transport layer security - mrinal wadhwa
DESCRIPTION
a simple introduction to the TLS 1.2 spec presented at null bangalore on 20th August 2011http://null.co.in/TRANSCRIPT
![Page 1: Transport Layer Security - Mrinal Wadhwa](https://reader034.vdocuments.net/reader034/viewer/2022052323/55844fb9d8b42a5b0a8b4ae7/html5/thumbnails/1.jpg)
Transport Layer Security
Mrinal Wadhwa
http://www.mrinalwadhwa.com
![Page 2: Transport Layer Security - Mrinal Wadhwa](https://reader034.vdocuments.net/reader034/viewer/2022052323/55844fb9d8b42a5b0a8b4ae7/html5/thumbnails/2.jpg)
SSL v1before 1995, internal to Netscape, never released
![Page 3: Transport Layer Security - Mrinal Wadhwa](https://reader034.vdocuments.net/reader034/viewer/2022052323/55844fb9d8b42a5b0a8b4ae7/html5/thumbnails/3.jpg)
SSL v2draft published in FEB 1995
SSL 0.2 PROTOCOL SPECIFICATIONhttp://www.mozilla.org/projects/security/pki/nss/ssl/draft02.html
![Page 4: Transport Layer Security - Mrinal Wadhwa](https://reader034.vdocuments.net/reader034/viewer/2022052323/55844fb9d8b42a5b0a8b4ae7/html5/thumbnails/4.jpg)
SSL v3
The SSL Protocol Version 3.0http://www.mozilla.org/projects/security/pki/nss/ssl/draft302.txt
draft published in NOV 1996
![Page 5: Transport Layer Security - Mrinal Wadhwa](https://reader034.vdocuments.net/reader034/viewer/2022052323/55844fb9d8b42a5b0a8b4ae7/html5/thumbnails/5.jpg)
TLS 1.0RFC 2446 - in Jan 1999
The TLS Protocol Version 1.0http://tools.ietf.org/html/rfc2246
![Page 6: Transport Layer Security - Mrinal Wadhwa](https://reader034.vdocuments.net/reader034/viewer/2022052323/55844fb9d8b42a5b0a8b4ae7/html5/thumbnails/6.jpg)
TLS 1.1RFC 4346 - in April 2006
The Transport Layer Security (TLS) Protocol Version 1.1http://tools.ietf.org/html/rfc4346
![Page 7: Transport Layer Security - Mrinal Wadhwa](https://reader034.vdocuments.net/reader034/viewer/2022052323/55844fb9d8b42a5b0a8b4ae7/html5/thumbnails/7.jpg)
TLS 1.2RFC 5246 - in August 2008
The Transport Layer Security (TLS) Protocol Version 1.2http://tools.ietf.org/html/rfc5246
![Page 8: Transport Layer Security - Mrinal Wadhwa](https://reader034.vdocuments.net/reader034/viewer/2022052323/55844fb9d8b42a5b0a8b4ae7/html5/thumbnails/8.jpg)
"The TLS protocol provides communications security over the Internet. The protocol allows client/server applications to communicate in a way that is designed to prevent eavesdropping, tampering, or message forgery."
- The Transport Layer Security (TLS) Protocol Version 1.2
![Page 9: Transport Layer Security - Mrinal Wadhwa](https://reader034.vdocuments.net/reader034/viewer/2022052323/55844fb9d8b42a5b0a8b4ae7/html5/thumbnails/9.jpg)
Record Protocolhttp://tools.ietf.org/html/rfc5246#section-6
![Page 10: Transport Layer Security - Mrinal Wadhwa](https://reader034.vdocuments.net/reader034/viewer/2022052323/55844fb9d8b42a5b0a8b4ae7/html5/thumbnails/10.jpg)
The Record Protocol takes messages to be transmitted, fragments the data into manageable blocks, optionally compresses the data, applies
a MAC, encrypts, and transmits the result. Received data is decrypted, verified, decompressed, reassembled, and then delivered to
higher-level clients.
![Page 11: Transport Layer Security - Mrinal Wadhwa](https://reader034.vdocuments.net/reader034/viewer/2022052323/55844fb9d8b42a5b0a8b4ae7/html5/thumbnails/11.jpg)
struct { ConnectionEnd entity; PRFAlgorithm prf_algorithm; BulkCipherAlgorithm bulk_cipher_algorithm; CipherType cipher_type; uint8 enc_key_length; uint8 block_length; uint8 fixed_iv_length; uint8 record_iv_length; MACAlgorithm mac_algorithm; uint8 mac_length; uint8 mac_key_length; CompressionMethod compression_algorithm; opaque master_secret[48]; opaque client_random[32]; opaque server_random[32]; } SecurityParameters;
![Page 12: Transport Layer Security - Mrinal Wadhwa](https://reader034.vdocuments.net/reader034/viewer/2022052323/55844fb9d8b42a5b0a8b4ae7/html5/thumbnails/12.jpg)
Change Cipher Spec Protocol
http://tools.ietf.org/html/rfc5246#section-7.1
![Page 13: Transport Layer Security - Mrinal Wadhwa](https://reader034.vdocuments.net/reader034/viewer/2022052323/55844fb9d8b42a5b0a8b4ae7/html5/thumbnails/13.jpg)
Alert Protocolhttp://tools.ietf.org/html/rfc5246#section-7.2
![Page 14: Transport Layer Security - Mrinal Wadhwa](https://reader034.vdocuments.net/reader034/viewer/2022052323/55844fb9d8b42a5b0a8b4ae7/html5/thumbnails/14.jpg)
Handshake Protocola simplified discussion
http://tools.ietf.org/html/rfc5246#section-7.3
![Page 15: Transport Layer Security - Mrinal Wadhwa](https://reader034.vdocuments.net/reader034/viewer/2022052323/55844fb9d8b42a5b0a8b4ae7/html5/thumbnails/15.jpg)
struct { } HelloRequest;
Hello Request
http://tools.ietf.org/html/rfc5246#section-7.4.1.1
![Page 16: Transport Layer Security - Mrinal Wadhwa](https://reader034.vdocuments.net/reader034/viewer/2022052323/55844fb9d8b42a5b0a8b4ae7/html5/thumbnails/16.jpg)
struct { ProtocolVersion client_version; Random random; SessionID session_id; CipherSuite cipher_suites<2..2^16-2>; CompressionMethod compression_methods<1..2^8-1>; select (extensions_present) { case false: struct {}; case true: Extension extensions<0..2^16-1>; }; } ClientHello;
Client Hello
http://tools.ietf.org/html/rfc5246#section-7.4.1.2
![Page 17: Transport Layer Security - Mrinal Wadhwa](https://reader034.vdocuments.net/reader034/viewer/2022052323/55844fb9d8b42a5b0a8b4ae7/html5/thumbnails/17.jpg)
CIPHER SUITES
TLS_RSA_WITH_AES_128_CBC_SHA
Mandatory Cipher Suites - http://tools.ietf.org/html/rfc5246#section-9Cipher Suite Definitions - http://tools.ietf.org/html/rfc5246#appendix-C
"The connection is encrypted using AES_128_CBC, with SHA1 for message authentication and RSA as the key exchange mechanism."
![Page 18: Transport Layer Security - Mrinal Wadhwa](https://reader034.vdocuments.net/reader034/viewer/2022052323/55844fb9d8b42a5b0a8b4ae7/html5/thumbnails/18.jpg)
CIPHER SUITES
TLS_RSA_WITH_AES_128_CBC_SHA
Key Exchange - RSACipher - AES_128_CBCMac - SHA (HMAC-SHA1)
![Page 19: Transport Layer Security - Mrinal Wadhwa](https://reader034.vdocuments.net/reader034/viewer/2022052323/55844fb9d8b42a5b0a8b4ae7/html5/thumbnails/19.jpg)
struct { ProtocolVersion server_version; Random random; SessionID session_id; CipherSuite cipher_suite; CompressionMethod compression_method; select (extensions_present) { case false: struct {}; case true: Extension extensions<0..2^16-1>; }; } ServerHello;
Server Hello
http://tools.ietf.org/html/rfc5246#section-7.4.1.3
![Page 20: Transport Layer Security - Mrinal Wadhwa](https://reader034.vdocuments.net/reader034/viewer/2022052323/55844fb9d8b42a5b0a8b4ae7/html5/thumbnails/20.jpg)
opaque ASN.1Cert<1..2^24-1>;
struct { ASN.1Cert certificate_list<0..2^24-1>;} Certificate;
Server Certificate
http://tools.ietf.org/html/rfc5246#section-7.4.2
![Page 21: Transport Layer Security - Mrinal Wadhwa](https://reader034.vdocuments.net/reader034/viewer/2022052323/55844fb9d8b42a5b0a8b4ae7/html5/thumbnails/21.jpg)
struct { } ServerHelloDone;
Server Hello Done
http://tools.ietf.org/html/rfc5246#section-7.4.5
![Page 22: Transport Layer Security - Mrinal Wadhwa](https://reader034.vdocuments.net/reader034/viewer/2022052323/55844fb9d8b42a5b0a8b4ae7/html5/thumbnails/22.jpg)
struct { select (KeyExchangeAlgorithm) { case rsa: EncryptedPreMasterSecret; case dhe_dss: case dhe_rsa: case dh_dss: case dh_rsa: case dh_anon: ClientDiffieHellmanPublic; } exchange_keys; } ClientKeyExchange;
Client Key Exchange Message
http://tools.ietf.org/html/rfc5246#section-7.4.7
![Page 23: Transport Layer Security - Mrinal Wadhwa](https://reader034.vdocuments.net/reader034/viewer/2022052323/55844fb9d8b42a5b0a8b4ae7/html5/thumbnails/23.jpg)
struct { opaque verify_data[verify_data_length]; } Finished;
Finished
http://tools.ietf.org/html/rfc5246#section-7.4.9
![Page 24: Transport Layer Security - Mrinal Wadhwa](https://reader034.vdocuments.net/reader034/viewer/2022052323/55844fb9d8b42a5b0a8b4ae7/html5/thumbnails/24.jpg)
?