Information Technology Reference
In-Depth Information
The main goal of WTLS is to provide to a pair of applications the following
properties:
•
privacy,
•
integrity of information and
•
authentication.
The WTLS provides these properties by using the same patterns of SSL
encryption, but unlike the latter it also works with datagram transport
protocols (like UDP).
Such protocols are characterized by the fact that data are transmitted in a
fully independent manner and may also be lost, arrive not in order or even
duplicated.
These features make the SSL protocol unusable as it is on a datagram
transport protocol.
Let us think to the handshake phase between a client and a server: it is
unthinkable that it has a success if, for example, the initial request for a
secure connection of the client fails to arrive to the server or if the acceptance
of a certificate from either of the two entities never get to the other one.
to support datagram a number of mechanisms were then introduced in the
WTLS to face the possibility that data do not arrive or arrive in disorder or
duplicates are present.
In particular, to overcome the problems above mentioned the WTLS is
based on an asymmetrical state machine (i.e. one for the client and another,
different, for the server). The interaction of the two machines can
synchronize the data that the two entities share on a secure connection.
WSTL is based also on the use of time out so in order not to block one of
the two entities endless waiting of the response, the control of the validity
of the number of sequence of incoming packages and on the merging of a
number of handshake messages travelling in same direction in a single
package to be sent.
6
Weaknesses and attack methods
6.1
Deliberate attacks
In considering a deliberate attack, it is convenient to distinguish attached
component and the technique used by the intruder. A systematic approach
identifies all the components of the system both physical (computers, routers,
AP and Palm) and logical (files, processes, etc.) and for each of them, it finds
all the applicable attack techniques. The result of this approach may be
conveniently summarized in a matrix having the components on an axis and
