Exploiting Satellite Broadcast despite HTTPS
Nikos Fotiou, Vasilios A Siris, George C. Polyzos, Mario Marchese,, Franco Davoli, Luca Boero
TL;DR
This paper explores methods to enable satellite broadcast utility despite HTTPS encryption by using TLS splitting and application layer encryption, significantly reducing handshake times and maintaining network optimizations.
Contribution
It introduces novel solutions for authorized TLS interception and application layer encryption to exploit satellite broadcast capabilities with HTTPS.
Findings
TLS handshake time reduced by up to 94% with TLS splitting.
Application layer encryption enables satellite broadcast exploitation even with HTTPS.
Trade-offs discussed include deployment complexity, performance, and privacy considerations.
Abstract
HTTPS enhances end-user privacy and is often preferred or enforced by over-the-top content providers, but renders inoperable all intermediate network functions operating above the transport layer, including caching, content/protocol optimization, and security filtering tools. These functions are crucial for the optimization of integrated satellite-terrestrial networks. Additionally, due to the use of end-to-end and per-session encryption keys, the advantages of a satellite's wide-area broadcasting capabilities are limited or even negated completely. This paper investigates two solutions for authorized TLS interception that involve TLS splitting. We present how these solutions can be incorporated into integrated satellite-terrestrial networks and we discuss their trade-offs in terms of deployment, performance, and privacy. Furthermore, we design a solution that leverages satellite…
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.