INTEGRATING A SIGNATURE MODULE IN SSL/TLS

Ibrahim Hajjeh, Ahmed Serhrouchni

2004

Abstract

SSL/TLS is currently the most deployed security protocol on the Internet. SSL/TLS provides end-to-end secure communications between two entities with authentication and data protection. However, what is missing from the protocol is a way to provide the non-repudiation service. In this paper, we describe a generic implementation of the non-repudiation service as an optional module in the SSL/TLS protocol. This approach provides both parties with evidence that the transaction has taken place and a clear separation with application design and development. We discuss the motivation for our approach and our proposed architecture.

References

  1. Kambourakis, G., Rouskas, A.N. and Gritzalis, S., (2002). Using SSL/TLS in Authentication and Key Agreement Procedures of Future Mobile Networks. In IEEE MWCN'02, 4th IEEE Int Conf on Mobile and Wireless Communications Networks 2002, Stockholm, Sweden.
  2. Wichert, M., Ingham, D. et al., (1999). Non-repudiation Evidence Generation for CORBA using XML. In ACSAC'99, 15th Annual Computer Security Applications Conference, Scottsdale, AZ, USA.
  3. Jackson K., Tuecke S. and al., (2001). TLS Delegation Protocol, In GGF17801, First Global Grid Forum & European Datagrid Conference, Amsterdam.
  4. Kalishi B., (1998). Cryptographic Message Syntax Version 1.5, [Request for Comments], IETF, No. 2315.
  5. Dierks, T., (1999). The TLS Protocol Version 1.0, [Request for Comments], IETF, No. 2246
  6. Housley R., (2002). Cryptographic Message Syntax (CMS), [Request for Comments], IETF, No. 3369.
  7. Kent, S. and Atkinson, R., (1998). Security Architecture for the Internet Protocol, [Request for Comments], IETF, No. 2401.
  8. Dusse, S., Hoffman, P. and al., (1998). S/MIMEv2 Message Spec, [Request for Comments], IETF, No. 2311.
  9. Housley R., (2002). Cryptographic Message Syntax (CMS), [Request for Comments], IETF, No. 3369.
  10. Freier, A., Karlton, P. and Kocker, P., (1996). The SSL Protocol, Version 3.0.
  11. Blake-Wilson S., Nystrom, M. and al., (2003). Transport Layer Security (TLS) Extensions, [Request for Comments], IETF, No. 3546
  12. Ford, W. and Baum M., (1994). Secure Electronic Commerce: Building the Infrastructure for Digital Signatures and Encryption, ISBN 0-13-476342-4.
  13. ITU-T Recommendation X.509, (1997). Information Technology - Open Systems Interconnection - The Directory: Authentication Framework.11
  14. Ylonen, T. and Moffat, D., (2003). SSH Prot. Arch. [Draft]“draft-ietf-secsh-architecture-15.txt”, IETF.
Download


Paper Citation


in Harvard Style

Hajjeh I. and Serhrouchni A. (2004). INTEGRATING A SIGNATURE MODULE IN SSL/TLS . In Proceedings of the First International Conference on E-Business and Telecommunication Networks - Volume 2: ICETE, ISBN 972-8865-15-5, pages 305-310. DOI: 10.5220/0001395903050310


in Bibtex Style

@conference{icete04,
author={Ibrahim Hajjeh and Ahmed Serhrouchni},
title={INTEGRATING A SIGNATURE MODULE IN SSL/TLS},
booktitle={Proceedings of the First International Conference on E-Business and Telecommunication Networks - Volume 2: ICETE,},
year={2004},
pages={305-310},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0001395903050310},
isbn={972-8865-15-5},
}


in EndNote Style

TY - CONF
JO - Proceedings of the First International Conference on E-Business and Telecommunication Networks - Volume 2: ICETE,
TI - INTEGRATING A SIGNATURE MODULE IN SSL/TLS
SN - 972-8865-15-5
AU - Hajjeh I.
AU - Serhrouchni A.
PY - 2004
SP - 305
EP - 310
DO - 10.5220/0001395903050310