Skip to main content

Lund University Publications

LUND UNIVERSITY LIBRARIES

Chuchotage: In-line Software Network Protocol Translation for (D)TLS

Nikbakht Bideh, Pegah LU orcid and Paladi, Nicolae LU orcid (2022) Proceedings of the 24th International Conference on Information and Communications Security, ICICS'22 p.589-607
Abstract
The growing diversity of connected devices leads to complex network deployments, often made up of endpoints that implement in- compatible network application protocols. Communication between heterogeneous network protocols was traditionally enabled by hardware translators or gateways. However, such solutions are increasingly unfit to address the security, scalability, and latency requirements of modern software-driven deployments. To address these shortcomings we propose Chuchotage, a protocol translation architecture for secure and scalable machine-to-machine communication. Chuchotage enables in-line TLS interception and confidential protocol translation for software-defined networks. Translation is done in ephemeral, flow-specific... (More)
The growing diversity of connected devices leads to complex network deployments, often made up of endpoints that implement in- compatible network application protocols. Communication between heterogeneous network protocols was traditionally enabled by hardware translators or gateways. However, such solutions are increasingly unfit to address the security, scalability, and latency requirements of modern software-driven deployments. To address these shortcomings we propose Chuchotage, a protocol translation architecture for secure and scalable machine-to-machine communication. Chuchotage enables in-line TLS interception and confidential protocol translation for software-defined networks. Translation is done in ephemeral, flow-specific Trusted Execution Environments and scales with the number of network flows. Our evaluation of Chuchotage implementing an HTTP to CoAP translation indicates a minimal transmission and translation overhead, allowing its integration with legacy or outdated deployments. (Less)
Please use this url to cite or link to this publication:
author
and
organization
publishing date
type
Chapter in Book/Report/Conference proceeding
publication status
published
subject
keywords
Protocol conversion, IoT, Application layer protocols, Software Defined Networking, TLS, Cross-Layer Optimisation
host publication
Proceedings of the 24th International Conference on Information and Communications Security (ICICS'22)
pages
589 - 607
conference name
Proceedings of the 24th International Conference on Information and Communications Security, ICICS'22
conference location
Canterbury, United Kingdom
conference dates
2022-09-05 - 2022-09-08
external identifiers
  • scopus:85137058344
DOI
10.1007/978-3-031-15777-6_32
project
Säkra mjukvaruuppdateringar för den smarta staden
language
English
LU publication?
yes
id
065726f2-959a-47dd-b812-d008417ec522
date added to LUP
2022-06-22 09:14:20
date last changed
2022-11-09 11:18:20
@inproceedings{065726f2-959a-47dd-b812-d008417ec522,
  abstract     = {{The growing diversity of connected devices leads to complex network deployments, often made up of endpoints that implement in- compatible network application protocols. Communication between heterogeneous network protocols was traditionally enabled by hardware translators or gateways. However, such solutions are increasingly unfit to address the security, scalability, and latency requirements of modern software-driven deployments. To address these shortcomings we propose Chuchotage, a protocol translation architecture for secure and scalable machine-to-machine communication. Chuchotage enables in-line TLS interception and confidential protocol translation for software-defined networks. Translation is done in ephemeral, flow-specific Trusted Execution Environments and scales with the number of network flows. Our evaluation of Chuchotage implementing an HTTP to CoAP translation indicates a minimal transmission and translation overhead, allowing its integration with legacy or outdated deployments.}},
  author       = {{Nikbakht Bideh, Pegah and Paladi, Nicolae}},
  booktitle    = {{Proceedings of the 24th International Conference on Information and Communications Security (ICICS'22)}},
  keywords     = {{Protocol conversion; IoT; Application layer protocols; Software Defined Networking; TLS; Cross-Layer Optimisation}},
  language     = {{eng}},
  month        = {{09}},
  pages        = {{589--607}},
  title        = {{Chuchotage: In-line Software Network Protocol Translation for (D)TLS}},
  url          = {{https://lup.lub.lu.se/search/files/120476534/chuchotage.pdf}},
  doi          = {{10.1007/978-3-031-15777-6_32}},
  year         = {{2022}},
}