Designing SSL/TLS Protocol for Resource Constrained Devices

A.M. Ali (USA)


SSL/TLS, software design, Internet security, smart cards.


Secure Sockets Layer (SSL) and its successor Transport Layer Security (TLS) are the de facto standards for securing communication between web servers and web browsers. Although once considered the realm of high end enterprise systems, these protocols can now be implemented on increasingly smaller devices. Smart cards are one example of such devices. They have extremely limited resources; both in terms of memory and processing power. Because of these limitations, designing and implementing a TLS stack on a smart card has its unique challenges. The TLS protocol stack and the required cryptographic computations have heavy memory requirements, and making them run in resource constrained devices calls for an optimized software design. This paper describes various design optimizations for enabling TLS support on embedded smart card architectures with only a few kilobytes of RAM. This combination of smart card hardware security, and the TLS network protocol security can prove to be an extremely powerful amalgam for securing Internet transactions.

Important Links:

Go Back