Datagram Transport Layer Security

Description

Datagram Transport Layer Security (DTLS) is a communications protocol designed to secure datagram-based applications. It is derived from the Transport Layer Security (TLS) protocol but is adapted for the datagram transport model, primarily User Datagram Protocol (UDP), which does not guarantee delivery or order of packets. DTLS provides the same security guarantees as TLS—confidentiality, integrity, and authentication—while accounting for the inherent unreliability of the underlying transport. The protocol achieves this by adding sequence numbers and a retransmission timer for handshake messages, ensuring the cryptographic handshake completes even if packets are lost or reordered, without introducing any reliability for the application data itself.

Within the 3GPP architecture, DTLS is specified as a key protocol for securing various interfaces and services. It is a fundamental component for securing the WebRTC-based media path in the IP Multimedia Subsystem (IMS), as defined in TS 23.228 and related specifications. DTLS operates at the application layer, typically running over UDP/IP. The protocol handshake involves the exchange of certificates or pre-shared keys to mutually authenticate the client and server and to establish shared secret keys. These keys are then used with symmetric cryptography (e.g., AES) to encrypt the application data and with message authentication codes (e.g., HMAC-SHA256) to ensure integrity.

The role of DTLS in a 3GPP network is multifaceted. For IMS-based voice and video services (e.g., VoLTE, ViLTE), DTLS-SRTP uses DTLS to perform a key exchange for the Secure Real-time Transport Protocol (SRTP) media streams. In Machine Type Communication (MTC) and IoT scenarios, as outlined in specifications like TS 23.682 and TS 33.187, DTLS can secure CoAP (Constrained Application Protocol) messages between devices and network servers, providing a lightweight security solution suitable for constrained devices. Furthermore, DTLS is used in the control plane, for example, in the S14 interface for device management or within the architecture for proximity-based services (ProSe). Its ability to operate over UDP makes it ideal for real-time, low-latency applications where TCP's connection setup and congestion control would introduce unacceptable delay.

Purpose & Motivation

DTLS was created to extend the proven security model of TLS to datagram protocols, primarily UDP. TLS requires a reliable, in-order byte stream, which TCP provides, but many modern applications—especially real-time communication, gaming, and IoT—use UDP for its lower latency and lack of head-of-line blocking. The primary problem DTLS solves is providing strong authentication, encryption, and data integrity for these UDP-based applications without modifying the underlying unreliable transport.

Historically, applications using UDP either forewent security, implemented custom (and often vulnerable) security mechanisms, or were forced onto TCP, compromising performance. The development of DTLS, standardized by the IETF in RFC 4347 and updated in RFC 6347, filled this critical gap. 3GPP adopted DTLS starting in Release 12 to meet the security requirements of new service architectures. The motivation was driven by the rise of WebRTC, which mandates DTLS for media encryption, and the need for lightweight security in IoT/M2M communications where TCP overhead is prohibitive. DTLS allows 3GPP networks to offer secure, low-latency services end-to-end, aligning with the industry shift towards all-IP networks and encrypted media.

Key Features

• Handshake over unreliable transport using retransmission timers and sequence numbers
• Provides confidentiality through encryption (e.g., AES-GCM, AES-CCM)
• Ensures message integrity and authentication via HMAC or AEAD ciphers
• Supports mutual authentication using certificates, pre-shared keys, or raw public keys
• Resistant to replay attacks through use of sequence numbers and windowing
• Defined profiles for use with SRTP (DTLS-SRTP) and CoAP (DTLS-CoAP)

Evolution Across Releases

Defining Specifications