Transport Layer Security
An Introduction
Prof. David Bernstein
James Madison University
Computer Science Department
bernstdh@jmu.edu
Overview
Provide:
Confidentiality
Data Integrity
Server Authentication
Optional Client Authentication
Compression
Specification:
RFC 5246
History
Secure Sockets Layer (1995) -- Developed by Netscape
TLS v1.1 (2006) --
RFC 4346
TLS v1.2 (2008)
Handshaking
Establish Security Capabilities:
Client sends timestamp, pseudo-random number, supported cipher and compression suites
Server responds wih timestamp, pseudo-random number, selected cipher and compression algorithms
Server Authentication and Key Exchange:
Optional: Server sends certificate
Optional: Server sends key
Optional: Server requests certificate
Client Authentication and Key Exchange:
Optional: Client responds with certificate
Client sends key
Optional: Client sends verification of identity
Finish
Overhead
Handshake Phase:
Encryption on client (using the server's public key)
Decryption on server (using the server's private key)
Clients waiting on servers
Data Transfer Phase:
Symmetric key encryption
Overhead (cont.)
TCP over TLS can take 2-10 times as long as raw TCP!
Session State Information (Partial List)
Session ID:
Chosen by the server
Compression and Cipher Algorithms
Master Secret:
48 bytes
Is Resumable Flag
Connection State Information (Partial List)
Server and Client Secret:
32 bytes
Server-Write Key:
Server encryption and client decryption
Client-Write Key:
Client encryption and server decryption
Sequence Number
Records
Sender Process:
Fragment (if necessary)
Compress
Encrypt
Content:
Content Type
Version Number
Length
Payload
Originating MAC Address
Popular Applications
HTTPS
FTPS [which is an alternative to SFTP -- FTP over Secure Shell (SSH)]
OpenVPN
There's Always More to Learn