Implementing the TLS Protocol on a Bare PC

A bare PC is an ordinary computer that runs applications without an operating system (OS). It thus provides immunity from attacks that target specific OS vulnerabilities while eliminating the OS overhead in a conventional system. We describe a novel implementation of TLS that runs on a bare PC. The TLS implementation differs from a conventional TLS implementation in that it is included within a bare PC application that manages its own CPU tasks, directly interfaces to the hardware, and communicates with network protocols without using a standard socket interface. Furthermore, the unique software architecture of a bare PC enables the TLS, TCP, and application protocols to be intertwined, thereby reducing the communication overhead compared to that of a conventional system. As an example, we give details of the internal architecture of a bare PC TLS Web server. We then illustrate intertwining of the TLS, TCP, and HTTP protocols. In particular, we show how a state transition model that represents events and actions in the TLS Web server is used to develop the intertwined protocol code. We also discuss the testing methodology, note some challenges with respect to implementing TLS on a bare PC, and outline the measures taken to address them.