I've been reading the RFC for DTLS over UDP, but can't seem to understand, how the transport encryption aspect of TLS was handled. It reads to me, like they just didn't bother, since there can be Datagrams lost.
Did I overlook, what they did instead?
EDIT: I worded my question poorly and too general. I found a question, which answers me after looking into it with better search terms.
The section you linked to says that the NULL cipher (no encryption) works the same as in TLS, and that RC4 (the only stream cipher in TLS 1.2) cannot be used for DTLS.
The next three subsections indicate that block ciphers and AEAD ciphers work exactly the same in DTLS as in TLS, and that new cipher suits must specify if they are suitable for DTLS along with what changes, if any, would need to be made.
I'm not quite sure if I understood your question correctly, so I'll try to answer it by stating the major differences between TLS and DTLS and the reasons behind them.
TLS usually runs on top of a reliable transport stream such as TCP and guarantees the same features as TCP plus authentication, integrity and confidentiality. DTLS however runs over UDP and once the handshake has been completed guarantees the same features as UDP plus authentication integrity and confidentiality. In UDP however, some datagrams may be lost or re-ordered, but in contrast to UDP, DTLS will detect and discard duplicated datagrams if needed.
Moreover, in TLS, when something bad happens (e.g. a record does not pass the integrity check) the connection is immediatelly terminated. In contrary with DTLS, it is possible to set a limit to the number of bad records before a connection is terminated. This is due to the reason that with DTLS over UDP it is quite easy to inject bad records (the attacker only needs to know the source and destination IP and port).
The handshake for DTLS happens in a lock-step procedure which means that messages need t oarrive in a certain order and must not be skipped. This is why DTLS has its own retransmission mechanism in case packets do not arrive / arrive out of order.
