GO TO TOP

You're reading from TLS Cryptography In-Depth Explore the intricacies of modern cryptography and the inner workings of TLS

Product type Paperback

Published in Jan 2024

Publisher Packt

ISBN-13 9781804611951

Length 712 pages

Edition 1st Edition

Concepts

Cryptography

Authors (2):

Dr. Roland Schmitz

Dr. Roland Schmitz has been a professor of internet security at the Stuttgart Media University (HdM) since 2001. Prior to joining HdM, from 1995 to 2001, he worked as a research engineer at Deutsche Telekom, with a focus on mobile security and digital signature standardization. At HdM, Roland teaches courses on internet security, system security, security engineering, digital rights management, theoretical computer science, discrete mathematics, and game physics. He has published numerous scientific papers in the fields of internet and multimedia security. Moreover, he has authored and co-authored several books. Roland holds a PhD degree in mathematics from Technical University Braunschweig, Germany.

See other products by Dr. Roland Schmitz

Dr. Paul Duplys

Dr. Paul Duplys is chief expert for cybersecurity at the department for technical strategies and enabling within the Mobility sector of Robert Bosch GmbH, a Tier-1 automotive supplier and manufacturer of industrial, residential, and consumer goods. Previous to this position, he spent over 12 years with Bosch Corporate Research, where he led the security and privacy research program and conducted applied research in various fields of information security. Paul's research interests include security automation, software security, security economics, software engineering, and AI. Paul holds a PhD degree in computer science from the University of Tuebingen, Germany.

See other products by Dr. Paul Duplys

View More author details

Table of Contents (30) Chapters

Preface

Who is this book for
What this book covers
To get the most out of this book
Conventions used
Get in touch
Share Your Thoughts

1. Part I Getting Started

2. Chapter 1: The Role of Cryptography in the Connected World FREE CHAPTER

1.1 Evolution of cryptography
1.2 The advent of TLS and the internet
1.3 Increasing connectivity
1.4 Increasing complexity
1.5 Example attacks
1.6 Summary

3. Chapter 2: Secure Channel and the CIA Triad

2.1 Technical requirements
2.2 Preliminaries
2.3 Confidentiality
2.4 Integrity
2.5 Authentication
2.6 Secure channels and the CIA triad
2.7 Summary

4. Chapter 3: A Secret to Share

3.1 Secret keys and Kerckhoffs’s principle
3.2 Cryptographic keys
3.3 Key space
3.4 Key length
3.5 Crypto-agility and information half-life
3.6 Key establishment
3.7 Randomness and entropy
3.8 Summary

5. Chapter 4: Encryption and Decryption

4.1 Preliminaries
4.2 Symmetric cryptosystems
4.3 Information-theoretical security (perfect secrecy)
4.4 Computational security
4.5 Pseudorandomness
4.6 Summary

6. Chapter 5: Entity Authentication

5.1 The identity concept
5.2 Authorization and authenticated key establishment
5.3 Message authentication versus entity authentication
5.4 Password-based authentication
5.5 Challenge-response protocols
5.6 Summary

7. Chapter 6: Transport Layer Security at a Glance

6.1 Birth of the World Wide Web
6.2 Early web browsers
6.3 From SSL to TLS
6.4 TLS overview
6.5 TLS version 1.2
6.6 TLS version 1.3
6.7 Major differences between TLS versions 1.3 and 1.2
6.8 Summary

8. Part II Shaking Hands

9. Chapter 7: Public-Key Cryptography

7.1 Preliminaries
7.2 Groups
7.3 The Diffie-Hellman key-exchange protocol
7.4 Security of Diffie-Hellman key exchange
7.5 The ElGamal encryption scheme
7.6 Finite fields
7.7 The RSA algorithm
7.8 Security of the RSA algorithm
7.9 Authenticated key agreement
7.10 Public-key cryptography in TLS 1.3
7.11 Hybrid cryptosystems
7.12 Summary

10. Chapter 8: Elliptic Curves

8.1 What are elliptic curves?
8.2 Elliptic curves as abelian groups
8.3 Elliptic curves over finite fields
8.4 Security of elliptic curves
8.5 Elliptic curves in TLS 1.3
8.6 Summary

11. Chapter 9: Digital Signatures

9.1 General considerations
9.2 RSA-based signatures
9.3 Digital signatures based on discrete logarithms
9.4 Digital signatures in TLS 1.3
9.5 Summary

12. Chapter 10: Digital Certificates and Certification Authorities

10.1 What is a digital certificate?
10.2 X.509 certificates
10.3 Main components of a public-key infrastructure
10.4 Rogue CAs
10.5 Digital certificates in TLS
10.6 Summary

13. Chapter 11: Hash Functions and Message Authentication Codes

11.1 The need for authenticity and integrity
11.2 What cryptographic guarantees does encryption provide?
11.3 One-way functions
11.4 Hash functions
11.5 Message authentication codes
11.6 MAC versus CRC
11.7 Hash functions in TLS 1.3
11.8 Summary

14. Chapter 12: Secrets and Keys in TLS 1.3

12.1 Key establishment in TLS 1.3
12.2 TLS secrets
12.3 KDFs in TLS
12.4 Updating TLS secrets
12.5 TLS keys
12.6 TLS key exchange messages
12.7 Summary

15. Chapter 13: TLS Handshake Protocol Revisited

13.1 TLS client state machine
13.2 TLS server state machine
13.3 Finished message
13.4 Early data
13.5 Post-handshake messages
13.6 OpenSSL s_client
13.7 Summary

16. Part III Off the Record

17. Chapter 14: Block Ciphers and Their Modes of Operation

14.1 The big picture
14.2 General principles
14.3 The AES block cipher
14.4 Modes of operation
14.5 Block ciphers in TLS 1.3
14.6 Summary

18. Chapter 15: Authenticated Encryption

15.1 Preliminaries
15.2 Authenticated encryption – generic composition
15.3 Security of generic composition
15.4 Authenticated ciphers
15.5 Counter with cipher block chaining message authentication code (CCM)
15.6 AEAD in TLS 1.3
15.7 Summary

19. Chapter 16: The Galois Counter Mode

16.1 Preliminaries
16.2 GCM security
16.3 GCM performance
16.4 Summary

20. Chapter 17: TLS Record Protocol Revisited

17.1 TLS Record protocol
17.2 TLS record layer
17.3 TLS record payload protection
17.4 Per-record nonce
17.5 Record padding
17.6 Limits on key usage
17.7 An experiment with the OpenSSL s_client
17.8 Summary

21. Chapter 18: TLS Cipher Suites

18.1 Symmetric cipher suites in TLS 1.3
18.2 Long-term security
18.3 ChaCha20
18.4 Poly1305
18.5 ChaCha20-Poly1305 AEAD construction
18.6 Mandatory-to-implement cipher suites
18.7 Summary

22. Part IV Bleeding Hearts and Biting Poodles

23. Chapter 19: Attacks on Cryptography

19.1 Preliminary remarks
19.2 Passive versus active attacks
19.3 Local versus remote attacks
19.4 Interactive versus non-interactive attacks
19.5 Attacks on cryptographic protocols
19.6 Attacks on encryption schemes
19.7 Attacks on hash functions
19.8 Summary

24. Chapter 20: Attacks on the TLS Handshake Protocol

20.1 Downgrade attacks
20.2 Logjam
20.3 SLOTH
20.4 Padding oracle attacks on TLS handshake
20.5 Bleichenbacher attack
20.6 Improvements of Bleichenbacher’s attack
20.7 Insecure renegotiation
20.8 Triple Handshake attack
20.9 Summary

25. Chapter 21: Attacks on the TLS Record Protocol

21.1 Lucky 13
21.2 POODLE
21.3 BEAST
21.4 Sweet32
21.5 Compression-based attacks
21.6 Summary

26. Chapter 22: Attacks on TLS Implementations

22.1 SMACK
22.2 FREAK
22.3 Truncation attacks
22.4 Heartbleed
22.5 Insecure encryption activation
22.6 Random number generation
22.7 BERserk attack
22.8 Cloudbleed
22.9 Timing attacks
22.10 Summary

27. Bibliography

28. Index

29. Other Books You Might Enjoy

Packt is searching for authors like you
Share Your Thoughts
Download a free PDF copy of this book

3.2 Cryptographic keys

We saw in the last section that keys are extremely important because they are the only things that are supposed to be secret in a cryptosystem. But what exactly is a key?

A cryptographic key K comes from a large (but finite) set 𝒦. This large set is called the key space. If we assume that K is some bit sequence of length N, then 𝒦 = {0,1}^N and the size of 𝒦 is 2^N.

Figure 3.1: A cryptographic key k, the shared secret between Alice and Bob that ensures the security of their communication, is an element of a large (but finite) key space 𝒦. If the length of the key is N bits, then the size of 𝒦 is 2^N

Naturally, we only want Alice and Bob to know the key, so Eve should neither be able to guess K, nor should she be able to eavesdrop on K when it is exchanged or obtain K by other means. These other means can be anything from a malware attack on Alice or Bob to spying on the electromagnetic radiation emanating from their...