SSL/TLS Flashcards
What does TLS stand for?
Transport Layer Security
What is the purpose of TLS protocols?
to provide a secure channel between two entities (e.g. a client web browser and a web server) over a public channel
What security services does TLS provide? (4)
- confidentiality
- data integrity
- data origin authentication
- entity authentication.
How are the cryptographic primitives used in TLS? (4)
- Public-key cryptography is used to enable symmetric key establishment
- Digital signatures are used to sign certificates and facilitate entity authentication
- Symmetric encryption is used to provide confidentiality
- MACs are used to provide data origin authentication
and facilitate entity authentication - Hash functions are used as components of MACs and digital signatures, and for key derivation.
What information is included in the cipher suite? (4)
- Key exchange algorithm
- Authentication algorithm
- Encryption algorithm
- Hash algorithm
What two parts does TLS consist of?
Handshake protocol & record protocol
What is the purpose of the handshake protocol?
to perform all the tasks requiring agreement between the two entities before they set up the secure TLS channel
What is the purpose of the record protocol?
to implement the secure channel for communication
How many keys are required to be derived from the master key for both encryption and MACs?
4 (two each)
Why are the random numbers needed for key generation?
So that new keys are established each session
At what stage of the TLS handshake protocol are the cryptographic algorithms agreed upon?
At the end of the second protocol message (server response)
Does the simple TLS handshake protocol provide MUTUAL entity authentication?
no, only entity authentication of the server via the ‘server finished’ messages
