| dc.contributor.advisor | Roger Khazan and Joe Cooley. | en_US |
| dc.contributor.author | McVeety, Sam | en_US |
| dc.contributor.other | Massachusetts Institute of Technology. Dept. of Electrical Engineering and Computer Science. | en_US |
| dc.date.accessioned | 2011-02-23T15:01:23Z | |
| dc.date.available | 2011-02-23T15:01:23Z | |
| dc.date.copyright | 2009 | en_US |
| dc.date.issued | 2009 | en_US |
| dc.identifier.uri | http://hdl.handle.net/1721.1/61301 | |
| dc.description | Thesis (M. Eng.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 2009. | en_US |
| dc.description | Cataloged from PDF version of thesis. | en_US |
| dc.description | Includes bibliographical references (p. 65-66). | en_US |
| dc.description.abstract | Transport Layer Security (TLS) is a secure communication protocol that is used in many secure electronic applications. In order to establish a TLS connection, a client and server engage in a handshake, which usually involves the transmission of digital certificates. In this thesis we develop a practical speedup of TLS handshakes over bandwidth-constrained, high-latency (i.e. disadvantaged) links by reducing the communication overhead associated with the transmission of digital certificates. This speedup is achieved by deploying two specialized TLS proxies across such links. Working in tandem, one proxy will replace certificate data in packets being sent across the disadvantaged link with a short reference, while the proxy on the other side of the link will restore the certificate data in the packet. The certificate data will be supplied by local or remote caches. Our solution preserves the end-to-end security of TLS and is designed to be transparent to third-party applications, and will thus facilitate rapid deployment by removing the need to modify existing installations of TLS clients and TLS servers. Testing shows that this technique can reduce the overall bandwidth used during a handshake by over 50%, and can reduce the time required to establish a secure channel by over 40% across Iridium links. | en_US |
| dc.description.statementofresponsibility | by Sam McVeety. | en_US |
| dc.format.extent | 75 p. | en_US |
| dc.language.iso | eng | en_US |
| dc.publisher | Massachusetts Institute of Technology | en_US |
| dc.rights | M.I.T. theses are protected by
copyright. They may be viewed from this source for any purpose, but
reproduction or distribution in any format is prohibited without written
permission. See provided URL for inquiries about permission. | en_US |
| dc.rights.uri | http://dspace.mit.edu/handle/1721.1/7582 | en_US |
| dc.subject | Electrical Engineering and Computer Science. | en_US |
| dc.title | Secure channel establishment in disadvantaged networks : TLS optimization using intercepting proxies | en_US |
| dc.type | Thesis | en_US |
| dc.description.degree | M.Eng. | en_US |
| dc.contributor.department | Massachusetts Institute of Technology. Department of Electrical Engineering and Computer Science | |
| dc.identifier.oclc | 702656427 | en_US |
