4

Basically I will be having to secure a connection between different hops. Therefore even if TLS is widely known to be the best in class, I am wondering that in such a case message based encryption wouldn't be worth more than transport layer based encrypion? If yes please help by listing some message layer encryption algorithms.

smiley
  • 1,204
  • 2
  • 13
  • 21

2 Answers2

4

I'm confused about what you are asking, and I think you might be a bit confused about some of the concepts, so let me try to guess what you might be getting at and see if I can clear this up.

I think you are asking about the difference between end-to-end encryption vs hop-to-hop encryption. In end-to-end encryption, the sender encrypts it, and then the encrypted message can traverse over multiple hops, but the multiple hops do not have access to the message; the ciphertext is not decrypted until it reaches the final recipient. In hop-to-hop encryption, each hop decrypts and then re-encrypts it for the next hop). Generally speaking, end-to-end encryption is preferable, because it avoids the need to place any trust in the intermediate hops. So, try to use end-to-end encryption whenever you can.

TLS can be used for either end-to-end encryption or hop-to-hop encryption. That's an orthogonal issue. It just comes down to which two nodes you declare to be the endpoints of a TLS connection.

D.W.
  • 98,860
  • 33
  • 271
  • 588
  • 1
    thanks! but then how can I use TLS to do end to end encryption when I have a reverse proxy and a load balancer between the client and the server? – smiley Jul 10 '11 at 12:09
  • 2
    @smiley, Good question. That's a configuration question for your reverse proxy and load balancer: you'll want them to forward the encrypted data on to the end server that will do the TLS decryption. It's really a separate question, and is likely to be dependent upon the reverse proxy or load balancer you use. – D.W. Jul 10 '11 at 23:58
  • 1
    thanks D.W. unfortunately/fortunately i am still at planning phase so in case you have recommendation, please go ahead. – smiley Jul 11 '11 at 07:00
3

Message based makes it possible to keep confidentiality of the message even on every hop, i.e. the hop does not need to decrypt the message just to and encrypt it again for the next hop. I beleive this is what you are trying to acheive.

It really depends on the messages/protocol going around. Say they are SOAP based, you can apply XML Encryption (usage standardized in WS-Security). You might be tempted to roll your own, but you have to beware of ciphertext attacks, replay, etc.

Even at equivalent cryptographic strength, you will still have to deal with some key agreement protocol, whether symmetric or assymetric. It could be anonymous Diffie-Hellman-Merkle, which would bring authentication in the picture. Ok, authentication is never really out of the picture unless you use client certificate, and even then, it is only valid from the client to the first hop.

But security aside, you will find compatiblity problems that have been ironed out by the ubiquitous TLS/SSL.

ixe013
  • 1,922
  • 15
  • 20