Chuchotage: In-line Software Network Protocol Translation for (D)TLS
Nikbakht Bideh, Pegah LU
and Paladi, Nicolae
LU
(2022)
Proceedings of the 24th International Conference on Information and Communications Security, ICICS'22
p.589-607
- Abstract
- The growing diversity of connected devices leads to complex network deployments, often made up of endpoints that implement in- compatible network application protocols. Communication between heterogeneous network protocols was traditionally enabled by hardware translators or gateways. However, such solutions are increasingly unfit to address the security, scalability, and latency requirements of modern software-driven deployments. To address these shortcomings we propose Chuchotage, a protocol translation architecture for secure and scalable machine-to-machine communication. Chuchotage enables in-line TLS interception and confidential protocol translation for software-defined networks. Translation is done in ephemeral, flow-specific... (More)
- The growing diversity of connected devices leads to complex network deployments, often made up of endpoints that implement in- compatible network application protocols. Communication between heterogeneous network protocols was traditionally enabled by hardware translators or gateways. However, such solutions are increasingly unfit to address the security, scalability, and latency requirements of modern software-driven deployments. To address these shortcomings we propose Chuchotage, a protocol translation architecture for secure and scalable machine-to-machine communication. Chuchotage enables in-line TLS interception and confidential protocol translation for software-defined networks. Translation is done in ephemeral, flow-specific Trusted Execution Environments and scales with the number of network flows. Our evaluation of Chuchotage implementing an HTTP to CoAP translation indicates a minimal transmission and translation overhead, allowing its integration with legacy or outdated deployments. (Less)
Please use this url to cite or link to this publication:
https://lup.lub.lu.se/record/065726f2-959a-47dd-b812-d008417ec522
- author
- Nikbakht Bideh, Pegah
LU
and Paladi, Nicolae
LU
- organization
- publishing date
- 2022-09-30
- type
- Chapter in Book/Report/Conference proceeding
- publication status
- published
- subject
- keywords
- Protocol conversion, IoT, Application layer protocols, Software Defined Networking, TLS, Cross-Layer Optimisation
- host publication
- Proceedings of the 24th International Conference on Information and Communications Security (ICICS'22)
- pages
- 589 - 607
- conference name
- Proceedings of the 24th International Conference on Information and Communications Security, ICICS'22
- conference location
- Canterbury, United Kingdom
- conference dates
- 2022-09-05 - 2022-09-08
- external identifiers
-
- scopus:85137058344
- DOI
- 10.1007/978-3-031-15777-6_32
- project
- Säkra mjukvaruuppdateringar för den smarta staden
- language
- English
- LU publication?
- yes
- id
- 065726f2-959a-47dd-b812-d008417ec522
- date added to LUP
- 2022-06-22 09:14:20
- date last changed
- 2022-11-09 11:18:20
@inproceedings{065726f2-959a-47dd-b812-d008417ec522,
abstract = {{The growing diversity of connected devices leads to complex network deployments, often made up of endpoints that implement in- compatible network application protocols. Communication between heterogeneous network protocols was traditionally enabled by hardware translators or gateways. However, such solutions are increasingly unfit to address the security, scalability, and latency requirements of modern software-driven deployments. To address these shortcomings we propose Chuchotage, a protocol translation architecture for secure and scalable machine-to-machine communication. Chuchotage enables in-line TLS interception and confidential protocol translation for software-defined networks. Translation is done in ephemeral, flow-specific Trusted Execution Environments and scales with the number of network flows. Our evaluation of Chuchotage implementing an HTTP to CoAP translation indicates a minimal transmission and translation overhead, allowing its integration with legacy or outdated deployments.}},
author = {{Nikbakht Bideh, Pegah and Paladi, Nicolae}},
booktitle = {{Proceedings of the 24th International Conference on Information and Communications Security (ICICS'22)}},
keywords = {{Protocol conversion; IoT; Application layer protocols; Software Defined Networking; TLS; Cross-Layer Optimisation}},
language = {{eng}},
month = {{09}},
pages = {{589--607}},
title = {{Chuchotage: In-line Software Network Protocol Translation for (D)TLS}},
url = {{https://lup.lub.lu.se/search/files/120476534/chuchotage.pdf}},
doi = {{10.1007/978-3-031-15777-6_32}},
year = {{2022}},
}