Home | Contact Us | FAQ | Search & Site Map | Link to Us
Sign In | Join | Other 45 Sites in Network
HomeAnnouncementsWhite Papers
Discussion GroupsFirst AidDatabasesJavaBeansGUIJava 3DVirtual MachineCORBASecurityToolsGeneral
Java DirectoryOpen Source ProjectsSample Book ChaptersUser GroupsWeb Resources
Related Topics
Databases.NETMore Topics ...
Java Forum / General / November 2006

Tip: Looking for answers? Try searching our database.

UDP and SSLEngine

Thread view: 
Enable EMail AlertsStart New Thread
ChrisWSU - 06 Nov 2006 08:17 GMT
Was just wondering if anyone knows if there would be any issues with
using the SSLEngine with a UDP non-blocking channel.  I dont really
have anything to test it with lost UDP packets or having the packets
arrive out of order, would this cause problems? are there any utilities
to simulate this connectionless-aspect of UDP?

Thanks,
Chris
Reply to this Message
Chris Uppal - 06 Nov 2006 13:20 GMT
> Was just wondering if anyone knows if there would be any issues with
> using the SSLEngine with a UDP non-blocking channel.  I dont really
> have anything to test it with lost UDP packets or having the packets
> arrive out of order, would this cause problems? are there any utilities
> to simulate this connectionless-aspect of UDP?

You could try using a TCP session (as a test) and deleting / rearanging blocks
of data randomly.  Perhaps implemented in some sort of intermediary program.

Personally, I can't see how the encryption (inherently stateful) could possibly
survive in the face of missing or rearanged blocks, but I'm not an SSL expert.

   -- chris
Reply to this Message
EJP - 07 Nov 2006 08:01 GMT
> Was just wondering if anyone knows if there would be any issues with
> using the SSLEngine with a UDP non-blocking channel.  I dont really
> have anything to test it with lost UDP packets or having the packets
> arrive out of order, would this cause problems? are there any utilities
> to simulate this connectionless-aspect of UDP?

As Chris suspected, the SSL encryption algorithms won't survive a
dropped packet and indeed under a strict interpretation of RFC2246 will
probably force you to close the connection. You can't implement SSL over
UDP, you can only implement SSL over a reliable transport. So first you
need a UDP reliability layer.
Reply to this Message


Free Magazines

Get these publications absolutely FREE for up to 12 months. There are no hidden fees and no obligation. Simply choose a title, complete the application form and submit it. Read more ...

Oracle MagazineNetwork ComputingComputer WorldBio-IT WorldeWeekInformation WeekInfosecurity
 
Sign In
Join
My Latest Posts
My Monitored Threads
My Blog
My Photo Gallery
My Profile
My Homepage
Start New Thread
Enable EMail Alerts
Rate this Thread



©2008 Advenet LLC   Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.