Jump to content

Wireless Transport Layer Security

From Wikipedia, the free encyclopedia
This is an old revision of this page, as edited by Grenavitar (talk | contribs) at 05:49, 25 May 2005. The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

You must add a |reason= parameter to this Cleanup template – replace it with {{Cleanup|reason=<Fill reason here>}}, or remove the Cleanup template.

WTLS, or, Wireless Transport Layer Security is a protocol for the Wireless Application Protocol (WAP) realm. Wireless Application Protocol, is amongst the hot topics of discussion and research. Independent research has been carried out and is being carried out. WTLS is basically a derivative of Transport Layer Security Protocols. It is based on Secure Sockets Layer Protocol (SSL). SSL is basically for the establishing privacy and reliability for client/server communication over a network. WTLS is basically used to provide approximately the same purpose. When a wireless client sends a request, this request is encrypted by WTLS and sent to a gateway. A gateway is basically a proxy which provides protocol translation. Now when the request reaches the gateway, the gateway decrypts this request and then re-encrypts using SSL and send it to the respective server. When the server receives this request, based on the kind of request(from a wireless client or wired client), the server sends back the requested page or data back to the gateway. The gateway again decrypts and encrypts this response and then finally the wireless client is capable of viewing the response. Although it seems to be boon for the wirelesss arena, but there exists lot of security threats. Examples of such threats are: plaintext datarecovery attack, message forgery attack, datagram termination attack and the like. The reason for such threats is the weak encryption algorithms. But at the same time its difficult to exploit advanced encryption algorithms, on account of the complexity in the design, cryptography exportations and finally the cost of such wireless devices Consequently, a draft named The WAP Transport Layer E2E Security Specification, presents a scheme for the eradication of encryption/de-cryption at the gateway. A WAP client's request can be redirected using XML document. This XML document, in turn will provide the WAP client with instructions to establish a connection with a secondary proxy. This secondary proxy provides a direct access to the destination server. Thus the default gateway can be completely bypassed.

Retrieved from "https://en.wikipedia.org/w/index.php?title=Wireless_Transport_Layer_Security&oldid=14201216"