06b - Transport Layer Security Flashcards
What protocols Comprise TLS?
- Handshake Protcol
- Change Cipher Spec Protocol
- Alert Protocol
- HTTP
- Heartbeat Protocol
- Record Protocol
What is the difference between a TLS connection and a TLS session?
Connection is:
A transport that provides a suitable type of service.
Typically for TLS such connections are peer-to-peer.
Every connection is associated with one session.
Session is:
An association between a client and a server.
Created by handshake protocol.
Define a set of Cryptographic security parameters which can be shared among multiple connections.
Are used to avoid the expensive negotiation of new security parameters for each connection.
What steps are involved in the TLS Record Protocol Transmission?
- Application Data is broken up into fragments
- Fragments are compressed
- MAC is added to compressed fragments
- Heterogenous fragments are then encrypted
- TLS Record header is appended to the encrypted blocks
For what applications is SSH useful?
- Remote login and X tunnelling
- rapidly becoming one of the most pervasive applications for encryption technology outside of embedded systems
- can be used for network functions like file-transfer and email
- can be used to secure pretty much any TCP connection
Based on what you have learned in this chapter, is it possible in TLS for the receiver to reorder TLS record blocks that arrive out of order?
SSL relies on the underlying TCP protocol which assures that bytes are not lost or modified. So, if the underlying protocol is TCP, then yes, but if the underlying transport protocol is not TCP, then it depends on how that underlying protocol supports packet ordering.
If it’s UDP, TLS has to do the reordering.
What purpose does the MAC serve during the change cipher spec TLS exchange?
To verify that the message is coming from the right person
Summarize Web Security Threats
They involve threats to Integrity, Confidentiality, Denial of Service and Authentication.
Integrity –> modification of user data
Confidentiality –> sensitive data is no longer private
DOS–> users can no longer use service.
Authentication–> users can be impersonated.
Summarize Web Traffic Security Approaches
Web Traffic is typically secured on three levels, Network, Transport and Application.
Present an overview of Transport Layer Security (TLS)
TLS –> offers security on the transport layer. Does this by providing a suite of transport layer protocols for ensuring confidentiality and message integrity.
Understand the differences between Secure Sockets Layer and Transport Layer Security
Compare the Pseudorandom function used in Transport Layer Security with those discussed earlier in the book
Present an overview of HTTPS (HTTPS over SSL)
Present and overview of Secure Shell (SSH)
In the context of SSL / TLS, what is MAC?
Message Authentication Code
- A pre-shared secret defined in the Handshake Protocol.
- is used to verify that the message is coming from the right person
What is an IV?
Initialization Vector
- A (pseudo)random fixed-size input used in encryption methods.
- Purpose is to start off an encryption method (methods that implement various Cipher Modes for encrypted communications).
