Chuchotage: In-line Software Network Protocol Translation for (D)TLS

Pegah Nikbakht Bideh; Nicolae Paladi

doi:10.1007/978-3-031-15777-6_32

Chuchotage: In-line Software Network Protocol Translation for (D)TLS

Pegah Nikbakht Bideh, Nicolae Paladi

CanaryBit AB

Forskningsoutput: Kapitel i bok/rapport/Conference proceeding › Konferenspaper i proceeding › Peer review

207 Nedladdningar (Pure)

Sammanfattning

The growing diversity of connected devices leads to complex network deployments, often made up of endpoints that implement in- compatible network application protocols. Communication between heterogeneous network protocols was traditionally enabled by hardware translators or gateways. However, such solutions are increasingly unfit to address the security, scalability, and latency requirements of modern software-driven deployments. To address these shortcomings we propose Chuchotage, a protocol translation architecture for secure and scalable machine-to-machine communication. Chuchotage enables in-line TLS interception and confidential protocol translation for software-defined networks. Translation is done in ephemeral, flow-specific Trusted Execution Environments and scales with the number of network flows. Our evaluation of Chuchotage implementing an HTTP to CoAP translation indicates a minimal transmission and translation overhead, allowing its integration with legacy or outdated deployments.

Originalspråk	engelska
Titel på värdpublikation	Proceedings of the 24th International Conference on Information and Communications Security (ICICS'22)
Sidor	589-607
DOI	https://doi.org/10.1007/978-3-031-15777-6_32
Status	Published - 2022 sep. 30
Evenemang	Proceedings of the 24th International Conference on Information and Communications Security, ICICS'22 - Canterbury, Storbritannien Varaktighet: 2022 sep. 5 → 2022 sep. 8

Konferens

Konferens	Proceedings of the 24th International Conference on Information and Communications Security, ICICS'22
Land/Territorium	Storbritannien
Ort	Canterbury
Period	2022/09/05 → 2022/09/08

Ämnesklassifikation (UKÄ)

Datavetenskap (datalogi)

Tillgång till dokument

10.1007/978-3-031-15777-6_32

Chuchotage-IoT-protocol-translation.pdfAccepterat manuskript från författare, 569 KB

SMARTY: Säkra mjukvaruuppdateringar för den smarta staden
Hell, M. (PI), Magnusson, B. (PI), Gehrmann, C. (CoI), Paladi, N. (Forskare), Karlsson, L. (Forskare), Sönnerup, J. (Forskare), Johnsson, B. A. (Forskare), Hedin, G. (Forskare), Nordahl, M. (Forskare), Pagnin, E. (Forskare), Kundu, R. (Forskare), Åkesson, A. (Forskare), Stankovski Wagner, P. (Forskare) & Ramezanian, S. (Forskare)
Stiftelsen för Strategisk Forskning, SSF
2018/03/01 → 2024/12/31
Projekt: Forskning

Citera det här

@inproceedings{065726f2959a47ddb812d008417ec522,

title = "Chuchotage: In-line Software Network Protocol Translation for (D)TLS",

abstract = "The growing diversity of connected devices leads to complex network deployments, often made up of endpoints that implement in- compatible network application protocols. Communication between heterogeneous network protocols was traditionally enabled by hardware translators or gateways. However, such solutions are increasingly unfit to address the security, scalability, and latency requirements of modern software-driven deployments. To address these shortcomings we propose Chuchotage, a protocol translation architecture for secure and scalable machine-to-machine communication. Chuchotage enables in-line TLS interception and confidential protocol translation for software-defined networks. Translation is done in ephemeral, flow-specific Trusted Execution Environments and scales with the number of network flows. Our evaluation of Chuchotage implementing an HTTP to CoAP translation indicates a minimal transmission and translation overhead, allowing its integration with legacy or outdated deployments.",

keywords = "Protocol conversion, IoT, Application layer protocols, Software Defined Networking, TLS, Cross-Layer Optimisation",

author = "{Nikbakht Bideh}, Pegah and Nicolae Paladi",

year = "2022",

month = sep,

day = "30",

doi = "10.1007/978-3-031-15777-6_32",

language = "English",

pages = "589--607",

booktitle = "Proceedings of the 24th International Conference on Information and Communications Security (ICICS'22)",

note = "Proceedings of the 24th International Conference on Information and Communications Security, ICICS'22 ; Conference date: 05-09-2022 Through 08-09-2022",

}

Nikbakht Bideh, P & Paladi, N 2022, Chuchotage: In-line Software Network Protocol Translation for (D)TLS. i Proceedings of the 24th International Conference on Information and Communications Security (ICICS'22). s. 589-607, Proceedings of the 24th International Conference on Information and Communications Security, ICICS'22, Canterbury, Storbritannien, 2022/09/05. https://doi.org/10.1007/978-3-031-15777-6_32

TY - GEN

T1 - Chuchotage: In-line Software Network Protocol Translation for (D)TLS

AU - Nikbakht Bideh, Pegah

AU - Paladi, Nicolae

PY - 2022/9/30

Y1 - 2022/9/30

N2 - The growing diversity of connected devices leads to complex network deployments, often made up of endpoints that implement in- compatible network application protocols. Communication between heterogeneous network protocols was traditionally enabled by hardware translators or gateways. However, such solutions are increasingly unfit to address the security, scalability, and latency requirements of modern software-driven deployments. To address these shortcomings we propose Chuchotage, a protocol translation architecture for secure and scalable machine-to-machine communication. Chuchotage enables in-line TLS interception and confidential protocol translation for software-defined networks. Translation is done in ephemeral, flow-specific Trusted Execution Environments and scales with the number of network flows. Our evaluation of Chuchotage implementing an HTTP to CoAP translation indicates a minimal transmission and translation overhead, allowing its integration with legacy or outdated deployments.

AB - The growing diversity of connected devices leads to complex network deployments, often made up of endpoints that implement in- compatible network application protocols. Communication between heterogeneous network protocols was traditionally enabled by hardware translators or gateways. However, such solutions are increasingly unfit to address the security, scalability, and latency requirements of modern software-driven deployments. To address these shortcomings we propose Chuchotage, a protocol translation architecture for secure and scalable machine-to-machine communication. Chuchotage enables in-line TLS interception and confidential protocol translation for software-defined networks. Translation is done in ephemeral, flow-specific Trusted Execution Environments and scales with the number of network flows. Our evaluation of Chuchotage implementing an HTTP to CoAP translation indicates a minimal transmission and translation overhead, allowing its integration with legacy or outdated deployments.

KW - Protocol conversion

KW - IoT

KW - Application layer protocols

KW - Software Defined Networking

KW - TLS

KW - Cross-Layer Optimisation

U2 - 10.1007/978-3-031-15777-6_32

DO - 10.1007/978-3-031-15777-6_32

M3 - Paper in conference proceeding

SP - 589

EP - 607

BT - Proceedings of the 24th International Conference on Information and Communications Security (ICICS'22)

T2 - Proceedings of the 24th International Conference on Information and Communications Security, ICICS'22

Y2 - 5 September 2022 through 8 September 2022

ER -

Chuchotage: In-line Software Network Protocol Translation for (D)TLS

Sammanfattning

Konferens

Ämnesklassifikation (UKÄ)

Tillgång till dokument

Fingeravtryck

Projekt

SMARTY: Säkra mjukvaruuppdateringar för den smarta staden

Citera det här