TLSiP

Transport Layer Security in Practice

The project “Transport Layer Security in Practice (TLSiP)” dealt with methods to recognize unsafe cryptographic processes in Internet services and provided Internet users with a transparent solution for secure Internet communication.

Motivation

In our society, the Internet has established itself as an important communication tool and the secure transfer of data has become indispensable in many areas such as daily communication, online trading or -banking. Thereby, Transport Layer Security (TLS) has been accepted as the default protocol. The availability of tools and studies to improve the usage of TLS is therefore important and of increasing significance for society as well as industry and commerce.

Findings

In the course of the project, the security of TLS was measured in combination with a large number of protocols. Where possible, it was evaluated to what extent different possibilities can be used to achieve both qualitative improvements in use and a quantitative increase in the number of uses.

Nowadays, TLS protects an incredibly high number of connections on the transport layer, regardless of the protocols used for the application layer. This concerns confidentiality through the use of end-to-end encryption, as well as authentication, because users can be sure that they are communicating with the correct server. It forms the foundation of our current web security and already 55% of all websites and their content were transmitted via HTTPS in May 2017.

Further Information

• The project was led by SBA Research.