A titkosítás
(TLS)
alapjai I.

Pfeiffer Szilárd

Balasys

Bob

Craig, Eve, Mallory, Sybil, Trudy, ...

Alice

Symmetric-key algorithms

Hash algorithms

#

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua.

a8ae2f4a56baf78845c041c833946d00

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua

5e1e4087285a6c7c7d503332b14c5bf7

Public-key algorithms

Digital signature

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua.

a8ae2f4a56baf78845c041c833946d00

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua.

WoT vs. PKI

Grades

TLS Protocols

TLS Protocols

ssl.use-sslv2 = "disable"
...

Lighttpd

ssl_protocols TLSv1.2 TLSv1.3;

Nginx

SSLProtocol +TLSv1.2 +TLSv1.3

Apache

!TLSv1.1 !TLSv1.0 !TLSv1 !SSLv2 !SSLv3

Cipher Suites

TLS

protocol

_ECDHE
_RSA
_AES_128_CBC
_SHA256

key exchange

authentication

symmetric cipher

MAC

Key Exchange

  • Forward Secrecy

    • ephemeral

    • static

  • Key Strength

  • Session Resumption

    • session id

    • session ticket

Forward Secrecy

ephemeral

static

Diffie–Hellman

(DH)

Rivest–Shamir–Adleman

(RSA)

Elliptic-curve
Diffie–Hellman
(ECDH)

Elliptic-curve

Diffie–Hellman Ephemeral
(ECDHE)

Diffie-Hellman Ephemeral

(DHE)

Forward Secrecy

Exchange Strength

Session Resumption

  • perfect forward secrecy
    • stateful vs. stateless
    • stored cryptographic parameters
    • unencrypted sending
  • speed
    • real time
    • CPU time

Authentication

  • Key types
    • Digital Signature Algorithm (DSA)
    • Rivest–Shamir–Adleman (RSA)
    • Elliptic Curve DSA (ECDSA)
  • Key sizes
  • Signature algorithms

Key Sizes

Signature Algorithm

Bulk Cipher

  • Stream Cipher
  • Block Cipher

    • secure

    • insecure

    • unused

  • Block Cipher Mode

Stream Cipher

secure

insecure

Rivest Cipher 4

(ARCFOUR/RC4)

ChaCha

(ChaCha20)

Rivest Cipher 4

Block Cipher

secure

insecure

Block Size of 64 bits

(DES, 3DES, GHOST, IDEA, RC2)

Advanced Encryption Standard

(AES128, AES256)

CBC mode only

(SEED)

unused

Far East

(ARIA, Camellia)

Block Cipher Mode

authenticated

not authenticated

Cipher Block Chaining

(CBC)

Galois/Counter Mode
(GCM)

Counter with CBC-MAC

(CCM/CCM-8)

MAC

  • MAC types

    • HMAC

    • UMAC

  • MAC algorithms

MAC types

universal hashing

has based

Message-Digest Algorithm 5

(MD5)

Poly1305
(POLY1305)

Secure Hash Algorithm 2

(SHA256, SHA384)

Secure Hash Algorithm 1

(SHA-1)

MAC algorithms

secure

collisions

Message-Digest Algorithm 5

(MD5)

Poly1305
(POLY1305)

Secure Hash Algorithm 2

(SHA256, SHA384)

Secure Hash Algorithm 1

(SHA-1)

Cipher Settings

  • cipher suites

    • explicit list

    • list operations

  • cipher preference

Cipher Suites

ssl.cipher-list = "CipherSuiteString"

Lighttpd

ssl_ciphers CipherSuiteString

Nginx

SSLCipherSuite CipherSuiteString

Apache

HIGH:!PSK:!SRP:!aNULL:!aDSS:!kRSA:!ARIA:!CAMELLIA:!SHA:!AESCCM

Cipher Preference

honor-cipher-order = "enable"

Lighttpd

ssl_prefer_server_ciphers On;

Nginx

SSLHonorCipherOrder On

Apache

Always On

Questions?