%
“…In the first approach, the two peers own one or more symmetric pre-shared keys [19], and the Client can suggest to the Server which key it intends to use during the Handshake. In the second approach, the peers rely on asymmetric key pairs, and public keys are exchanged either as conveyed in public certificates [8] or as raw public keys [51] generated by manufacturers and installed on nodes before deployment. A node must use out-of-band means for validating raw public keys received from other peers, and usually retains a list of trusted peer identities.…”
Section: Transport Layer Securitymentioning
confidence: 99%
“…Therefore, authentication is ensured offline or when an out-of-band mechanism binds the public key to the entity/identity which the key represents. To reduce the certificate burden on resource-constrained devices and to increase efficiency, the use of raw public keys for TLS and DTLS has been standardized by the IETF [24]. In addition, even though these schemes require less messaging than certificates and identities, they can only be used for small network scenarios where each node's public key is known in advance to all other nodes.…”
Section: Identity-based Cryptographymentioning
confidence: 99%
“…The Double Ratchet Algorithm [14] is a cryptographic protocol enabling highly secure, asymmetric message exchange. Originally developed for Signal [20], it is now also used in WhatsApp [22]. It has received significant cryptographic attention and has been formally verified [5].…”
Section: Double Ratchet Algorithmmentioning
confidence: 99%