Wireless Transport Layer Security

This chapter reviews the technical aspects of Wireless Transport Layer Security (WTLS), a specification by the Wireless Application Protocol (WAP) Forum to secure transactions in mobile networks (Wireless Application Protocol Forum, 2001). The first version of WTLS was a complete revision of TLS to meet the constraints of data communications over Global System for Mobile Communication (GSM) networks using the Short Message Service (SMS) for bit rates of 9.6 kbit/s and the General Packet Radio Service (GPRS) for bit rates between 28 and 56 kbit/s. Cellular technologies of the third generation (3G) or Universal Mobile Telecommunication System (UMTS) were also considered. The protocol was designed taking into consideration the limitation of handsets in terms of memory, computational power, battery life, screen displays, and keyboards. There were several revisions, the latest was WTLS Version 6 in April 2001. However, given the operational complexities of WAP 1.ξ, particularly that of end-to-end security with WTLS in tandem with TLS, WAP 2.0 was published in August 2001 based on the Transmission Control Protocol/Internet Protocol (TCP/IP) stack. This necessitated some extensions to TLS to accommodate mobile communication. All these considerations will be discussed in the following.