TLS Cryptography In-Depth

By : Dr. Paul Duplys, Dr. Roland Schmitz

TLS Cryptography In-Depth

By: Dr. Paul Duplys, Dr. Roland Schmitz

Overview of this book

TLS is the most widely used cryptographic protocol today, enabling e-commerce, online banking, and secure online communication. Written by Dr. Paul Duplys, Security, Privacy & Safety Research Lead at Bosch, and Dr. Roland Schmitz, Internet Security Professor at Stuttgart Media University, this book will help you gain a deep understanding of how and why TLS works, how past attacks on TLS were possible, and how vulnerabilities that enabled them were addressed in the latest TLS version 1.3. By exploring the inner workings of TLS, you’ll be able to configure it and use it more securely. Starting with the basic concepts, you’ll be led step by step through the world of modern cryptography, guided by the TLS protocol. As you advance, you’ll be learning about the necessary mathematical concepts from scratch. Topics such as public-key cryptography based on elliptic curves will be explained with a view on real-world applications in TLS. With easy-to-understand concepts, you’ll find out how secret keys are generated and exchanged in TLS, and how they are used to creating a secure channel between a client and a server. By the end of this book, you’ll have the knowledge to configure TLS servers securely. Moreover, you’ll have gained a deep knowledge of the cryptographic primitives that make up TLS.

Preface

Who is this book for

What this book covers

To get the most out of this book

Conventions used

Get in touch

Share Your Thoughts

Download a free PDF copy of this book

Part I Getting Started

Free Chapter

Chapter 1: The Role of Cryptography in the Connected World

1.1 Evolution of cryptography

1.2 The advent of TLS and the internet

1.3 Increasing connectivity

1.4 Increasing complexity

1.5 Example attacks

1.6 Summary

Chapter 2: Secure Channel and the CIA Triad

2.1 Technical requirements

2.6 Secure channels and the CIA triad

2.7 Summary

Chapter 3: A Secret to Share

3.1 Secret keys and Kerckhoffs’s principle

3.2 Cryptographic keys

3.3 Key space

3.4 Key length

3.5 Crypto-agility and information half-life

3.6 Key establishment

3.7 Randomness and entropy

3.8 Summary

Chapter 4: Encryption and Decryption

4.1 Preliminaries

4.2 Symmetric cryptosystems

4.3 Information-theoretical security (perfect secrecy)

4.4 Computational security

4.5 Pseudorandomness

4.6 Summary

Chapter 5: Entity Authentication

5.1 The identity concept

5.2 Authorization and authenticated key establishment

5.3 Message authentication versus entity authentication

5.4 Password-based authentication

5.5 Challenge-response protocols

5.6 Summary

Chapter 6: Transport Layer Security at a Glance

6.1 Birth of the World Wide Web

6.2 Early web browsers

6.7 Major differences between TLS versions 1.3 and 1.2

6.8 Summary

Part II Shaking Hands

Chapter 7: Public-Key Cryptography

7.1 Preliminaries

7.2 Groups

7.3 The Diffie-Hellman key-exchange protocol

7.4 Security of Diffie-Hellman key exchange

7.5 The ElGamal encryption scheme

7.6 Finite fields

7.7 The RSA algorithm

7.8 Security of the RSA algorithm

7.9 Authenticated key agreement

7.10 Public-key cryptography in TLS 1.3

7.11 Hybrid cryptosystems

7.12 Summary

Chapter 8: Elliptic Curves

8.1 What are elliptic curves?

8.2 Elliptic curves as abelian groups

8.3 Elliptic curves over finite fields

8.4 Security of elliptic curves

8.5 Elliptic curves in TLS 1.3

8.6 Summary

Chapter 9: Digital Signatures

9.1 General considerations

9.2 RSA-based signatures

9.3 Digital signatures based on discrete logarithms

9.4 Digital signatures in TLS 1.3

9.5 Summary

Chapter 10: Digital Certificates and Certification Authorities

10.1 What is a digital certificate?

10.2 X.509 certificates

10.3 Main components of a public-key infrastructure

10.4 Rogue CAs

10.5 Digital certificates in TLS

10.6 Summary

Chapter 11: Hash Functions and Message Authentication Codes

11.1 The need for authenticity and integrity

11.2 What cryptographic guarantees does encryption provide?

11.3 One-way functions

11.4 Hash functions

11.5 Message authentication codes

11.6 MAC versus CRC

11.7 Hash functions in TLS 1.3

11.8 Summary

Chapter 12: Secrets and Keys in TLS 1.3

12.1 Key establishment in TLS 1.3

12.2 TLS secrets

12.3 KDFs in TLS

12.4 Updating TLS secrets

12.5 TLS keys

12.6 TLS key exchange messages

12.7 Summary

Chapter 13: TLS Handshake Protocol Revisited

13.1 TLS client state machine

13.2 TLS server state machine

13.3 Finished message

13.4 Early data

13.5 Post-handshake messages

13.6 OpenSSL s_client

13.7 Summary

Part III Off the Record

Chapter 14: Block Ciphers and Their Modes of Operation

14.1 The big picture

14.2 General principles

14.3 The AES block cipher

14.4 Modes of operation

14.5 Block ciphers in TLS 1.3

14.6 Summary

Chapter 15: Authenticated Encryption

15.1 Preliminaries

15.2 Authenticated encryption – generic composition

15.3 Security of generic composition

15.4 Authenticated ciphers

15.5 Counter with cipher block chaining message authentication code (CCM)

15.6 AEAD in TLS 1.3

15.7 Summary

Chapter 16: The Galois Counter Mode

Chapter 17: TLS Record Protocol Revisited

17.1 TLS Record protocol

17.2 TLS record layer

17.3 TLS record payload protection

17.4 Per-record nonce

17.5 Record padding

17.6 Limits on key usage

17.7 An experiment with the OpenSSL s_client

17.8 Summary

Chapter 18: TLS Cipher Suites

18.1 Symmetric cipher suites in TLS 1.3

18.2 Long-term security

18.3 ChaCha20

18.4 Poly1305

18.5 ChaCha20-Poly1305 AEAD construction

18.6 Mandatory-to-implement cipher suites

18.7 Summary

Part IV Bleeding Hearts and Biting Poodles

Chapter 19: Attacks on Cryptography

19.1 Preliminary remarks

19.2 Passive versus active attacks

19.3 Local versus remote attacks

19.4 Interactive versus non-interactive attacks

19.5 Attacks on cryptographic protocols

19.6 Attacks on encryption schemes

19.7 Attacks on hash functions

19.8 Summary

Chapter 20: Attacks on the TLS Handshake Protocol

20.1 Downgrade attacks

20.2 Logjam

20.3 SLOTH

20.4 Padding oracle attacks on TLS handshake

20.5 Bleichenbacher attack

20.6 Improvements of Bleichenbacher’s attack

20.7 Insecure renegotiation

20.8 Triple Handshake attack

20.9 Summary

Chapter 21: Attacks on the TLS Record Protocol

21.5 Compression-based attacks

21.6 Summary

Chapter 22: Attacks on TLS Implementations

22.1 SMACK

22.2 FREAK

22.3 Truncation attacks

22.4 Heartbleed

22.5 Insecure encryption activation

22.6 Random number generation

Bibliography

Index

Other Books You Might Enjoy

Packt is searching for authors like you

Share Your Thoughts

Download a free PDF copy of this book

Customer Reviews

5 star

4 star

3 star

2 star

1 star

17.2 TLS record layer

The TLS record layer partitions data to be transmitted into TLSPlaintext records of up to 2¹⁴ bytes. The data structure of a TLS 1.3 TLSPlaintext record is shown in Listing 17.1.

Listing 17.1: Structure of TLSPlaintext records

enum {
   invalid(0),
   change_cipher_spec(20),
   alert(21),
   handshake(22),
   application_data(23),
   (255)
} ContentType;

struct {
   ContentType type;
   ProtocolVersion legacy_record_version;
   uint16 length;
   opaque fragment[TLSPlaintext.length];
} TLSPlaintext;

The legacy˙record˙version variable denotes the record’s TLS version. As of TLS 1.3, legacy˙record˙version is deprecated, and the only requirement in the TLS 1.3 specification is for this field to have the value 0x0303 for all records, except the initial ClientHello, which may also...

TLS Cryptography In-Depth

By : Dr. Paul Duplys, Dr. Roland Schmitz

TLS Cryptography In-Depth

By: Dr. Paul Duplys, Dr. Roland Schmitz

Overview of this book

Related Content you might be interested in

Current Title:

TLS Cryptography In-Depth

Demystifying Cryptography with OpenSSL 3.0

Cryptography Algorithms

Modern Cryptography for Cybersecurity Professionals

17.2 TLS record layer