Upload
yang-bingwu
View
52
Download
3
Embed Size (px)
Citation preview
A Little SSL/[email protected]
2017/03/09
SSL Secure Sockets Layer, Netscape1994, Web
TLS Transport Layer Security, 1999 RFC 2246 SSL 3.0
SSL TLS TLS
TLS OpenSSLGoogle BoringSSLOracle JSSEAmazon S2nMicrosoft SChannelApple Secure Transport
TLS TLS .
record layerchange_cipher_spec
record layeralert
record layerhandshake
record layerapplication_data
struct { uint8 major, minor; } ProtocolVersion;
enum { change_cipher_spec(20), alert(21), handshake(22), application_data(23), (255) } ContentType;
struct { ContentType type; ProtocolVersion version; uint16 length; opaque fragment[TLSPlaintext.length]; } TLSPlaintext;
TLS
Client Hello
Client Hello
Cipher Suite
Server Name
Server Hello
Server Hello
Cipher Suite: TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xc02f)
TLS
cipher suite
cipher suite 4
1. key exchange algorithm () 2. authentication method () 3. bulk encryption cipher () 4. message authentication code () 5. pseudorandom function
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
: ECDHE : RSA : AES_128_GCM MAC SHA256
cipher suite IANA
https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-
parameters-4
https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-4https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-4https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-4
Server Certificate
Chrome Firefox mozilla https://hg.mozilla.org/mozilla-central/raw-file/tip/security/nss/lib/ckfw/builtins/certdata.txt Linux /etc/ssl/certs/ca-bundle.trust.crt https://hg.mozilla.org/mozilla-central/raw-file/tip/security/nss/lib/ckfw/builtins/certdata.txt
https://hg.mozilla.org/mozilla-central/raw-file/tip/security/nss/lib/ckfw/builtins/certdata.txthttps://hg.mozilla.org/mozilla-central/raw-file/tip/security/nss/lib/ckfw/builtins/certdata.txthttps://hg.mozilla.org/mozilla-central/raw-file/tip/security/nss/lib/ckfw/builtins/certdata.txthttps://hg.mozilla.org/mozilla-central/raw-file/tip/security/nss/lib/ckfw/builtins/certdata.txthttps://hg.mozilla.org/mozilla-central/raw-file/tip/security/nss/lib/ckfw/builtins/certdata.txthttps://hg.mozilla.org/mozilla-central/raw-file/tip/security/nss/lib/ckfw/builtins/certdata.txt
Certificate Request( (Client Certificate)
Server Key Exchange Message
Server Certificate premaster secret
Server Hello Done
Client Certificate()
Client Key Exchange Message
Encrypted Handshake Message
Change Cipher Spec Protocol
Application Data
TLS Application Data
master key
master_secret = PRF(pre_master_secret, "master secret", ClientHello.random + ServerHello.random)
ClientHello.random ServerHello.random pre_master_secret
RSA
pre_master_secret, pre_master_secret.
TLS
RSA
pre master key (Forward Secrecy), HTTP2 SSL Perfect Forward Secrecy
DH
pre master key, DH DH pre master key pre master key
SSLKEYLOGFILE
TLS master key wireshark TLS
TLS
1. 2. 3. 4. TLS
1.
2. ECC
ECCElliptic Curve Cryptography256 ECC Key 3072 RSA Key.
ECC
1. ECC 2.
ARM ChaCha20-Poly1305 ARM
intel AES-GCM Intel AES NIAdvanced Encryption Standard new instructions x86 AES
1. TLS session id
session id
2. TLS session ticket
session ticket session ticket
TLS
RTT
False Start
TLS False Start
ChromeFirefoxNPN/ALPN cipher suite Forward Secrecy
OCSP Stapling OCSP CRL
TLS 1.3 Chrome Firefox TLS 1.3