Datagram Transport Layer Security (DTLS) is a communications protocol that provides security for datagram-based applications by allowing them to communicate in a way that is designed to prevent eavesdropping, tampering, or message forgery. The DTLS protocol is based on the stream-oriented Transport Layer Security (TLS) protocol and is intended to provide similar security guarantees. The DTLS protocol datagram preserves the semantics of the underlying transport — the application does not suffer from the delays associated with stream protocols, but has to deal with packet reordering, loss of datagram and data larger than the size of a datagram network packet.
Contents
Definition
The following documents define DTLS:
DTLS 1.0 is based on TLS 1.1, and DTLS 1.2 is based on TLS 1.2.
Applications
Vulnerabilities
In February 2013 two researchers from Royal Holloway, University of London discovered an attack which allowed them to recover plaintext from a DTLS connection using the OpenSSL implementation of DTLS when Cipher Block Chaining mode encryption was used.