Improving the WTLS by Means of Kerberos

摘要

The Wireless Application Protocol (WAP) is a protocol stack for wireless communication networks. Wireless Transport Layer Security (WTLS) is the security protocol of the WAP and it operates over the transport layer. Analysis of the WTLS agreement reveals that the certification process in the handshake agreement presents a risk of intermediary anonymous attack that we denote man-in-the-middle-attack. This paper presents a way to mitigate this risk by addition of a Kerberos authentication system to the WTLS agreement in order to improve the security of the latter. At the same time, the paper gives a detailed description of the solutions involved in the data structure, a simulation model of the program, and discusses reasonable values for the simulation parameters.