1. Field
The present disclosure generally relates to the transmission of data over a network, and more particularly to the use of a computing device to communicate over a network.
2. Description of the Related Art
Encryption for communications channels, such as those operating under the Secure Sockets Layer (SSL) or Transport Layer Security (TLS) protocols, often function by permitting a sender to transmit a data packet including an encrypted message and a Message Authentication Code (MAC) value (“checksum” or “tag”) to a recipient. The sender and recipient share an encryption key and a MAC key, which is a keyed (cryptographic) hash function, defined in a shared cipher specification. The message is initially encrypted by the sender using the shared encryption key, and the MAC value is generated by the sender by applying a MAC algorithm to the encrypted message using the shared MAC key. Upon receipt of the data packet, the recipient applies the MAC algorithm using the shared MAC key to the encrypted message to generate a MAC value. The MAC value generated by the recipient is compared to the MAC value generated by the sender that was received with the encrypted message. If the MAC values match, the encrypted message is determined be authentic (i.e., from the correct sender). The MAC value protects both the data integrity of a message as well as its authenticity by allowing recipients that share the MAC key to detect any changes to the message content.
Such communications channels periodically need to change the encryption key (i.e., and associated encryption algorithm) being used. Changing the encryption key is commonly achieved using a Change Cipher Specification (CCS) message (or “key exchange protocol”) in a protocol like SSL or TLS. Such a procedure relies on in-order-delivery of data packets that underlies a transport channel like the Internet Protocol Suite (TCP/IP). In-order-delivery requires retransmission of a lost packet, which adds notable latency to all packets after a packet loss. Furthermore, if a data packet including the CCS message is lost, then the recipient must wait until the CCS message is retransmitted and received in order to authenticate subsequent data packets.