[cryptography] Application Layer Encryption Protocols Tuned for Cellular?
codesinchaos at gmail.com
Mon Nov 5 07:41:32 EST 2012
You could look into CurveCP for inspiration. It's UDP based, and its
connections survive if the IP of the client changes. That's because it
uses the client's public key as connection identifier instead of the
But you can't use it directly, since you need FIPS ciphers. You'll
also need to implement your own congestion control, but it seems like
you want to do that anyways.
Alternatively implement your own TCP like connection and standard TLS on top.
> In addition, I have an option to allow only one session per user (for
> paranoid folks). When the previous session does not die as expected, a
> new session cannot be started. Here, the device might realize the
> socket is really dead, but the server has not realized it yet because
> of the tricks that are being played in the TCP/IP stack on the server
> side. So the client tries to reconnect but the server refuses due to
> the "one session" rule.
The way I'd implement that is that when a new connection for a certain
user arrives, it pings the old connection. If the old one doesn't
respond, close it, and use the new one instead.
More information about the cryptography