TCPsec: A Transport Layer Security Framework

by
Swami Pichumani

Advised by
Sneha Kasera

In this poster we present TCPsec, a transport layer security framework. TCPsec is used to establish secure connections and protects data over untrusted networks. Existing security solutions including SSL and IPsec have important shortcomings. SSL operates as a layer above TCP and hence SSL cannot authenticate the TCP header. This opens room for several DoS attacks. TCPsec, implemented at the TCP layer, protects the TCP header and such attacks are not possible. IPsec resides at the network layer and as a part of the kernel.

Although IPsec is developed for end-to-end security, in reality it conflicts with organizational firewalls and hence IPsec is typically terminated at these firewalls resulting in vulnerability to attacks from insiders within an organization. TCPsec allows interoperability with firewalls while providing end-to-end security. In our work, we build a simple SSL like protoocol at the TCP layer. TCPsec is an extension of TCP and hence implemented in the kernel. TCPsec protects data on per socket basis and provides true end-to-end security. We are currently working on a prototype implementation of TCPsec in the freeBSD kernel (version 4.7).