polito.it
Politecnico di Torino (logo)

Performance and Security Evaluation of TLS, DTLS and QUIC Security Protocols

Andrea Gaminara

Performance and Security Evaluation of TLS, DTLS and QUIC Security Protocols.

Rel. Antonio Lioy, Diana Gratiela Berbecaru. Politecnico di Torino, Corso di laurea magistrale in Ingegneria Informatica (Computer Engineering), 2022

[img]
Preview
PDF (Tesi_di_laurea) - Tesi
Licenza: Creative Commons Attribution Non-commercial No Derivatives.

Download (7MB) | Preview
Abstract:

During the last decades a lot of protocols to implement a secure communication between a client and a server have been designed and standardized. The most used and know protocol to introduce security in a communication is TLS. The most important of TLS competitors turned out to be QUIC, which in recent years has gained significant diffusion and use. If the IoT scenario is considered, another standard very much used is represented by DTLS, a protocol very similar to TLS, but that is built on top of UDP instead of TCP as a difference. The main focus of this thesis is to analyse and compare TLS, DTLS and QUIC protocol from the performance and the security point of view. After a brief introduction in which all these protocols are described in details, in particular keeping the attention on the implementation of the security properties, such as authentication, confidentiality and integrity, different works of the past regarding the analysis of TLS, DTLS and QUIC are presented. These works have analysed the protocols using different metrics and tools, conducting experiments in different environment and scenarios. This analysis is useful in particular to understand which are the metrics and the methods used to compare security protocols performance. Subsequently all three protocols are measured in terms of performance following some of the past approaches studied and also executing some new experiments. The target is to understand in different situations which is the best choice to adopt among all the protocols analysed. In particular the time is a recurrent metric that is measured during the experiments: from the time needed to establish a secure connection, passing through the time needed to download a page through the browser, till the time necessary to exchange a big file between client and server in different network conditions. From the security point of view, first of all for each protocol the evolution during years through different versions is described. Then all the security properties that are implemented are compared to understand which one between TLS, DTLS and QUIC offers greater strength and security. As last point, a series of attacks that can be conducted against the protocols analysed are described. For each of them the applicability to each protocol is discussed, followed by some considerations regarding the resistance of the protocol to the attack and the possible countermeasures.

Relators: Antonio Lioy, Diana Gratiela Berbecaru
Academic year: 2022/23
Publication type: Electronic
Number of Pages: 102
Subjects:
Corso di laurea: Corso di laurea magistrale in Ingegneria Informatica (Computer Engineering)
Classe di laurea: New organization > Master science > LM-32 - COMPUTER SYSTEMS ENGINEERING
Aziende collaboratrici: Politecnico di Torino
URI: http://webthesis.biblio.polito.it/id/eprint/25561
Modify record (reserved for operators) Modify record (reserved for operators)