Topic: Don't send HelloVerifyRequest on DTLS handshake?

The usual DTLS handshake requires 3 round trips (from RFC 4347):

    Client                    Server

    ClientHello -------->

    <------- HelloVerifyRequest

    ClientHello -------->

                   ServerHello
                   Certificate*
                   ServerKeyExchange*
                   CertificateRequest*
     <-------- ServerHelloDone

    Certificate*
    ClientKeyExchange
    CertificateVerify*
    [ChangeCipherSpec]
    Finished  -------->

                  [ChangeCipherSpec]
    <-------- Finished


However, in certain cases, it is desirable to reduce the number of round trips for connection. For example, when doing satellite communications, round trip time can be 4+ seconds. In these cases, it is nice to be able to disable the HelloVerifyRequest portion of the handshake (the first two steps), so that only 2 round trips are required.

Is there any way to do this with wolfSSL?

-Ken

Share

Re: Don't send HelloVerifyRequest on DTLS handshake?

Not currently.  It's one of the strange things about DTLS.  It not only eliminates the advantage UDP has over TCP in terms of startup, it actually makes it worse.  And it basically requires full TCP semantics during the handshake removing the 2nd advantage.  The other advantage is broadcasting but I'm not sure if that could even work with DTLS since each client will have different keys because of the way the handshake is designed.

You may be better off using TLS but overwriting the underlying I/O like you've been doing?

Share

Re: Don't send HelloVerifyRequest on DTLS handshake?

Our application sends datagrams, some of which are unreliable and may be dropped at any time. Therefore I think we can't easily use TLS.

I'll see if I can figure out what to change to remove the HelloVerifyRequest myself... if I get it working should I submit a patch or something?

-Ken

Share