The transport layer security protocol (TLS) Flashcards
What is TLS?
Cryptographic services protocol based on PKI
Runs primarly over TCP
Consist of 3 higher-level protocols
What is TLS often used for?
To allow browsers to establish secure sessions with web servers
What 3 higher level protocols does TCP consist of?
TLS handshake protocol to set up session
TLS alert protocol to signal events such as failures
TLS change cipher spec protocol to change the cryptographic algorithms
What are the layers of the TLS: Protocol stack?
Handshake - Change cipher spec - alert - http or other
TLS record protocol
TCP
IP
What does the TLS alert protocol do?
Handles connections by sending an “alert” message of various degrees of severity
What are the three types of alerts in the alert protocol?
Warning alerts
close_notify alert
fatal alerts
What can happen if we have improper handling of alert messages?
Truncation attacks
What does the change cipher spec protocol do?
Normally used after handshake to indicate commencement of secure traffic
What does TLS ciphersuites do?
Specify the public key algorithms used in handshake, and symmetric algo used in record protocol
Describe the TLS_RSA_WITH_3DES_EDE_CBC_SHA cipher suite
Key exchange uses RSA to encrypt a secret chosen by the client
Triple DES (enc-dec-enc) in CBC mode used for encryption
SHA-1 used for the HMAC for data integrity
What does the record protocol do in TLS?
Provides 2 services:
Message confidentiality: Ensure message content cannot be read in transit
Message integrity:Ensure receiver can detect if a message is modified in transit
How does the record protocol provide the 2 services?
A symmetric encryption algorithm and a MAC
Describe the record protocol format
Header: Content type, major version, minor version, length
Plaintext (optionally compressed): encrypted
MAC (not a separate field if AEAD is used): encrypted
What is the Content Type field in the record protocol header?
Defines content types. The defined ones are:
- change-cipher-spec
- alert
- handshake
- application data
What is the length field in the record protocol header?
Length in octets of the data