Design and implementation of TELNET protocol supporting security functionalities

보안 기능을 지원하는 TELNET 프로토콜의 설계 및 구현

Seong, Jeong-Ki;Seo, Hye-In;Kim, Eun-Gi

  • Received : 2016.01.21
  • Accepted : 2016.03.14
  • Published : 2016.04.30


TELNET is vulnerable to network attack because it was designed without considering security. SSL/TLS and SSH are used to solve this problem. However it needs additional secure protocol and has no backward compatibility with existing TELNET in this way. In this paper, we have suggested STELNET(Secured Telnet) which supports security functionalities internally so that has a backward compatibility. STELNET supports a backward compatibility with existing TELNET through option negotiation. On STELNET, A client authenticates server by a certificate or digital signature generated by using ECDSA. After server is authenticated, two hosts generate a session key by ECDH algorithm. And then by using the key, they encrypt data with AES and generate HMAC by using SHA-256. After then they transmit encrypted data and generated HMAC. In conclusion, STELNET which has a backward compatibility with existing TELNET defends MITM(Man-In-The-Middle) attack and supports security functionalities ensuring confidentiality and integrity of transmitted data.


Telnet;Encryption;Authentication;Secure protocol;Remote access


  1. Margaret Rouse. Telnet definition from The Tech Dictionary and IT Encyclopedia site [Internet]. Available: http://sear
  2. Behrouz A. Forouzan, TCP/IP Protocol Suite, 4th ed. New York, NY: McGraw Hill, ch. 20, pp.624, 2010.
  3. IETF Std. RFC 2941, Telnet Authentication Option, IETF, J. Altman. 2000.
  4. IETF Std. RFC 4251, The Secure Shell (SSH) Protocol Archi tecture, IETF, T. Ylonen. 2006.
  5. Seok-Ho Kim, "Comparison and analysis on efficiency of sca lar multiplication for Elliptic Curve Cryptosystem," M.S. dissertation, Korea Maritime and Ocean University, Busan, 2003.
  6. SECG Std. SEC 1, SEC 1: Elliptic Curve Cryptography Version 2.0, SECG, Certicom Research, 2009.
  7. Jae-Won Ahn, Beom-Jin Choi, Sung-Jin Ok, Jung-Ha Kang, Jae-Young Kim, Eun-Gi Kim, "Design and implementation of file transfer protocol supporting security functionalities," Journal of the Korea Academia-Industrial cooperation Society, vol.15, no.5, pp.3086-3092, May. 2014.
  8. FIPS Std. FIPS PUB 197, Adveanced Encryption Standard (AES), FIPS, NIST, 2001.
  9. Wikipedia, The Free Encyclopedia. Cryptography hash function from site [Internet]. Available:
  10. Seung-peom Park, Jae-won Ahn, Eun-gi Kim, "Design and Implementation of Secure Vehicle Communication Protocols for WAVE Communication Systems," Journal of the Korea Institute of Information and Communication Engineering, vol.19, no.4, pp.841-847, Apr. 2015.
  11. IETF Std. RFC 2104, HMAC: Keyed-Hashing for Message Authentication, IETF, H. Krawczyk, M. Bellare, R. Canetti, 1997.
  12. Jeong-Ki Seong, Hye-In Seo, Jae-Won Ahn, Seung-Peom Park, Eun-Gi Kim, "A study on the TELNET protocol supporting security functionalities," in Proceeding of the 2015 Fall Conference of the KIPs, Jeju, pp. 1-3, 2015.
  13. IETF Std. RFC 854, Telnet Protocol Specification, IETF, J. Postel, J. Reynolds, 1983.
  14. IETF Std. RFC 855, Telnet Option Specifications, IETF, J. Postel, J. Reynolds, 1983.
  15. NIST Special Publication 800-57, Recommendation for Key Management, NIST, Gaithersburg, MD, 2012.
  16. Wikipedia, the free encyclopedia. Certificate authority from site [Internet]. Available:
  17. IETF Std. RFC 6234, US Secure Hash Algorithms(SHA and SHA-based HMAC and HKDF), IETF, D. Eastlake 3rd, Huawei, T. Hansen, 2011.
  18. TechiWarehouse. IP spoofing and sniffing from site [Internet]. Available: