Christopher Baines
Government Digital Service
HTTP (HyperText Transport Protocol) |
TLS (Transport Layer Security) |
TCP (Transmission Control Protocol) |
IP (the Internet Protocol) |
IEEE 802.3 (Ethernet) / IEEE 802.11 (Wi-Fi) / ... |
Client Server ClientHello --------> ServerHello Certificate* ServerKeyExchange* CertificateRequest* <-------- ServerHelloDone Certificate* ClientKeyExchange CertificateVerify* [ChangeCipherSpec] Finished --------> [ChangeCipherSpec] <-------- Finished Application Data <-------> Application Data * Indicates optional or situation-dependent messages that are not always sent.RFC 5246
TLS_NULL_WITH_NULL_NULLThis is an example of a modern cipher suite:
TLS_ECDHE_WITH_AES_128_GCM_SHA256
Client Server ClientHello --------> ServerHello [ChangeCipherSpec] <-------- Finished [ChangeCipherSpec] Finished --------> Application Data <-------> Application DataRFC 5246
A protocol is said to have perfect forward secrecy if compromise of long-term keys does not compromise past session keys.
* 0 1 2 3 4 5 6 7 8 9 10 0 1 2 3 4 0 1 2 3 0 1\[(2 * 3) \bmod 5 = 1\]
* 0 1 2 3 4 5 6 7 8 9 10 0 1 2 3 4 0 1 0 1 2 3
\(b = log_g B \bmod p\)
\(s = A^b \bmod p\)Guess at b (Bobs secret, which is 15) | Calculation | |
---|---|---|
\(guess\) | \(A^{guess} \bmod p = ...\) | |
\(2\) | \(8^2 \bmod 23 = 18\) | |
\(3\) | \(8^3 \bmod 23 = 6\) | |
\(4\) | \(8^4 \bmod 23 = 2\) | |
\(5\) | \(8^5 \bmod 23 = 16\) | |
... |
Client Server ClientHello --------> ServerHello Certificate* ServerKeyExchange* CertificateRequest* <-------- ServerHelloDone Certificate* ClientKeyExchange CertificateVerify* [ChangeCipherSpec] Finished --------> [ChangeCipherSpec] <-------- Finished Application Data <-------> Application Data * Indicates optional or situation-dependent messages that are not always sent.RFC 5246
Strict-Transport-Security: max-age=31536000
Strict-Transport-Security: max-age=31536000; includeSubDomains
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Client Server ClientHello + key_share --------> ServerHello + key_share {EncryptedExtensions} {CertificateRequest*} {Certificate*} {CertificateVerify*} {Finished} <-------- [Application Data*] {Certificate*} {CertificateVerify*} {Finished} --------> <-------- [NewSessionTicket] [Application Data] <-------> [Application Data]Draft TLS 1.3 Spec
Client Server ClientHello + early_data + key_share* + psk_key_exchange_modes + pre_shared_key (Application Data*) --------> ServerHello + pre_shared_key + key_share* {EncryptedExtensions} + early_data* {Finished} <-------- [Application Data*] (EndOfEarlyData) {Finished} --------> [Application Data] <-------> [Application Data]Draft TLS 1.3 Spec
Christopher Baines
Government Digital Service