Presentation is loading. Please wait.

Presentation is loading. Please wait.

TLS: avoiding dangers A presentation by Dmitry Belyavsky, TCI Business Internet Conference Kiev, Ukraine, December 2013.

Published byPauline Newman Modified over 8 years ago

Similar presentations

Presentation on theme: "TLS: avoiding dangers A presentation by Dmitry Belyavsky, TCI Business Internet Conference Kiev, Ukraine, December 2013."— Presentation transcript:

1 TLS: avoiding dangers A presentation by Dmitry Belyavsky, TCI Business Internet Conference Kiev, Ukraine, December 2013

2 TLS: history SSLv2 deprecated by RFC 6176 SSLv3 still widely supported TLS 1.0 in RFC 2246 (1999)TLS 1.1 in RFC 4346 (2006) TLS 1.2 in RFC 5246 (2008)

3 TLS: general overview

4 Check the server certificate Many trusted CAs The server certificate signed correctly by any of them? We warn the user Everything seems to be ok! YES NO

5 DigiNotar case OCSP requests for the fake *.google.com certificate Source: FOX-IT, Interim Report, http://cryptome.org/0005/diginotar-insec.pdfhttp://cryptome.org/0005/diginotar-insec.pdf

6 PKI: extra trust PKI Independent source Trusted certificate DANE (RFC 6698) Limited browsers support Certificate pinning Mozilla Certificate Patrol, Chrome cache for Google certificates Certificate transparency (RFC 6962) Inspired by Google (Support in Chrome appeared) One of the authors - Ben Laurie (OpenSSL Founder) CA support – Comodo

7 Use >= 2048 bit keys now Secret key size Elliptic curve cryptography RSA Factorization 576 bit 2003 640 bit 2005 768 bit 2009 Patent Restrictions

8 RSA key exchange Public key Private key Premaster secret in encrypted on server public key and sent to server So it can be decrypted when the attacker gets the server private key

9 Perfect Forward Secrecy ALICE BOB + + + + = = = = Common Paint Secret Colours Common Secret Public Transport SSL Best Practices https://www.ssllabs.com/projects/best-practices/

10 TLS encryption AES 128/192/256 Camellia 128/192/256 3DES, DES, MD2… RC4 No BEAST attack Key recovery attacks Block Ciphers Stream Ciphers BEAST Lucky 13

11 Recommendations - I Anonymous Diffie-Hellman (ADH) suites do not provide authentication NULL cipher suites provide no encryption Export key exchange suites use authentication that can easily be broken Suites with weak ciphers (typically of 40 and 56 bits) use encryption that can easily be broken X X X X

12 Recommendations - II SSLProtocol all -SSLv2 -SSLv3 SSLHonorCipherOrder on SSLCipherSuite EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH+aRSA+RC4 EECDH EDH+aRSA RC4 !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS”

13 Q&A Questions? Drop ‘em at: beldmit@tcinet.ru

Download ppt "TLS: avoiding dangers A presentation by Dmitry Belyavsky, TCI Business Internet Conference Kiev, Ukraine, December 2013."

Similar presentations

Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.

Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.
1 Lecture 17: SSL/TLS history, architecture basic handshake session initiation/resumption key computation negotiating cipher suites application: SET.

1 Lecture 17: SSL/TLS history, architecture basic handshake session initiation/resumption key computation negotiating cipher suites application: SET.
CS470, A.SelcukSSL/TLS & SET1 CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.

CS470, A.SelcukSSL/TLS & SET1 CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.
Security in Internet: what is it now? A presentation by Dmitry Belyavsky, TCI ENOG 6 / RIPE NCC Regional Meeting Kiev, Ukraine, October 2013.

Security in Internet: what is it now? A presentation by Dmitry Belyavsky, TCI ENOG 6 / RIPE NCC Regional Meeting Kiev, Ukraine, October 2013.
Cryptography and Network Security

Cryptography and Network Security
SSL CS772 Fall 2011. Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.

SSL CS772 Fall Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.
An Introduction to Secure Sockets Layer (SSL). Overview Types of encryption SSL History Design Goals Protocol Problems Competing Technologies.

An Introduction to Secure Sockets Layer (SSL). Overview Types of encryption SSL History Design Goals Protocol Problems Competing Technologies.
1 SSL/TLS 2 Web security Security requirements Secrecy to prevent eavesdroppers to learn sensitive information Entity authentication Message authentication.

1 SSL/TLS 2 Web security Security requirements Secrecy to prevent eavesdroppers to learn sensitive information Entity authentication Message authentication.
COMP043-Cryptology Week 4 – Certs and Sigs. Digital Signatures Digital signatures provide –Integrity –Authenticity and –Non-repudiation How do they work?

COMP043-Cryptology Week 4 – Certs and Sigs. Digital Signatures Digital signatures provide –Integrity –Authenticity and –Non-repudiation How do they work?
More on SSL/TLS. Internet security: TLS TLS is one of the more prominent internet security protocols. TLS is one of the more prominent internet security.

More on SSL/TLS. Internet security: TLS TLS is one of the more prominent internet security protocols. TLS is one of the more prominent internet security.
An Introduction to Security Concepts and Public Key Infrastructure (PKI) Mary Thompson.

An Introduction to Security Concepts and Public Key Infrastructure (PKI) Mary Thompson.
Cryptography and Network Security Chapter 17

Cryptography and Network Security Chapter 17
Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.

Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.
Encryption An Overview. Fundamental problems Internet traffic goes through many networks and routers Many of those networks are broadcast media Sniffing.

Encryption An Overview. Fundamental problems Internet traffic goes through many networks and routers Many of those networks are broadcast media Sniffing.
Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Chapter 8 Web Security.

Chapter 8 Web Security.
Secure Sockets Layer (SSL) Fred Schank Kevin Wetter.

Secure Sockets Layer (SSL) Fred Schank Kevin Wetter.
CSCI 6962: Server-side Design and Programming

CSCI 6962: Server-side Design and Programming
1 Cryptography Cryptography is a collection of mathematical techniques to ensure confidentiality of information Cryptography is a collection of mathematical.

1 Cryptography Cryptography is a collection of mathematical techniques to ensure confidentiality of information Cryptography is a collection of mathematical.
1 Cryptography Basics. 2 Cryptography Basic terminologies Symmetric key encryption Asymmetric key encryption Public Key Infrastructure Digital Certificates.

1 Cryptography Basics. 2 Cryptography Basic terminologies Symmetric key encryption Asymmetric key encryption Public Key Infrastructure Digital Certificates.

Similar presentations

Ads by Google