The document discusses Transport Layer Security (TLS) and how it provides secure communication over the internet through three main techniques: 1) use of public/private key encryption, 2) signing of certificates, and 3) certificate authorities to validate certificates and establish trust chains. It provides examples and explanations of how these techniques work, particularly public/private key encryption and signing certificates. It also discusses issues that can arise with certificate authorities and ways to troubleshoot TLS connections and security.
5. 7 L OSI M
data unit layers
Data
Data
Data
Segments
Packets
Frames
Bits
Application
Network Process to Application
Presentation
Data Representation
and Encryption
Session
Interhost Communication
Transport
EndtoEnd Connections
and Reliability
Network
Path Determination and
Logical Addressing (IP)
Data Link
Physical Addressing
(MAC and LLC)
Physical
Media, Signal and
Binary Transmission
Host LayersMedia Layers
Maarten Mulders (@mthmulders)#tlsformortals #lockdownlectures
13. N , P Q
1.
2. Find d, so that
Pretty hard without knowing and !
As soon as we know , calculating is trivial
(again).
p ∗ q = 299, e = 5
(d ∗ e) − 1 mod (p − 1) ∗ (q − 1) = 0
p q
p = 13, q = 23 d = 317
Maarten Mulders (@mthmulders)#tlsformortals #lockdownlectures
15. L "G"
p ∗ q = 187, e = 3, G ⇒ 7
= = 3437
e
7
3
343 mod 187 = 156
Maarten Mulders (@mthmulders)#tlsformortals #lockdownlectures
16. L "156"
Since we know and , we can calculate p q d = 107
= ≈ 4.6 ∗156
d
156
107
10
234
mod 187 = 7156
107
7 ⇒ G
Maarten Mulders (@mthmulders)#tlsformortals #lockdownlectures
40. P -
1. Don't use SSL!
Use TLS v1.2 or v1.3.
2. Be careful whom you trust!
3. When in doubt, open your toolbox:
openssl, curl, nmap, ssldump and Portecle
Maarten Mulders (@mthmulders)#tlsformortals #lockdownlectures
41. Q
I
Router by
Public Key Krüpto by , , and ( )
Puss In Boots by
IANA Root KSK Ceremony #36 @
Beverwijk by @
unknown author
Sándor P. Fekete Sebastian Morr Sebastian Stiller @ideainstruction
kisspng
https://www.iana.org/dnssec/ceremonies/36
Gerard Hogervorst Wikimedia Commons
Maarten Mulders (@mthmulders)#tlsformortals #lockdownlectures