Datagram Transport Layer Security

Datagram Transport Layer Security is a communications protocol that provides security for datagram-based applications by allowing them to communicate in a way that is designed to prevent eavesdropping, tampering, or message forgery. The DTLS protocol is based on the stream-oriented Transport Layer Security protocol and is intended to provide similar security guarantees. The DTLS protocol datagram preserves the semantics of the underlying transport—the application does not suffer from the delays associated with stream protocols, but because it uses UDP, the application has to deal with packet reordering, loss of datagram and data larger than the size of a datagram network packet. Because DTLS uses UDP rather than TCP, it avoids the "TCP meltdown problem", when being used to create a VPN tunnel.

Definition

The following documents define DTLS:

RFC 6347 for use with User Datagram Protocol,
RFC 5238 for use with Datagram Congestion Control Protocol,
RFC 5415 for use with Control And Provisioning of Wireless Access Points,
RFC 6083 for use with Stream Control Transmission Protocol encapsulation,
RFC 5764 for use with Secure Real-time Transport Protocol subsequently called DTLS-SRTP in a draft with Secure Real-Time Transport Control Protocol.

DTLS 1.0 is based on TLS 1.1, and DTLS 1.2 is based on TLS 1.2. There is no DTLS 1.1; that version number was skipped in order to harmonize version numbers with TLS.

Implementations

Libraries

Implementation	DTLS 1.0	DTLS 1.2
Botan
cryptlib
GnuTLS
Java Secure Socket Extension
LibreSSL
libsystools
MatrixSSL
mbed TLS
Network Security Services
OpenSSL
PyDTLS
Python3-dtls
RSA BSAFE
s2n
SChannel XP/2003, Vista/2008
SChannel 7/2008R2, 8/2012, 8.1/2012R2, 10
SChannel 10, 2016
Secure Transport OS X 10.2–10.7 / iOS 1–4
Secure Transport OS X 10.8–10.10 / iOS 5–8
SharkSSL
tinydtls
Waher.Security.DTLS
wolfSSL
@nodertc/dtls
java-dtls
pion/dtls
californium/scandium
Implementation	DTLS 1.0	DTLS 1.2

Applications

Cisco AnyConnect VPN Client uses TLS and DTLS, as do the AnyConnect-compatible open-source OpenConnect client and ocserv server
Cisco InterCloud Fabric uses DTLS to form a tunnel between private and public/provider compute environments
F5 Networks Edge VPN Client uses TLS and DTLS
Citrix Systems NetScaler uses DTLS to secure UDP
Web browsers: Google Chrome, Opera and Firefox support DTLS-SRTP for WebRTC
Vulnerabilities

In February 2013 two researchers from Royal Holloway, University of London discovered an attack which allowed them to recover plaintext from a DTLS connection using the OpenSSL implementation of DTLS when Cipher Block Chaining mode encryption was used.

Popular movies

The Hunger Games (film) - 2012 American dystopian action thriller science fiction-adventure film directed by Gary Ross and based on Suzanne Collins’s 2008 novel of the same name. It is the first insta...
untitled Captain Marvel sequel - part of Marvel Cinematic Universe....
Killers of the Flower Moon (film project) - Killers of the Flower Moon - film project in United States of America. It was presented as drama, detective fiction, thriller. The film project starred Leonardo Dicaprio, Robert De Niro. Director of...
Five Nights at Freddy's (film) - Five Nights at Freddy's - film published in 2017 in United States of America. Scenarist of the film - Scott Cawthon....

Popular books

Book of Revelation - The Book of Revelation is the final book of the New Testament, and consequently is also the final book of the Christian Bible. Its title is derived from the first word of the Koine Greek text: apok...
Book of Genesis - account of the creation of the world, the early history of humanity, Israel's ancestors and the origins...
Gospel of Matthew - The Gospel According to Matthew is the first book of the New Testament and one of the three synoptic gospels. It tells how Israel's Messiah, rejected and executed in Israel, pronounces judgement on ...
Michelin Guide - Michelin Guides are a series of guide books published by the French tyre company Michelin for more than a century. The term normally refers to the annually published Michelin Red Guide , the oldest...
Psalms - The Book of Psalms , commonly referred to simply as Psalms , the Psalter or "the Psalms", is the first book of the Ketuvim , the third section of the Hebrew Bible, and thus a book of th...
Ecclesiastes - Ecclesiastes is one of 24 books of the Tanakh , where it is classified as one of the Ketuvim . Originally written c. 450–200 BCE, it is also among the canonical Wisdom literature of the Old Tes...
The 48 Laws of Power - non-fiction book by American author Robert Greene. The book...

Popular television series

The Crown (TV series) - historical drama web television series about the reign of Queen Elizabeth II, created and principally written by Peter Morgan, and produced by Left Bank Pictures and Sony Pictures Tel...
Friends - American sitcom television series, created by David Crane and Marta Kauffman, which aired on NBC from September 22, 1994, to May 6, 2004, lasting ten seasons. With an ensemble cast sta...
Young Sheldon - spin-off prequel to The Big Bang Theory and begins with the character Sheldon...
Modern Family - American television mockumentary family sitcom created by Christopher Lloyd and Steven Levitan for the American Broadcasting Company. It ran for eleven seasons, from September 23...
Loki (TV series) - upcoming American web television miniseries created for Disney+ by Michael Waldron, based on the Marvel Comics character of the same name. It is set in the Marvel Cinematic Universe, shar...
Game of Thrones - American fantasy drama television series created by David Benioff and D. B. Weiss for HBO. It...
Shameless (American TV series) - American comedy-drama television series developed by John Wells which debuted on Showtime on January 9, 2011. It...

Datagram Transport Layer Security

Definition

Implementations

Libraries

Applications

Vulnerabilities