network-programmingopensslcryptographyudpdtls

Can DTLS still function and be secure if packets are being lost?


I'm looking to make an application that uses DTLS, let's say for example voice chat.
Can DTLS work while raw sound data packets are being lost?
Can certain packets be lost and the DTLS session still function correctly without resending the lost packets which defeats the point of using UDP (TCP latency with congestion).
Sound is still audible even if part of the sound data is lost.
And is the communication still secure against replay attacks?


Solution

  • Yes, DTLS continues to function even if application data packets are lost or reordered by the network. In that case, the plaintext data in those packets will also be lost/reordered, matching exactly the behavior you would see with plaintext UDP.

    DTLS does perform retransmissions during the handshake phase, because the cryptographic computations require no lost packets. But that only affects the first few packets of the exchange.

    DTLS provides replay protection (described in section 3.3 of https://www.rfc-editor.org/rfc/rfc6347) so that an attacker (or routing error) which causes duplicated packet arrivals only results in a single plaintext packet - the duplicates are discarded. Replay protection is according to that specification optional, but all implementations I am aware of provide it.