Browse Library
Sign In Start Free Trial
Close icon Search icon
Account
Browse Library Advanced Search Sign In Start Free Trial

Add to playlist

Create a Playlist

Modal Close icon
You need to login to use this feature.
  • TLS Cryptography In-Depth
  • Toc
  • feedback
TLS Cryptography In-Depth

TLS Cryptography In-Depth

By : Dr. Paul Duplys, Dr. Roland Schmitz
4.7 (3)
close
TLS Cryptography In-Depth

TLS Cryptography In-Depth

4.7 (3)
By: Dr. Paul Duplys, Dr. Roland Schmitz

Overview of this book

TLS is the most widely used cryptographic protocol today, enabling e-commerce, online banking, and secure online communication. Written by Dr. Paul Duplys, Security, Privacy & Safety Research Lead at Bosch, and Dr. Roland Schmitz, Internet Security Professor at Stuttgart Media University, this book will help you gain a deep understanding of how and why TLS works, how past attacks on TLS were possible, and how vulnerabilities that enabled them were addressed in the latest TLS version 1.3. By exploring the inner workings of TLS, you’ll be able to configure it and use it more securely. Starting with the basic concepts, you’ll be led step by step through the world of modern cryptography, guided by the TLS protocol. As you advance, you’ll be learning about the necessary mathematical concepts from scratch. Topics such as public-key cryptography based on elliptic curves will be explained with a view on real-world applications in TLS. With easy-to-understand concepts, you’ll find out how secret keys are generated and exchanged in TLS, and how they are used to creating a secure channel between a client and a server. By the end of this book, you’ll have the knowledge to configure TLS servers securely. Moreover, you’ll have gained a deep knowledge of the cryptographic primitives that make up TLS.
Table of Contents (30 chapters)
close
close
Preface
Preface
Who is this book for
What this book covers
To get the most out of this book
Conventions used
Get in touch
Share Your Thoughts
Download a free PDF copy of this book
1
Part I Getting Started
Part I Getting Started
Free Chapter
2
Chapter 1: The Role of Cryptography in the Connected World
Chapter 1: The Role of Cryptography in the Connected World
1.1 Evolution of cryptography
1.2 The advent of TLS and the internet
1.3 Increasing connectivity
1.4 Increasing complexity
1.5 Example attacks
1.6 Summary
3
Chapter 2: Secure Channel and the CIA Triad
Chapter 2: Secure Channel and the CIA Triad
2.1 Technical requirements
2.2 Preliminaries
2.3 Confidentiality
2.4 Integrity
2.5 Authentication
2.6 Secure channels and the CIA triad
2.7 Summary
4
Chapter 3: A Secret to Share
Chapter 3: A Secret to Share
3.1 Secret keys and Kerckhoffs’s principle
3.2 Cryptographic keys
3.3 Key space
3.4 Key length
3.5 Crypto-agility and information half-life
3.6 Key establishment
3.7 Randomness and entropy
3.8 Summary
5
Chapter 4: Encryption and Decryption
Chapter 4: Encryption and Decryption
4.1 Preliminaries
4.2 Symmetric cryptosystems
4.3 Information-theoretical security (perfect secrecy)
4.4 Computational security
4.5 Pseudorandomness
4.6 Summary
6
Chapter 5: Entity Authentication
Chapter 5: Entity Authentication
5.1 The identity concept
5.2 Authorization and authenticated key establishment
5.3 Message authentication versus entity authentication
5.4 Password-based authentication
5.5 Challenge-response protocols
5.6 Summary
7
Chapter 6: Transport Layer Security at a Glance
Chapter 6: Transport Layer Security at a Glance
6.1 Birth of the World Wide Web
6.2 Early web browsers
6.3 From SSL to TLS
6.4 TLS overview
6.5 TLS version 1.2
6.6 TLS version 1.3
6.7 Major differences between TLS versions 1.3 and 1.2
6.8 Summary
8
Part II Shaking Hands
Part II Shaking Hands
9
Chapter 7: Public-Key Cryptography
Chapter 7: Public-Key Cryptography
7.1 Preliminaries
7.2 Groups
7.3 The Diffie-Hellman key-exchange protocol
7.4 Security of Diffie-Hellman key exchange
7.5 The ElGamal encryption scheme
7.6 Finite fields
7.7 The RSA algorithm
7.8 Security of the RSA algorithm
7.9 Authenticated key agreement
7.10 Public-key cryptography in TLS 1.3
7.11 Hybrid cryptosystems
7.12 Summary
10
Chapter 8: Elliptic Curves
Chapter 8: Elliptic Curves
8.1 What are elliptic curves?
8.2 Elliptic curves as abelian groups
8.3 Elliptic curves over finite fields
8.4 Security of elliptic curves
8.5 Elliptic curves in TLS 1.3
8.6 Summary
11
Chapter 9: Digital Signatures
Chapter 9: Digital Signatures
9.1 General considerations
9.2 RSA-based signatures
9.3 Digital signatures based on discrete logarithms
9.4 Digital signatures in TLS 1.3
9.5 Summary
12
Chapter 10: Digital Certificates and Certification Authorities
Chapter 10: Digital Certificates and Certification Authorities
10.1 What is a digital certificate?
10.2 X.509 certificates
10.3 Main components of a public-key infrastructure
10.4 Rogue CAs
10.5 Digital certificates in TLS
10.6 Summary
13
Chapter 11: Hash Functions and Message Authentication Codes
Chapter 11: Hash Functions and Message Authentication Codes
11.1 The need for authenticity and integrity
11.2 What cryptographic guarantees does encryption provide?
11.3 One-way functions
11.4 Hash functions
11.5 Message authentication codes
11.6 MAC versus CRC
11.7 Hash functions in TLS 1.3
11.8 Summary
14
Chapter 12: Secrets and Keys in TLS 1.3
chevron up
Chapter 12: Secrets and Keys in TLS 1.3
12.1 Key establishment in TLS 1.3
12.2 TLS secrets
12.3 KDFs in TLS
12.4 Updating TLS secrets
12.5 TLS keys
12.6 TLS key exchange messages
12.7 Summary
15
Chapter 13: TLS Handshake Protocol Revisited
Chapter 13: TLS Handshake Protocol Revisited
13.1 TLS client state machine
13.2 TLS server state machine
13.3 Finished message
13.4 Early data
13.5 Post-handshake messages
13.6 OpenSSL s_client
13.7 Summary
16
Part III Off the Record
Part III Off the Record
17
Chapter 14: Block Ciphers and Their Modes of Operation
Chapter 14: Block Ciphers and Their Modes of Operation
14.1 The big picture
14.2 General principles
14.3 The AES block cipher
14.4 Modes of operation
14.5 Block ciphers in TLS 1.3
14.6 Summary
18
Chapter 15: Authenticated Encryption
Chapter 15: Authenticated Encryption
15.1 Preliminaries
15.2 Authenticated encryption – generic composition
15.3 Security of generic composition
15.4 Authenticated ciphers
15.5 Counter with cipher block chaining message authentication code (CCM)
15.6 AEAD in TLS 1.3
15.7 Summary
19
Chapter 16: The Galois Counter Mode
Chapter 16: The Galois Counter Mode
16.1 Preliminaries
16.2 GCM security
16.3 GCM performance
16.4 Summary
20
Chapter 17: TLS Record Protocol Revisited
Chapter 17: TLS Record Protocol Revisited
17.1 TLS Record protocol
17.2 TLS record layer
17.3 TLS record payload protection
17.4 Per-record nonce
17.5 Record padding
17.6 Limits on key usage
17.7 An experiment with the OpenSSL s_client
17.8 Summary
21
Chapter 18: TLS Cipher Suites
Chapter 18: TLS Cipher Suites
18.1 Symmetric cipher suites in TLS 1.3
18.2 Long-term security
18.3 ChaCha20
18.4 Poly1305
18.5 ChaCha20-Poly1305 AEAD construction
18.6 Mandatory-to-implement cipher suites
18.7 Summary
22
Part IV Bleeding Hearts and Biting Poodles
Part IV Bleeding Hearts and Biting Poodles
23
Chapter 19: Attacks on Cryptography
Chapter 19: Attacks on Cryptography
19.1 Preliminary remarks
19.2 Passive versus active attacks
19.3 Local versus remote attacks
19.4 Interactive versus non-interactive attacks
19.5 Attacks on cryptographic protocols
19.6 Attacks on encryption schemes
19.7 Attacks on hash functions
19.8 Summary
24
Chapter 20: Attacks on the TLS Handshake Protocol
Chapter 20: Attacks on the TLS Handshake Protocol
20.1 Downgrade attacks
20.2 Logjam
20.3 SLOTH
20.4 Padding oracle attacks on TLS handshake
20.5 Bleichenbacher attack
20.6 Improvements of Bleichenbacher’s attack
20.7 Insecure renegotiation
20.8 Triple Handshake attack
20.9 Summary
25
Chapter 21: Attacks on the TLS Record Protocol
Chapter 21: Attacks on the TLS Record Protocol
21.1 Lucky 13
21.2 POODLE
21.3 BEAST
21.4 Sweet32
21.5 Compression-based attacks
21.6 Summary
26
Chapter 22: Attacks on TLS Implementations
Chapter 22: Attacks on TLS Implementations
22.1 SMACK
22.2 FREAK
22.3 Truncation attacks
22.4 Heartbleed
22.5 Insecure encryption activation
22.6 Random number generation
22.7 BERserk attack
22.8 Cloudbleed
22.9 Timing attacks
22.10 Summary
27
Bibliography
Bibliography
28
Index
Index
29
Other Books You Might Enjoy
Other Books You Might Enjoy
Packt is searching for authors like you
Share Your Thoughts
Download a free PDF copy of this book

12.4 Updating TLS secrets

At any time after a successful handshake, Alice and Bob can update their application traffic keys using the KeyUpdate message. They accomplish this by first deriving new secrets server˙application˙traffic˙secret˙N+1 and client˙application˙traffic˙secret˙N+1 using the HKDF-Expand-Label function HEL as shown in Figure 12.13. After that, new application traffic keys are computed using a mechanism we will discuss in the next section.

Figure 12.13: Mechanism for updating TLS application traffic secrets

Figure 12.13: Mechanism for updating TLS application traffic secrets

The TLS 1.3 specification recommends Alice and Bob to delete the n-th server/client application traffic secret and its associated key once the n + 1-th secret has been derived and corresponding traffic keys have been computed.

This is another example of a best practice in applied cryptography and security engineering: as soon as cryptographic material is no longer needed, it should be deleted so it cannot...

Unlock full access

Continue reading for free

A Packt free trial gives you instant online access to our library of over 7000 practical eBooks and videos, constantly updated with the latest in tech
Start a 7-day FREE trial
End of Section 5
Next Section
bookmark search playlist font-size

Change the font size

margin-width

Change margin width

day-mode

Change background colour

Close icon Search
Country selected
Close icon Your notes and bookmarks

Delete Bookmark

Modal Close icon
Are you sure you want to delete it?
Cancel
Yes, Delete