March 2018
Beginner to intermediate
410 pages
10h 40m
English
Since UDP is not based on connections, it is easy for anybody to transmit datagrams to anyone, on any port. For this reason, DTLS needs to have a mechanism that prevents the injection of datagrams into existing sessions, or sessions being negotiated. It must also be able to reject replays of earlier conversations. It does this by introducing explicit counters into datagrams, and it adds a client cookie, which is typically calculated on attributes the server can retrieve from the client.
This adds a pair of messages to the handshake, compared to TLS. But if we use an AES CCM PSK cipher suite to authenticate and encrypt data, we avoid the overhead of sending certificates, which might require multiple datagrams to ...
Read now
Unlock full access