TLS Cryptography In-Depth

By : Dr. Paul Duplys, Dr. Roland Schmitz

TLS Cryptography In-Depth

By: Dr. Paul Duplys, Dr. Roland Schmitz

Overview of this book

TLS is the most widely used cryptographic protocol today, enabling e-commerce, online banking, and secure online communication. Written by Dr. Paul Duplys, Security, Privacy & Safety Research Lead at Bosch, and Dr. Roland Schmitz, Internet Security Professor at Stuttgart Media University, this book will help you gain a deep understanding of how and why TLS works, how past attacks on TLS were possible, and how vulnerabilities that enabled them were addressed in the latest TLS version 1.3. By exploring the inner workings of TLS, you’ll be able to configure it and use it more securely. Starting with the basic concepts, you’ll be led step by step through the world of modern cryptography, guided by the TLS protocol. As you advance, you’ll be learning about the necessary mathematical concepts from scratch. Topics such as public-key cryptography based on elliptic curves will be explained with a view on real-world applications in TLS. With easy-to-understand concepts, you’ll find out how secret keys are generated and exchanged in TLS, and how they are used to creating a secure channel between a client and a server. By the end of this book, you’ll have the knowledge to configure TLS servers securely. Moreover, you’ll have gained a deep knowledge of the cryptographic primitives that make up TLS.

Preface

Who is this book for

What this book covers

To get the most out of this book

Conventions used

Get in touch

Share Your Thoughts

Download a free PDF copy of this book

Part I Getting Started

Free Chapter

Chapter 1: The Role of Cryptography in the Connected World

1.1 Evolution of cryptography

1.2 The advent of TLS and the internet

1.3 Increasing connectivity

1.4 Increasing complexity

1.5 Example attacks

1.6 Summary

Chapter 2: Secure Channel and the CIA Triad

2.1 Technical requirements

2.6 Secure channels and the CIA triad

2.7 Summary

Chapter 3: A Secret to Share

3.1 Secret keys and Kerckhoffs’s principle

3.2 Cryptographic keys

3.3 Key space

3.4 Key length

3.5 Crypto-agility and information half-life

3.6 Key establishment

3.7 Randomness and entropy

3.8 Summary

Chapter 4: Encryption and Decryption

4.1 Preliminaries

4.2 Symmetric cryptosystems

4.3 Information-theoretical security (perfect secrecy)

4.4 Computational security

4.5 Pseudorandomness

4.6 Summary

Chapter 5: Entity Authentication

5.1 The identity concept

5.2 Authorization and authenticated key establishment

5.3 Message authentication versus entity authentication

5.4 Password-based authentication

5.5 Challenge-response protocols

5.6 Summary

Chapter 6: Transport Layer Security at a Glance

6.1 Birth of the World Wide Web

6.2 Early web browsers

6.7 Major differences between TLS versions 1.3 and 1.2

6.8 Summary

Part II Shaking Hands

Chapter 7: Public-Key Cryptography

7.1 Preliminaries

7.2 Groups

7.3 The Diffie-Hellman key-exchange protocol

7.4 Security of Diffie-Hellman key exchange

7.5 The ElGamal encryption scheme

7.6 Finite fields

7.7 The RSA algorithm

7.8 Security of the RSA algorithm

7.9 Authenticated key agreement

7.10 Public-key cryptography in TLS 1.3

7.11 Hybrid cryptosystems

7.12 Summary

Chapter 8: Elliptic Curves

8.1 What are elliptic curves?

8.2 Elliptic curves as abelian groups

8.3 Elliptic curves over finite fields

8.4 Security of elliptic curves

8.5 Elliptic curves in TLS 1.3

8.6 Summary

Chapter 9: Digital Signatures

9.1 General considerations

9.2 RSA-based signatures

9.3 Digital signatures based on discrete logarithms

9.4 Digital signatures in TLS 1.3

9.5 Summary

Chapter 10: Digital Certificates and Certification Authorities

10.1 What is a digital certificate?

10.2 X.509 certificates

10.3 Main components of a public-key infrastructure

10.4 Rogue CAs

10.5 Digital certificates in TLS

10.6 Summary

Chapter 11: Hash Functions and Message Authentication Codes

11.1 The need for authenticity and integrity

11.2 What cryptographic guarantees does encryption provide?

11.3 One-way functions

11.4 Hash functions

11.5 Message authentication codes

11.6 MAC versus CRC

11.7 Hash functions in TLS 1.3

11.8 Summary

Chapter 12: Secrets and Keys in TLS 1.3

12.1 Key establishment in TLS 1.3

12.2 TLS secrets

12.3 KDFs in TLS

12.4 Updating TLS secrets

12.5 TLS keys

12.6 TLS key exchange messages

12.7 Summary

Chapter 13: TLS Handshake Protocol Revisited

13.1 TLS client state machine

13.2 TLS server state machine

13.3 Finished message

13.4 Early data

13.5 Post-handshake messages

13.6 OpenSSL s_client

13.7 Summary

Part III Off the Record

Chapter 14: Block Ciphers and Their Modes of Operation

14.1 The big picture

14.2 General principles

14.3 The AES block cipher

14.4 Modes of operation

14.5 Block ciphers in TLS 1.3

14.6 Summary

Chapter 15: Authenticated Encryption

15.1 Preliminaries

15.2 Authenticated encryption – generic composition

15.3 Security of generic composition

15.4 Authenticated ciphers

15.5 Counter with cipher block chaining message authentication code (CCM)

15.6 AEAD in TLS 1.3

15.7 Summary

Chapter 16: The Galois Counter Mode

Chapter 17: TLS Record Protocol Revisited

17.1 TLS Record protocol

17.2 TLS record layer

17.3 TLS record payload protection

17.4 Per-record nonce

17.5 Record padding

17.6 Limits on key usage

17.7 An experiment with the OpenSSL s_client

17.8 Summary

Chapter 18: TLS Cipher Suites

18.1 Symmetric cipher suites in TLS 1.3

18.2 Long-term security

18.3 ChaCha20

18.4 Poly1305

18.5 ChaCha20-Poly1305 AEAD construction

18.6 Mandatory-to-implement cipher suites

18.7 Summary

Part IV Bleeding Hearts and Biting Poodles

Chapter 19: Attacks on Cryptography

19.1 Preliminary remarks

19.2 Passive versus active attacks

19.3 Local versus remote attacks

19.4 Interactive versus non-interactive attacks

19.5 Attacks on cryptographic protocols

19.6 Attacks on encryption schemes

19.7 Attacks on hash functions

19.8 Summary

Chapter 20: Attacks on the TLS Handshake Protocol

20.1 Downgrade attacks

20.2 Logjam

20.3 SLOTH

20.4 Padding oracle attacks on TLS handshake

20.5 Bleichenbacher attack

20.6 Improvements of Bleichenbacher’s attack

20.7 Insecure renegotiation

20.8 Triple Handshake attack

20.9 Summary

Chapter 21: Attacks on the TLS Record Protocol

21.5 Compression-based attacks

21.6 Summary

Chapter 22: Attacks on TLS Implementations

22.1 SMACK

22.2 FREAK

22.3 Truncation attacks

22.4 Heartbleed

22.5 Insecure encryption activation

22.6 Random number generation

Bibliography

Index

Other Books You Might Enjoy

Packt is searching for authors like you

Share Your Thoughts

Download a free PDF copy of this book

Customer Reviews

5 star

4 star

3 star

2 star

1 star

12.4 Updating TLS secrets

At any time after a successful handshake, Alice and Bob can update their application traffic keys using the KeyUpdate message. They accomplish this by first deriving new secrets server˙application˙traffic˙secret˙N+1 and client˙application˙traffic˙secret˙N+1 using the HKDF-Expand-Label function H_EL as shown in Figure 12.13. After that, new application traffic keys are computed using a mechanism we will discuss in the next section.

Figure 12.13: Mechanism for updating TLS application traffic secrets

The TLS 1.3 specification recommends Alice and Bob to delete the n-th server/client application traffic secret and its associated key once the n + 1-th secret has been derived and corresponding traffic keys have been computed.

This is another example of a best practice in applied cryptography and security engineering: as soon as cryptographic material is no longer needed, it should be deleted so it cannot...

TLS Cryptography In-Depth

By : Dr. Paul Duplys, Dr. Roland Schmitz

TLS Cryptography In-Depth

By: Dr. Paul Duplys, Dr. Roland Schmitz

Overview of this book

Related Content you might be interested in

Current Title:

TLS Cryptography In-Depth

Demystifying Cryptography with OpenSSL 3.0

Cryptography Algorithms

Modern Cryptography for Cybersecurity Professionals

12.4 Updating TLS secrets