Dethroning TLS in the Embedded World

Slides:

Advertisements

Ähnliche Präsentationen

Art der Arbeit (Projekt-/Studien-/Diplomarbeit/

Advertisements

Doris Kocher, PH Freiburg

Secure Socket Layer SSL For a secure E-Business Thomas Muskalla

Can you think of some KEY phrases which would be useful in multiple contexts? Take 2 minutes with a partner and come up with as many as you can!

Don`t make me think! A Common Sense Approach to Web Usability

Get the best grade you can in GCSE German speaking Anglia Ruskin University Tuesday 22 January 2013.

Institut AIFB, Universität Karlsruhe (TH) Forschungsuniversität gegründet 1825 Towards Automatic Composition of Processes based on Semantic.

BAS5SE | Fachhochschule Hagenberg | Daniel Khan | S SPR5 MVC Plugin Development SPR6P.

Ein Projekt des Technischen Jugendfreizeit- und Bildungsvereins (tjfbv) e.V. kommunizieren.de Blended Learning for people with disabilities.

Clean Code Software-Entwicklung als Handwerkskunst Thomas Nagel, November 2011.

GZ der Informatik / Sicherheit 1 GZ der Informatik VIII Kryptografie, Digitale Signaturen, SET Univ.-Ass. DI. Markus Seidl University of Vienna

RETAIL 2010 MAXIMALER SCHUTZ MINIMALE BELASTUNG. RETAIL 2010 MAXIMALER SCHUTZ MINIMALE BELASTUNG Nur 8 MB Speicherverbrauch.

Institut für Angewandte Mikroelektronik und Datentechnik Course and contest Results of Phase Selected Topics in VLSI Design (Module 24513) ©

Präsentiert von Riccardo Fuda.  Klassische (symmetrische) Kryptographie  Der weg zur modernen Kryptographie  Message Authentification Codes  Asymmetrische.

Institut für Angewandte Mikroelektronik und Datentechnik Phase 5 Architectural impact on ASIC and FPGA Nils Büscher Selected Topics in VLSI Design (Module.

Networking on local area knowledge of territory-continuous presence in community (family-centre – people centre – key locations)

Die Fragen Wörter Wer? Was? Wann?.

Institut für Angewandte Mikroelektronik und Datentechnik Selected Topics in VLSI Design (Module 24513) Vincent Wiese Adder Structures on FPGA and ASIC.

Institut für Angewandte Mikroelektronik und Datentechnik Course and contest Results of Phase 4 Nils Büscher Selected Topics in VLSI Design (Module 24513)

SiPass standalone.

Ralf M. Schnell Technical Evangelist Microsoft Deutschland GmbH

Institut für Angewandte Mikroelektronik und Datentechnik Course and Contest Results of Phase 5 Eike Schweißguth Selected Topics in VLSI Design (Module.

FTS usage at GridKa Forschungszentrum Karlsruhe GmbH

Arbeiten in einem agilen Team mit VS & TFS 11

Institut für Angewandte Mikroelektronik und Datentechnik Results of Phase 4: Layout for ST65 technology by Christoph Niemann Selected Topics.

The influence of spatial variability of polar firn on microwave emission Martin Proksch 1, Henning Löwe 1, Stefanie Weissbach 2, Martin Schneebeli 1 1.

bonn.de/bonn/bonn/suedstadt/Streit- Apple-gegen-Apfelkind-geht-weiter- article html 1 st WS4D-Workshop Towards a comprehensive.

? What is Open PS? SAP Open PS based on EPS 4.0

Welcome to Web Services & Grid Computing Jens Mache

Web Services als Remote Content Provider in Portalumgebungen Vorstellung und Diskussion des Themas Präsentation des Prototypen Konzeption und prototypische.

Nachweis von B 0 s -Oszillationen mit dem ATLAS Detektor am LHC B. Epp 1, V.M. Ghete 2, E. Kneringer 1, D. Kuhn 1, A. Nairz 3 1 Institut für Experimentalphysik,

Interrogative Words. Interrogative words, also called question words are used to ask for information.

The Journey to America… The Immigrant Experience.

Gregor Graf Oracle Portal (Part of the Oracle Application Server 9i) Gregor Graf (2001,2002)

EUROPÄISCHE GEMEINSCHAFT Europäischer Sozialfonds EUROPÄISCHE GEMEINSCHAFT Europäischer Fonds für Regionale Entwicklung Workpackage 5 – guidelines Tasks.

Berliner Elektronenspeicherring-Gesellschaft für Synchrotronstrahlung m.b.H., Albert-Einstein-Straße 15, Berlin frontend control at BESSY R. Fleischhauer.

Kapitel 2 Grammar INDEX 1.Subjects & Verbs 2.Conjugation of Verbs 3.Subject Verb Agreement 4.Person and Number 5.Present Tense 6.Word Order: Position of.

Here‘s what we‘ll do... Talk to the person sitting in front of you. Introduce each other, and ask each other questions concerning the information on your.

EUROPÄISCHE GEMEINSCHAFT Europäischer Sozialfonds EUROPÄISCHE GEMEINSCHAFT Europäischer Fonds für Regionale Entwicklung Workpackage 5 – guidelines Tasks.

Prof. Dr. W.-P. Buchwald Fachhochschule Braunschweig/Wolfenbüttel University of Applied Sciences Images Original Quantized 2-dimensional sampled Sampled.

Technische Universität München Alexander Neidhardt Forschungseinrichtung Satellitengeodäsie 1 Concepts for remote control of VLBI-telescopes: on the way.

Essay structure Example: Die fetten Jahre sind vorbei: Was passiert auf der Almhütte? Welche Bedeutung hat sie für jede der vier Personen? Intro: One or.

What’s the weather like?. Look at the question above Turn it around and you have Das Wetter ist.... The phrase Das Wetter ist.... or Es ist.... can be.

Kanton Basel-Stadt Howto crash a sequencer …and a path to get a difficult package to work APP-V Swissgroup / Daniel Müller.

Was ist eigentlich… Big Data?

Sentence Structure Questions

The IT–Information System

„Unsere Kompetenz – Ihr Nutzen.“

Premiere Conferencing GmbH

What can I offer you as an Ayurveda Consultant?

Deutsch I Numbers….

Azure Countdown Wenn der Freund und Helfer Freunde und Helfer braucht: Sichere Content-Upload-Plattform für Bürger.

Sentence Structure Connectives

The dynamic ultrasound

Aufgabenteil (mit Hilfsmittel)

Senseo Wir erweitern die statischen Informationen mit Hilfe von Laufzeitinformationen. Einbindung in IDE resp. JDT.

CERN – TUD – GSI Webmeeting

Ferrite Material Modeling (1) : Kicker principle

Was ist die Verbindung hier?

ELECTR IC CARS Karim Aly University of Applied Sciences.

Official Statistics Web Cartography in Germany − Regional Statistics, Federal and European Elections, Future Activities − Joint Working Party meeting.

OFFICE 365 FOCUS SESSION SHAREPOINT ONLINE 101:LERNE DIE BASICS 19. März 2018 Höhr-Grenzhausen.

Cyber-Resilience Es ist nicht die Frage ob, sondern wann und was dann

Calorimetry as an efficiency factor for biogas plants?

Niedersächsisches Ministerium

- moodle – a internet based learning platform

Zhunussova G., AA 81. Linguistic communication, i.e. the use of language, is characteristically vocal and verbal behaviour, involving the use of discrete.

Präsentation transkript:

Dethroning TLS in the Embedded World Sebastian Unger 19.09.2018 Sebastian Unger | UNIVERSITY OF ROSTOCK | Institute of Applied Microelectronics and Computer Engineering

Why how dethrone TLS embedded world Overview and to in an Why and how to dethrone tls dethrone TLS in an embedded world 19.09.2018 Sebastian Unger | UNIVERSITY OF ROSTOCK | Institute of Applied Microelectronics and Computer Engineering

Agenda Motivation State of the art How to dethrone TLS WS-CompactSecurity WS-SecurityRecords Conclusion and Outlook 19.09.2018 Sebastian Unger | UNIVERSITY OF ROSTOCK | Institute of Applied Microelectronics and Computer Engineering

WoT AAL IoT Motivation The overall vision Motivation: Vision von kooperierenden Geräten Wird Inhalt über Beamer wiedergegeben, wird Leinwand heruntergefahren und Jalousie geschlossen 10 Minuten vor dem Weckerklingeln wird die Heizung eingeschaltet und Kaffee gekocht Lichtschalter können drahtlos sein (einfachere Installation) und durch andere Geräte ersetzt werden Wir haben diverse Namen dafür: im AAL, IoT, WoT, PC, AI Fakt: es gibt Angreifer 19.09.2018 Sebastian Unger | UNIVERSITY OF ROSTOCK | Institute of Applied Microelectronics and Computer Engineering

Interoperability through open technologies Motivation WS4D.org initiative Interoperability through open technologies How and why to dethrone tls One core technology: Devices Profile for Web Services (DPWS) 19.09.2018 Sebastian Unger | UNIVERSITY OF ROSTOCK | Institute of Applied Microelectronics and Computer Engineering

WS for devices WS-Dynamic Discovery WS-* Pub/Sub: WS-Eventing State of the art Devices Profile for Web Services (DPWS) WS for devices WS-Dynamic Discovery WS-* How and why to dethrone tls Pub/Sub: WS-Eventing 19.09.2018 Sebastian Unger | UNIVERSITY OF ROSTOCK | Institute of Applied Microelectronics and Computer Engineering

TLS APP TLS TCP IP TLS is FAST! State of the art Security in DPWS TLS (Bsp: DPWS) DTLS (Bsp: CoAP) Nachteile APP TLS TCP IP TLS is FAST! 19.09.2018 Sebastian Unger | UNIVERSITY OF ROSTOCK | Institute of Applied Microelectronics and Computer Engineering

No dependency on transport protocol State of the art WS-Security as alternative to TLS? [1] WS-Security! [2] No dependency on transport protocol No dependency on X.509 certificates Any authentication method possible Multihop communication [3] TLS (Bsp: DPWS) DTLS (Bsp: CoAP) Nachteile [1] Martínez et al.: “A security architectural approach for DPWS-based devices”. 2008 [2] Hernández et al.: “Security framework for DPWS compliant devices”. 2009. [3] Unger et al.: “Extending the devices profile for web services for secure mobile device communication”. 2010. 19.09.2018 Sebastian Unger | UNIVERSITY OF ROSTOCK | Institute of Applied Microelectronics and Computer Engineering

WS Security introduces massive message size overhead State of the art Drawback of WS-Security WS Security introduces massive message size overhead TLS (Bsp: DPWS) DTLS (Bsp: CoAP) Nachteile 19.09.2018 Sebastian Unger | UNIVERSITY OF ROSTOCK | Institute of Applied Microelectronics and Computer Engineering

How much of a drawback does WS-Security introduce? State of the art Core questions Initial question: How much of a drawback does WS-Security introduce? TLS (Bsp: DPWS) DTLS (Bsp: CoAP) Nachteile Questions of interest: How fast can WS-Security be? Can it be fast enough to dethrone TLS? 19.09.2018 Sebastian Unger | UNIVERSITY OF ROSTOCK | Institute of Applied Microelectronics and Computer Engineering

XML-Signature WS-Security XML-Encryption Our goal Compact Signature How to dethrone TLS What is WS-Security? XML-Signature WS-Security XML-Encryption TLS (Bsp: DPWS) DTLS (Bsp: CoAP) Nachteile Our goal Compact Signature WS CompactSecurity Compact Encryption 19.09.2018 Sebastian Unger | UNIVERSITY OF ROSTOCK | Institute of Applied Microelectronics and Computer Engineering

Sequence Number Action Timestamp Signature Payload How to dethrone TLS XML-Signature vs. WS-DD Compact Signatures (1) Sequence Number Action Timestamp Signature First Step: Dethrone TLS WS-DD Csig: Abbildung Payload 19.09.2018 Sebastian Unger | UNIVERSITY OF ROSTOCK | Institute of Applied Microelectronics and Computer Engineering

Same scheme (set of algorithms) for each element How to dethrone TLS XML-Signature vs. WS-DD Compact Signatures (2) XML-Signature: 2479 bytes 41 Elements 24 Parameters CompactSignature: 246 bytes 1 Element 5 Parameters Compacter format Same scheme (set of algorithms) for each element No digests transmitted First Step: Dethrone TLS WS-DD Csig: Abbildung 19.09.2018 Sebastian Unger | UNIVERSITY OF ROSTOCK | Institute of Applied Microelectronics and Computer Engineering

XML-Encryption Compact Encryption XML-Encryption: 539 bytes 8 Elements How to dethrone TLS XML-Encryption vs. WS4D Compact Encryption XML-Encryption Compact Encryption XML-Encryption: 539 bytes 8 Elements 4 Parameters Compact Encryption: 227 bytes 3 Elements 4 Parameters First Step: Dethrone TLS Ähnliche Abbildung XML-Encyrption 19.09.2018 Sebastian Unger | UNIVERSITY OF ROSTOCK | Institute of Applied Microelectronics and Computer Engineering

WS-DD Compact Signatures How to dethrone TLS WS Compact Security WS-DD Compact Signatures WS Compact Security combined WS4D Compact Encryption First Step: Dethrone TLS Zusammenfassung der beiden zu WS-Csec Iop herausstellen Highly interoperable “Classic” WS-Security 19.09.2018 Sebastian Unger | UNIVERSITY OF ROSTOCK | Institute of Applied Microelectronics and Computer Engineering

Dedicated Ethernet Line WS Client on Linux PC How to dethrone TLS Measurement Setup – Hardware Dedicated Ethernet Line WS Client on Linux PC WS Echo Server on Fox LX 832 First Step: Dethrone TLS Mess-Setup 19.09.2018 Sebastian Unger | UNIVERSITY OF ROSTOCK | Institute of Applied Microelectronics and Computer Engineering

Echo server and client implemented with gSOAP How to dethrone TLS Measurement Setup – Software <ns:single-string-echo> <ns:in>string</ns:in> </ns:single-string-echo> <ns:single-string-echoResponse> <ns:out>string</ns:out> </ns:single-string-echoResponse> First Step: Dethrone TLS Mess-Setup Echo server and client implemented with gSOAP 10k requests / responses Measured RTTs, computed medians 19.09.2018 Sebastian Unger | UNIVERSITY OF ROSTOCK | Institute of Applied Microelectronics and Computer Engineering

Factor 1.5 – 2 How to dethrone TLS WS Compact Security – Results – Round Trip Times (RTT) Factor 1.5 – 2 First Step: Dethrone TLS Ergebnisse Nicht schlecht, gleiche Größenordnung, trotzdem Faktor 2-3 19.09.2018 Sebastian Unger | UNIVERSITY OF ROSTOCK | Institute of Applied Microelectronics and Computer Engineering

WS Compact Security TLS two encryption cycles one encryption cycle How to dethrone TLS Fundamental advantage of TLS over WS Compact Security WS Compact Security TLS Compute message digest Compute message digest Encrypt digest to signature Encrypt digest to signature Append digest to payload Encrypt payload Encrypt payload First Step: Dethrone TLS Grund dafür, dass TLS schneller Encrypt payload and digest Encrypt payload and digest Substitute payload by cipher Substitute payload by cipher two encryption cycles one encryption cycle 19.09.2018 Sebastian Unger | UNIVERSITY OF ROSTOCK | Institute of Applied Microelectronics and Computer Engineering

Less interoperability How to dethrone TLS WS Security Records <Envelope> <Header><!-- ... --!></Header> <Body> encrypt <Record CipherData=... EncKeyId=... EncRefs=... PrefixList=... Scheme=... SigKeyId=... SigRefs=... /> <Digest>...</Digest> <Payload>...</Payload> First Step: Dethrone TLS Zweiter Ansatz: WS-SecRec Supposed to be faster Less interoperability </Body> </Envelope> 19.09.2018 Sebastian Unger | UNIVERSITY OF ROSTOCK | Institute of Applied Microelectronics and Computer Engineering

Factor 1.17 How to dethrone TLS WS Security Records – Results – Round Trip Times (RTT) Factor 1.17 First Step: Dethrone TLS Ergebnisse 19.09.2018 Sebastian Unger | UNIVERSITY OF ROSTOCK | Institute of Applied Microelectronics and Computer Engineering

Does WS Compact Security dethrone TLS? Conclusion (1) WS Compact Security Does WS Compact Security dethrone TLS? Equally fast? Zusammenfassung Nearly as fast by providing higher flexibility? Nearly as fast by remaining compatible to classic WS Security? 19.09.2018 Sebastian Unger | UNIVERSITY OF ROSTOCK | Institute of Applied Microelectronics and Computer Engineering

Do WS Security Records dethrone TLS? Conclusion (2) WS Security Records Do WS Security Records dethrone TLS? Remain highly compatible to classic WS Security? Zusammenfassung Equally fast? Provide higher flexibility? 19.09.2018 Sebastian Unger | UNIVERSITY OF ROSTOCK | Institute of Applied Microelectronics and Computer Engineering

Develop Devices Profile for Web Service Security Outlook Develop Devices Profile for Web Service Security Develop architecture and implement prototype on basis of DPWS Transfer Results to different base technology Outlook 19.09.2018 Sebastian Unger | UNIVERSITY OF ROSTOCK | Institute of Applied Microelectronics and Computer Engineering

Thanks a lot for your attention! Any questions? Thank you! Questions? Thanks a lot for your attention! Any questions? Thanks! 19.09.2018 Sebastian Unger | UNIVERSITY OF ROSTOCK | Institute of Applied Microelectronics and Computer Engineering

Test Messages (1) 5 chars: <SOAP-ENV:Body> <ns:single-string-echo xmlns:ns="ws4d:ptest"> <ns:in>01234</ns:in> </ns:single-string-echo> </SOAP-ENV:Body> Backup: Messwerte, Nachrichtengrößen, etc… 50 chars: <SOAP-ENV:Body> <ns:single-string-echo xmlns:ns="ws4d:ptest"> <ns:in>01234567890123456789012345678901234567890123456789</ns:in> </ns:single-string-echo> </SOAP-ENV:Body> 19.09.2018 Sebastian Unger | UNIVERSITY OF ROSTOCK | Institute of Applied Microelectronics and Computer Engineering

Test Messages (2) 10x5 chars: <SOAP-ENV:Body> <ns:multiple-string-echo xmlns:ns="ws4d:ptest"> <ns:in> <ns:p01>01234</ns:p01> <ns:p02>01234</ns:p02> <ns:p03>01234</ns:p03> <ns:p04>01234</ns:p04> <ns:p05>01234</ns:p05> <ns:p06>01234</ns:p06> <ns:p07>01234</ns:p07> <ns:p08>01234</ns:p08> <ns:p09>01234</ns:p09> <ns:p10>01234</ns:p10> </ns:in> </ns:multiple-string-echo> </SOAP-ENV:Body> Backup: Messwerte, Nachrichtengrößen, etc… 19.09.2018 Sebastian Unger | UNIVERSITY OF ROSTOCK | Institute of Applied Microelectronics and Computer Engineering

Detailed message sizes and RTTs RTTs in ms WS CSec (RC4) WS CSec (AES) WS SecRec (RC4) WS SecRec (AES) TLS (RC4) TLS (AES) No Security 5 chars 29,4 39,1 21,6 28,5 18,5 20 16,7 50 chars 30,2 40,1 22,4 29,9 18,8 20,6 17 10x5 chars 41,1 51,8 31,8 40,5 24,8 17,6 Message sizes in Bytes Backup: Messwerte, Nachrichtengrößen, etc… SOAP Envelope HTTP message TLS (RC4) TLS (AES) WS CSec (RC4) WS CSec (AES) WS SecRec (RC4) WS SecRec (AES) 5 chars 218 382 238 245 749 777 508 524 50 chars 263 427 248 261 809 841 568 588 5x10 chars 437 601 293 309 1041 1077 800 820 19.09.2018 Sebastian Unger | UNIVERSITY OF ROSTOCK | Institute of Applied Microelectronics and Computer Engineering

WS Security and Compression Two methods and why they both don‘t work Encrypt first, compress later SOAP b64-coded cipher SOAP compr. cipher compress first, encrypt later Backup: Erklärung, warum keine Kompression (notfalls mit Werten) SOAP payload SOAP SOAP SOAP compressed payload 19.09.2018 Sebastian Unger | UNIVERSITY OF ROSTOCK | Institute of Applied Microelectronics and Computer Engineering

Different key for everyone State of the art MAC Layer Security Same key for everyone or - Different key for everyone subnet subnet ≙ router MAC Layer Security WLAN, IEEE 802.15.4 Nachteile MAC Layer Security 19.09.2018 Sebastian Unger | UNIVERSITY OF ROSTOCK | Institute of Applied Microelectronics and Computer Engineering

Transport Mode Tunnel Mode subnet subnet Vendor A Vendor B State of the art IPSec Transport Mode Tunnel Mode subnet subnet Vendor A Vendor B IPSec Nachteile IPSec is complex! node router IPSec Gateway 19.09.2018 Sebastian Unger | UNIVERSITY OF ROSTOCK | Institute of Applied Microelectronics and Computer Engineering

First Step: Dethrone TLS WS Compact Security – Results – Message Sizes TCP Payload First Step: Dethrone TLS Ergebnisse Nicht schlecht, gleiche Größenordnung, trotzdem Faktor 2-3 19.09.2018 Sebastian Unger | UNIVERSITY OF ROSTOCK | Institute of Applied Microelectronics and Computer Engineering

First Step: Dethrone TLS WS Security Records – Results – Message Sizes First Step: Dethrone TLS Ergebnisse 19.09.2018 Sebastian Unger | UNIVERSITY OF ROSTOCK | Institute of Applied Microelectronics and Computer Engineering

Ambient Assisted Living Motivation Internet of Things The overall problem Ambient Assisted Living Pervasive Computing Motivation: AAL, IoT, WoT, PC, AI unterscheiden sich zwar in Details haben jedoch alle gemeinsam, dass ein System vieler ressourcenschwacher, eingebetteter Geräte zum Einsatz kommen soll Problem: Kryptografie ressourcenlastig ABER: bevor wir das nicht gelöst haben, wird das ganze Zeug nicht marktreif Web of Things Ambient Intelligence 19.09.2018 Sebastian Unger | UNIVERSITY OF ROSTOCK | Institute of Applied Microelectronics and Computer Engineering

necessary by design expensive State of the art … Common sense: … in general Common sense: Security… necessary … is by design Aktueller Zustand / State of the Art: Die meisten haben begriffen, dass Security notwendig ist Security by design – nicht später draufpantschen Aber: Neue Security-Designs teuer … must be considered expensive … can be 19.09.2018 Sebastian Unger | UNIVERSITY OF ROSTOCK | Institute of Applied Microelectronics and Computer Engineering

IPSec MAC Layer Security (D)TLS State of the art… … in particular IPSec MAC Layer Security (D)TLS Daher oft Zurückgreifen auf bekanntes Auch dann, wenn nur bedingt geeignet Die beliebtesten / verbreitetsten werden vorgestellt 19.09.2018 Sebastian Unger | UNIVERSITY OF ROSTOCK | Institute of Applied Microelectronics and Computer Engineering

State of the art Conclusion: Presented methods not ideal Many others came to same conclusion Zusammengefasst: nur bedingt geeignet Haben viele andere auch erkannt und Konzepte auf Anwendungsebene entwickelt Folge: Viele unterschiedliche, nicht-interoperable Konzepte  Result: Countless approaches on application level 19.09.2018 Sebastian Unger | UNIVERSITY OF ROSTOCK | Institute of Applied Microelectronics and Computer Engineering

Web Services WS-Security Suite Our approach (Informative) Approach Es scheint also nicht sinnvoll, ein weiteres Konzept vorzuschlagen stattdessen wollen wir ein existierendes, weit verbreitetes Konzept anpassen: Die WS-Security Suite Grund dafür: Web Services bereits auf eingebettete Systeme gebracht (DPWS) Jetzt das gleiche für WS-Security WS-Security Suite 19.09.2018 Sebastian Unger | UNIVERSITY OF ROSTOCK | Institute of Applied Microelectronics and Computer Engineering

Devices Profile for Web Services Devices Profile for WS-Security Suite Our approach (Informative) Devices Profile for Web Services Approach Es scheint also nicht sinnvoll, ein weiteres Konzept vorzuschlagen stattdessen wollen wir ein existierendes, weit verbreitetes Konzept anpassen: Die WS-Security Suite Grund dafür: Web Services bereits auf eingebettete Systeme gebracht (DPWS) Jetzt das gleiche für WS-Security Devices Profile for WS-Security Suite 19.09.2018 Sebastian Unger | UNIVERSITY OF ROSTOCK | Institute of Applied Microelectronics and Computer Engineering

First Step: Dethrone TLS Overview WS-Federation TLS WS-Trust WS-Policy compare WS-SecureConversation First Step: Dethrone TLS bereits gesagt: TLS sehr beliebt, hat aber viele Nachteile Initiale Idee: herausfinden, wie viel langsamer als TLS WS-Security wirklich ist Ansatz: Verschlüsselung und Signaturen mit kompakter Repräsentation von WS-Security, XML-Encryption, XML-Signature WS-DD macht es mit WS-CompactSignature vor TLS ist state-of-the-art – also müssen wir uns damit messen WS-Security WS-CompactSecurity transform 19.09.2018 Sebastian Unger | UNIVERSITY OF ROSTOCK | Institute of Applied Microelectronics and Computer Engineering