Browse > Article
http://dx.doi.org/10.6109/jkiice.2018.22.1.190

Design and Implementation of TCP Supporting Optional Encryption Functionalities  

Seong, Jeong-Gi (Department of Information and Communication Engineering, Hanbat National University)
Kim, Eun-Gi (Department of Information and Communication Engineering, Hanbat National University)
Publication Information
Journal of the Korea Institute of Information and Communication Engineering / v.22, no.1, 2018 , pp. 190-195 More about this Journal
Abstract
Recently, Due to the ongoing increase in cyber attacks and the improved awareness of privacy protection, most Internet services encrypt the traffic by using security protocols. Existing security protocols usually have additional layer between transport layer and application layer, and they incur additional costs because of encrypting all the traffic transmitted. This results in unnecessary performance degradation because it also encrypts data that does not require confidentiality. In this paper, we propose TCP OENC(Optional Encryption) which enables users of the application layer to optionally encrypt only confidential data. TCP OENC operates by TCP option to allow the application layer to encrypt the TCP stream transmitted only on demand. And it ensures transparency between the TCP layer and the application layer. To verify this, we verified that TCP OENC optionally encrypts the stream of TCP session on the embedded board. And then analyzed the performance of the encrypted stream by measuring the elapsed time.
Keywords
TCP; Transport Security; Encryption; Transport Layer; Network;
Citations & Related Records
Times Cited By KSCI : 2  (Citation Analysis)
연도 인용수 순위
1 EFM-ipTime. Product | EFM - ipTime Q604 [Internet]. Available: http://iptime.com/iptime/?page_id=11&pf=15&page=&pt=114&pd=3.
2 Betanews. Increase network traffic encryption ... 'SSL/TLS decryption.inspection' requires strategic approach [Internet]. Available: http://www.betanews.net/article/626452.
3 Boannews. SSL-encrypted traffic utilization is expected to increase 10% in 2017 [Internet]. Available: http://www.boannews.com/media/view.asp?idx=57871&mkind=1&kind=1.
4 Computer world. Encryption, not necessarily good [Internet]. Available: http://www.comworld.co.kr/news/articleView.html?idxno=5413.
5 Digicert. How Does the SSL Certificate Create a Secure Connection? [Internet]. Available: https://www.digicert.com/ssl/.
6 J. G. Seong and E. G. Kim, "A Study on the TCP Supporting Optional Encryption,," in Proceeding of the 42th Conference of Korea Institute of Information and Communication Engineering, Cheonan, pp. 565-568, 2017.
7 The Linux Kernel Archives. Linux Kernel Crypto API [Internet]. Available: https://www.kernel.org/doc/html/v4.12/crypto/intro.html.
8 S. H. Sun and E. G. Kim, "The automatic generation of MPTCP session keys using ECDH," Journal of the Korea Institute of Information and Communication Engineering, vol. 20, no10, pp. 1912-1918, Oct. 2016.   DOI
9 Charles M. Kozierok, "TCP Message formatting and Data Transfer," in The TCP/IP Guide: A Comprehensive, Illustrated Internet Protocols Reference, San Francisco, CA: No Starch Press., ch. 48, pp. 773, 2005.
10 K. H. Kim, "Comparison and analysis on efficiency of scalar multiplication for Elliptic Curve Cryptosystem," M.S. dissertation, Korea Maritime and Ocean University, Busan, 2003.
11 S. M. Kim, T. M. Chang, H. S. Kim, and M. S. Kang, "Design of High-Speed AES Cipher Processor Using Pipeline Technique," Journal of Security Engineering, vol. 11, no.2, pp. 145-154, Apr. 2014.   DOI
12 RFC 1122, Requirements for Internet Hosts -- Communication Layers, IETF, Fremont, CA., 1989.
13 FALiNUX Forum. EZ-S3C6410 [Internet]. Available: http://forum.falinux.com/zbxe/index.php?mid=EZS3C6410.