SlideShare a Scribd company logo

Introduction to TLS 1.3

n|u - The Open Security Community
n|u - The Open Security Community

TLS 1.3 is an update to the Transport Layer Security protocol that improves security and privacy. It removes vulnerable optional parts of TLS 1.2 and only supports strong ciphers to implement perfect forward secrecy. The handshake process is also significantly shortened. TLS 1.3 provides security benefits by removing outdated ciphers and privacy benefits by enabling perfect forward secrecy by default, ensuring only endpoints can decrypt traffic even if server keys are compromised in the future.

1 of 11
Download to read offline
INTRODUCTION TO TLS 1.3 Presented by Vedant Jain NULL BHOPAL MONTHLY MEET JANUARY 2020
SUMMARY OF CONTENTS OUR MAIN TOPICS TODAY What is Transport Layer Security Whats New in TLS 1.3 How TLS Achieves This Key Goals of TLS 1.3 Security Benefits Privacy Benefits Difference between Handshake in TLS 1.2 & 1.3
WHAT IS TLS THE BEGINNING OF TRANSPORT LAYER SECURITY Probably the Internet’s most important security protocol Designed over 20 years ago by Netscape for Web transactions But used for just about everything you can think of Maintained by the Internet Engineering Task Force – Back then, called Secure Sockets Layer – HTTP – SSL-VPNs – E-mail – Voice/video – IoT – We’re now at version 1.2
WHATS NEW IN TLS 1.3 TLS 1.3 offers some great improvements over TLS 1.2. Vulnerable optional parts of the protocol have been removed, there’s support for stronger ciphers required to implement perfect forward secrecy (PFS), and the handshake process has been significantly shortened. In addition, implementing TLS 1.3 should be relatively simple. You can use the same keys you used for TLS 1.2. Clients and servers will automatically negotiate a TLS 1.3 handshake when they both support it, and Google Chrome and Mozilla Firefox already do it by default.
TLS ACHIEVES THIS USING VARIOUS TECHNIQUES… – Symmetric key encryption for application data. – Typically Advanced Encryption Standard (AES). PRIVACY – Authenticated Encryption with Additional Data (AEAD). – Usually AES-GCM (Galois/Counter Mode) cipher mode. INTEGRITY – X509 certificates signed by a mutually trusted third party. – Typically server authenticated only. AUTHENTICATION
KEY GOALS OF TLS 1.3 Clean up - Remove unsafe or Unused features Security - Improve security w/modern techniques Privacy - Encrypt more of the protocol. Performance -1-RTT and 0-RTT handshakes Continuity - Backwards compatibility
SECURITY BENEFITS Although TLS 1.2 can still be deployed securely, several high-profile vulnerabilities have exploited optional parts of the protocol and outdated ciphers. TLS 1.3 removes many of these problematic options and only includes support for algorithms with no known vulnerabilities (at this time). The IETF chose to remove all ciphers that do not support PFS from TLS connections. These include DES, AESCBC, RC4, and other ciphers less commonly used.
PRIVACY BENEFITS TLS 1.3 also enables PFS(Perfect Forward Secrecy) by default. This cryptographic technique adds another layer of confidentiality to an encrypted session, ensuring that only the two endpoints can decrypt the traffic. With PFS, even if a third party were to record an encrypted session, and later gain access to the server private key, they could not use that key to decrypt the session.
HANDSHAKE TLS1.2 HANDSHAKE TLS1.3
REFERENCES WOULD I PREFERRED… http://web.stanford.edu/class/ee380/Abstracts/151118-slides.pdf https://www.owasp.org/images/9/91/OWASPLondon20180125_TLSv1.3_ Andy_Brodie.pdf https://www.cloudflare.com/learning-resources/tls-1-3/ https://www.f5.com/pdf/products/tls1-3_are-you-ready.pdf
QUESTIONS? COMMENTS? LET US KNOW! @Vedant__Jain TWITTER jainvedant786@gmail.com EMAIL

Recommended

TLS - Transport Layer Security
TLS - Transport Layer SecurityTLS - Transport Layer Security
TLS - Transport Layer Security
ByronKimani
 
Introduction to TLS-1.3
Introduction to TLS-1.3 Introduction to TLS-1.3
Introduction to TLS-1.3
Vedant Jain
 
TLS v1.3
TLS v1.3TLS v1.3
TLS v1.3
Siddhartha Rao
 
Wireless Network Security
Wireless Network SecurityWireless Network Security
Wireless Network Security
kentquirk
 
Ssh (The Secure Shell)
Ssh (The Secure Shell)Ssh (The Secure Shell)
Ssh (The Secure Shell)
Mehedi Farazi
 
Triple Data Encryption Standard (t-DES)
Triple Data Encryption Standard (t-DES) Triple Data Encryption Standard (t-DES)
Triple Data Encryption Standard (t-DES)
Hardik Manocha
 
HTTPS
HTTPSHTTPS
HTTPS
R.K. University
 
Criptografia.ppt
Criptografia.pptCriptografia.ppt
Criptografia.ppt
Carlos Daniel
 

Recommended

TLS - Transport Layer Security
TLS - Transport Layer SecurityTLS - Transport Layer Security
TLS - Transport Layer Security
ByronKimani
 
Introduction to TLS-1.3
Introduction to TLS-1.3 Introduction to TLS-1.3
Introduction to TLS-1.3
Vedant Jain
 
TLS v1.3
TLS v1.3TLS v1.3
TLS v1.3
Siddhartha Rao
 
Wireless Network Security
Wireless Network SecurityWireless Network Security
Wireless Network Security
kentquirk
 
Ssh (The Secure Shell)
Ssh (The Secure Shell)Ssh (The Secure Shell)
Ssh (The Secure Shell)
Mehedi Farazi
 
Triple Data Encryption Standard (t-DES)
Triple Data Encryption Standard (t-DES) Triple Data Encryption Standard (t-DES)
Triple Data Encryption Standard (t-DES)
Hardik Manocha
 
HTTPS
HTTPSHTTPS
HTTPS
R.K. University
 
Criptografia.ppt
Criptografia.pptCriptografia.ppt
Criptografia.ppt
Carlos Daniel
 
SSL/TLS
SSL/TLSSSL/TLS
SSL/TLSSirish Kumar
 
TLS 1.3: Everything You Need to Know - CheapSSLsecurity
TLS 1.3: Everything You Need to Know - CheapSSLsecurityTLS 1.3: Everything You Need to Know - CheapSSLsecurity
TLS 1.3: Everything You Need to Know - CheapSSLsecurity
CheapSSLsecurity
 
Introduction to Secure Sockets Layer
Introduction to Secure Sockets LayerIntroduction to Secure Sockets Layer
Introduction to Secure Sockets Layer
Nascenia IT
 
Scapy TLS: A scriptable TLS 1.3 stack
Scapy TLS: A scriptable TLS 1.3 stackScapy TLS: A scriptable TLS 1.3 stack
Scapy TLS: A scriptable TLS 1.3 stack
Alexandre Moneger
 
Symmetric and Asymmetric Encryption
Symmetric and Asymmetric EncryptionSymmetric and Asymmetric Encryption
Symmetric and Asymmetric Encryption
RapidSSLOnline.com
 
cryptography
cryptographycryptography
cryptographyAbhijeet Singh
 
Ssl (Secure Sockets Layer)
Ssl (Secure Sockets Layer)Ssl (Secure Sockets Layer)
Ssl (Secure Sockets Layer)
Asad Ali
 
Aes (advance encryption standard)
Aes (advance encryption standard) Aes (advance encryption standard)
Aes (advance encryption standard) Sina Manavi
 
Secure socket layer
Secure socket layerSecure socket layer
Secure socket layer
Nishant Pahad
 
Metasploit framwork
Metasploit framworkMetasploit framwork
Metasploit framwork
Deepanshu Gajbhiye
 
Cryptography
CryptographyCryptography
Cryptography
gueste4c97e
 
cryptography
cryptographycryptography
cryptography
Jai Nathwani
 
Tls 1.3
Tls 1.3Tls 1.3
Tls 1.3
Kevin OBrien
 
Secure Socket Layer
Secure Socket LayerSecure Socket Layer
Secure Socket Layer
Pina Parmar
 
Telnet & SSH
Telnet & SSH Telnet & SSH
Telnet & SSH
NetProtocol Xpert
 
Cryptography and Network Security
Cryptography and Network SecurityCryptography and Network Security
Cryptography and Network Security
Pa Van Tanku
 
SSL/TLS 101
SSL/TLS 101SSL/TLS 101
SSL/TLS 101
Chul-Woong Yang
 
Transport Layer Security
Transport Layer SecurityTransport Layer Security
Transport Layer SecurityChhatra Thapa
 
What is SSL ? The Secure Sockets Layer (SSL) Protocol
What is SSL ? The Secure Sockets Layer (SSL) ProtocolWhat is SSL ? The Secure Sockets Layer (SSL) Protocol
What is SSL ? The Secure Sockets Layer (SSL) Protocol
Mohammed Adam
 
Key management
Key managementKey management
Key management
Brandon Byungyong Jo
 
Difference between TLS 1.2 vs TLS 1.3 and tutorial of TLS2 and TLS2 version c...
Difference between TLS 1.2 vs TLS 1.3 and tutorial of TLS2 and TLS2 version c...Difference between TLS 1.2 vs TLS 1.3 and tutorial of TLS2 and TLS2 version c...
Difference between TLS 1.2 vs TLS 1.3 and tutorial of TLS2 and TLS2 version c...
jeetendra mandal
 
Transport Layer Security
Transport Layer Security Transport Layer Security
Transport Layer Security
Ibrahiem Mohammed
 

More Related Content

What's hot

TLS 1.3: Everything You Need to Know - CheapSSLsecurity
TLS 1.3: Everything You Need to Know - CheapSSLsecurityTLS 1.3: Everything You Need to Know - CheapSSLsecurity
TLS 1.3: Everything You Need to Know - CheapSSLsecurity
CheapSSLsecurity
 
Introduction to Secure Sockets Layer
Introduction to Secure Sockets LayerIntroduction to Secure Sockets Layer
Introduction to Secure Sockets Layer
Nascenia IT
 
Scapy TLS: A scriptable TLS 1.3 stack
Scapy TLS: A scriptable TLS 1.3 stackScapy TLS: A scriptable TLS 1.3 stack
Scapy TLS: A scriptable TLS 1.3 stack
Alexandre Moneger
 
Symmetric and Asymmetric Encryption
Symmetric and Asymmetric EncryptionSymmetric and Asymmetric Encryption
Symmetric and Asymmetric Encryption
RapidSSLOnline.com
 
Ssl (Secure Sockets Layer)
Ssl (Secure Sockets Layer)Ssl (Secure Sockets Layer)
Ssl (Secure Sockets Layer)
Asad Ali
 
Aes (advance encryption standard)
Aes (advance encryption standard) Aes (advance encryption standard)
Aes (advance encryption standard) Sina Manavi
 
Secure socket layer
Secure socket layerSecure socket layer
Secure socket layer
Nishant Pahad
 
Metasploit framwork
Metasploit framworkMetasploit framwork
Metasploit framwork
Deepanshu Gajbhiye
 
Cryptography
CryptographyCryptography
Cryptography
gueste4c97e
 
cryptography
cryptographycryptography
cryptography
Jai Nathwani
 
Tls 1.3
Tls 1.3Tls 1.3
Tls 1.3
Kevin OBrien
 
Secure Socket Layer
Secure Socket LayerSecure Socket Layer
Secure Socket Layer
Pina Parmar
 
Telnet & SSH
Telnet & SSH Telnet & SSH
Telnet & SSH
NetProtocol Xpert
 
Cryptography and Network Security
Cryptography and Network SecurityCryptography and Network Security
Cryptography and Network Security
Pa Van Tanku
 
SSL/TLS 101
SSL/TLS 101SSL/TLS 101
SSL/TLS 101
Chul-Woong Yang
 
Transport Layer Security
Transport Layer SecurityTransport Layer Security
Transport Layer SecurityChhatra Thapa
 
What is SSL ? The Secure Sockets Layer (SSL) Protocol
What is SSL ? The Secure Sockets Layer (SSL) ProtocolWhat is SSL ? The Secure Sockets Layer (SSL) Protocol
What is SSL ? The Secure Sockets Layer (SSL) Protocol
Mohammed Adam
 
Key management
Key managementKey management
Key management
Brandon Byungyong Jo
 

What's hot (20)

SSL/TLS
SSL/TLSSSL/TLS
SSL/TLS
 
TLS 1.3: Everything You Need to Know - CheapSSLsecurity
TLS 1.3: Everything You Need to Know - CheapSSLsecurityTLS 1.3: Everything You Need to Know - CheapSSLsecurity
TLS 1.3: Everything You Need to Know - CheapSSLsecurity
 
Introduction to Secure Sockets Layer
Introduction to Secure Sockets LayerIntroduction to Secure Sockets Layer
Introduction to Secure Sockets Layer
 
Scapy TLS: A scriptable TLS 1.3 stack
Scapy TLS: A scriptable TLS 1.3 stackScapy TLS: A scriptable TLS 1.3 stack
Scapy TLS: A scriptable TLS 1.3 stack
 
Symmetric and Asymmetric Encryption
Symmetric and Asymmetric EncryptionSymmetric and Asymmetric Encryption
Symmetric and Asymmetric Encryption
 
cryptography
cryptographycryptography
cryptography
 
Ssl (Secure Sockets Layer)
Ssl (Secure Sockets Layer)Ssl (Secure Sockets Layer)
Ssl (Secure Sockets Layer)
 
Aes (advance encryption standard)
Aes (advance encryption standard) Aes (advance encryption standard)
Aes (advance encryption standard)
 
Secure socket layer
Secure socket layerSecure socket layer
Secure socket layer
 
Metasploit framwork
Metasploit framworkMetasploit framwork
Metasploit framwork
 
Cryptography
CryptographyCryptography
Cryptography
 
cryptography
cryptographycryptography
cryptography
 
Tls 1.3
Tls 1.3Tls 1.3
Tls 1.3
 
Secure Socket Layer
Secure Socket LayerSecure Socket Layer
Secure Socket Layer
 
Telnet & SSH
Telnet & SSH Telnet & SSH
Telnet & SSH
 
Cryptography and Network Security
Cryptography and Network SecurityCryptography and Network Security
Cryptography and Network Security
 
SSL/TLS 101
SSL/TLS 101SSL/TLS 101
SSL/TLS 101
 
Transport Layer Security
Transport Layer SecurityTransport Layer Security
Transport Layer Security
 
What is SSL ? The Secure Sockets Layer (SSL) Protocol
What is SSL ? The Secure Sockets Layer (SSL) ProtocolWhat is SSL ? The Secure Sockets Layer (SSL) Protocol
What is SSL ? The Secure Sockets Layer (SSL) Protocol
 
Key management
Key managementKey management
Key management
 

Similar to Introduction to TLS 1.3

Difference between TLS 1.2 vs TLS 1.3 and tutorial of TLS2 and TLS2 version c...
Difference between TLS 1.2 vs TLS 1.3 and tutorial of TLS2 and TLS2 version c...Difference between TLS 1.2 vs TLS 1.3 and tutorial of TLS2 and TLS2 version c...
Difference between TLS 1.2 vs TLS 1.3 and tutorial of TLS2 and TLS2 version c...
jeetendra mandal
 
Transport Layer Security
Transport Layer Security Transport Layer Security
Transport Layer Security
Ibrahiem Mohammed
 
Comparative Analysis of Open-SSL Vulnerabilities & Heartbleed Exploit Detection
Comparative Analysis of Open-SSL Vulnerabilities & Heartbleed Exploit DetectionComparative Analysis of Open-SSL Vulnerabilities & Heartbleed Exploit Detection
Comparative Analysis of Open-SSL Vulnerabilities & Heartbleed Exploit Detection
CSCJournals
 
Rootconf2019
Rootconf2019Rootconf2019
Rootconf2019
Huzaifa Sidhpurwala
 
Ssl and tls
Ssl and tlsSsl and tls
Ssl and tls
Rana assad ali
 
Study and analysis of some known attacks on transport layer security
Study and analysis of some known attacks on transport layer securityStudy and analysis of some known attacks on transport layer security
Study and analysis of some known attacks on transport layer security
Nazmul Hossain Rakib
 
Vulnerability-tolerant Transport Layer Security
Vulnerability-tolerant Transport Layer SecurityVulnerability-tolerant Transport Layer Security
Vulnerability-tolerant Transport Layer Security
Miguel Pardal
 
Cours4.pptx
Cours4.pptxCours4.pptx
Cours4.pptx
Bellaj Badr
 
BSET_Lecture_Crypto and SSL_Overview_FINAL
BSET_Lecture_Crypto and SSL_Overview_FINALBSET_Lecture_Crypto and SSL_Overview_FINAL
BSET_Lecture_Crypto and SSL_Overview_FINALGlenn Haley
 
Why Many Websites are still Insecure (and How to Fix Them)
Why Many Websites are still Insecure (and How to Fix Them)Why Many Websites are still Insecure (and How to Fix Them)
Why Many Websites are still Insecure (and How to Fix Them)
Cloudflare
 
OSDC 2018 | Hitchhiker’s guide to TLS 1.3 and GnuTLS by Ander Juaristi Alamos
OSDC 2018 | Hitchhiker’s guide to TLS 1.3 and GnuTLS by Ander Juaristi AlamosOSDC 2018 | Hitchhiker’s guide to TLS 1.3 and GnuTLS by Ander Juaristi Alamos
OSDC 2018 | Hitchhiker’s guide to TLS 1.3 and GnuTLS by Ander Juaristi Alamos
NETWAYS
 
Secure Sockets Layer(SSL)Certificate
Secure Sockets Layer(SSL)CertificateSecure Sockets Layer(SSL)Certificate
Secure Sockets Layer(SSL)Certificate
CheapSSLUSA
 
Egor Podmokov - TLS from security point of view
Egor Podmokov - TLS from security point of viewEgor Podmokov - TLS from security point of view
Egor Podmokov - TLS from security point of view
Sergey Arkhipov
 
BlueHat v17 || TLS 1.3 - Full speed ahead... mind the warnings - the great, t...
BlueHat v17 || TLS 1.3 - Full speed ahead... mind the warnings - the great, t...BlueHat v17 || TLS 1.3 - Full speed ahead... mind the warnings - the great, t...
BlueHat v17 || TLS 1.3 - Full speed ahead... mind the warnings - the great, t...
BlueHat Security Conference
 
Ten new topics on security+ 2011 (sy0 301) (domain 1.0 network security)
Ten new topics on security+ 2011 (sy0 301) (domain 1.0 network security)Ten new topics on security+ 2011 (sy0 301) (domain 1.0 network security)
Ten new topics on security+ 2011 (sy0 301) (domain 1.0 network security)chhoup
 
SSL VS TLS.pptx
SSL VS TLS.pptxSSL VS TLS.pptx
SSL VS TLS.pptx
Vignesh kumar
 
Telnet presentation
Telnet presentationTelnet presentation
Telnet presentation
travel_affair
 
ssl-tls-ipsec-vpn.pptx
ssl-tls-ipsec-vpn.pptxssl-tls-ipsec-vpn.pptx
ssl-tls-ipsec-vpn.pptx
jithu26327
 
ION Sri Lanka - TLS for Network Operators
ION Sri Lanka - TLS for Network OperatorsION Sri Lanka - TLS for Network Operators
ION Sri Lanka - TLS for Network Operators
Deploy360 Programme (Internet Society)
 

Similar to Introduction to TLS 1.3 (20)

Difference between TLS 1.2 vs TLS 1.3 and tutorial of TLS2 and TLS2 version c...
Difference between TLS 1.2 vs TLS 1.3 and tutorial of TLS2 and TLS2 version c...Difference between TLS 1.2 vs TLS 1.3 and tutorial of TLS2 and TLS2 version c...
Difference between TLS 1.2 vs TLS 1.3 and tutorial of TLS2 and TLS2 version c...
 
Transport Layer Security
Transport Layer Security Transport Layer Security
Transport Layer Security
 
Comparative Analysis of Open-SSL Vulnerabilities & Heartbleed Exploit Detection
Comparative Analysis of Open-SSL Vulnerabilities & Heartbleed Exploit DetectionComparative Analysis of Open-SSL Vulnerabilities & Heartbleed Exploit Detection
Comparative Analysis of Open-SSL Vulnerabilities & Heartbleed Exploit Detection
 
Rootconf2019
Rootconf2019Rootconf2019
Rootconf2019
 
Ssl and tls
Ssl and tlsSsl and tls
Ssl and tls
 
Study and analysis of some known attacks on transport layer security
Study and analysis of some known attacks on transport layer securityStudy and analysis of some known attacks on transport layer security
Study and analysis of some known attacks on transport layer security
 
Vulnerability-tolerant Transport Layer Security
Vulnerability-tolerant Transport Layer SecurityVulnerability-tolerant Transport Layer Security
Vulnerability-tolerant Transport Layer Security
 
Sequere socket Layer
Sequere socket LayerSequere socket Layer
Sequere socket Layer
 
Cours4.pptx
Cours4.pptxCours4.pptx
Cours4.pptx
 
BSET_Lecture_Crypto and SSL_Overview_FINAL
BSET_Lecture_Crypto and SSL_Overview_FINALBSET_Lecture_Crypto and SSL_Overview_FINAL
BSET_Lecture_Crypto and SSL_Overview_FINAL
 
Why Many Websites are still Insecure (and How to Fix Them)
Why Many Websites are still Insecure (and How to Fix Them)Why Many Websites are still Insecure (and How to Fix Them)
Why Many Websites are still Insecure (and How to Fix Them)
 
OSDC 2018 | Hitchhiker’s guide to TLS 1.3 and GnuTLS by Ander Juaristi Alamos
OSDC 2018 | Hitchhiker’s guide to TLS 1.3 and GnuTLS by Ander Juaristi AlamosOSDC 2018 | Hitchhiker’s guide to TLS 1.3 and GnuTLS by Ander Juaristi Alamos
OSDC 2018 | Hitchhiker’s guide to TLS 1.3 and GnuTLS by Ander Juaristi Alamos
 
Secure Sockets Layer(SSL)Certificate
Secure Sockets Layer(SSL)CertificateSecure Sockets Layer(SSL)Certificate
Secure Sockets Layer(SSL)Certificate
 
Egor Podmokov - TLS from security point of view
Egor Podmokov - TLS from security point of viewEgor Podmokov - TLS from security point of view
Egor Podmokov - TLS from security point of view
 
BlueHat v17 || TLS 1.3 - Full speed ahead... mind the warnings - the great, t...
BlueHat v17 || TLS 1.3 - Full speed ahead... mind the warnings - the great, t...BlueHat v17 || TLS 1.3 - Full speed ahead... mind the warnings - the great, t...
BlueHat v17 || TLS 1.3 - Full speed ahead... mind the warnings - the great, t...
 
Ten new topics on security+ 2011 (sy0 301) (domain 1.0 network security)
Ten new topics on security+ 2011 (sy0 301) (domain 1.0 network security)Ten new topics on security+ 2011 (sy0 301) (domain 1.0 network security)
Ten new topics on security+ 2011 (sy0 301) (domain 1.0 network security)
 
SSL VS TLS.pptx
SSL VS TLS.pptxSSL VS TLS.pptx
SSL VS TLS.pptx
 
Telnet presentation
Telnet presentationTelnet presentation
Telnet presentation
 
ssl-tls-ipsec-vpn.pptx
ssl-tls-ipsec-vpn.pptxssl-tls-ipsec-vpn.pptx
ssl-tls-ipsec-vpn.pptx
 
ION Sri Lanka - TLS for Network Operators
ION Sri Lanka - TLS for Network OperatorsION Sri Lanka - TLS for Network Operators
ION Sri Lanka - TLS for Network Operators
 

More from n|u - The Open Security Community

Hardware security testing 101 (Null - Delhi Chapter)
Hardware security testing 101 (Null - Delhi Chapter)Hardware security testing 101 (Null - Delhi Chapter)
Hardware security testing 101 (Null - Delhi Chapter)
n|u - The Open Security Community
 
SSRF exploit the trust relationship
SSRF exploit the trust relationshipSSRF exploit the trust relationship
SSRF exploit the trust relationship
n|u - The Open Security Community
 
Metasploit primary
Metasploit primaryMetasploit primary
Metasploit primary
n|u - The Open Security Community
 
Api security-testing
Api security-testingApi security-testing
Api security-testing
n|u - The Open Security Community
 
Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...
Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...
Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...
n|u - The Open Security Community
 
Talking About SSRF,CRLF
Talking About SSRF,CRLFTalking About SSRF,CRLF
Talking About SSRF,CRLF
n|u - The Open Security Community
 
Building active directory lab for red teaming
Building active directory lab for red teamingBuilding active directory lab for red teaming
Building active directory lab for red teaming
n|u - The Open Security Community
 
Owning a company through their logs
Owning a company through their logsOwning a company through their logs
Owning a company through their logs
n|u - The Open Security Community
 
Introduction to shodan
Introduction to shodanIntroduction to shodan
Introduction to shodan
n|u - The Open Security Community
 
Cloud security
Cloud security Cloud security
Cloud security
n|u - The Open Security Community
 
Detecting persistence in windows
Detecting persistence in windowsDetecting persistence in windows
Detecting persistence in windows
n|u - The Open Security Community
 
Frida - Objection Tool Usage
Frida - Objection Tool UsageFrida - Objection Tool Usage
Frida - Objection Tool Usage
n|u - The Open Security Community
 
OSQuery - Monitoring System Process
OSQuery - Monitoring System ProcessOSQuery - Monitoring System Process
OSQuery - Monitoring System Process
n|u - The Open Security Community
 
DevSecOps Jenkins Pipeline -Security
DevSecOps Jenkins Pipeline -SecurityDevSecOps Jenkins Pipeline -Security
DevSecOps Jenkins Pipeline -Security
n|u - The Open Security Community
 
Extensible markup language attacks
Extensible markup language attacksExtensible markup language attacks
Extensible markup language attacks
n|u - The Open Security Community
 
Linux for hackers
Linux for hackersLinux for hackers
Linux for hackers
n|u - The Open Security Community
 
Android Pentesting
Android PentestingAndroid Pentesting
Android Pentesting
n|u - The Open Security Community
 
News bytes null 200314121904
News bytes null 200314121904News bytes null 200314121904
News bytes null 200314121904
n|u - The Open Security Community
 

More from n|u - The Open Security Community (20)

Hardware security testing 101 (Null - Delhi Chapter)
Hardware security testing 101 (Null - Delhi Chapter)Hardware security testing 101 (Null - Delhi Chapter)
Hardware security testing 101 (Null - Delhi Chapter)
 
Osint primer
Osint primerOsint primer
Osint primer
 
SSRF exploit the trust relationship
SSRF exploit the trust relationshipSSRF exploit the trust relationship
SSRF exploit the trust relationship
 
Nmap basics
Nmap basicsNmap basics
Nmap basics
 
Metasploit primary
Metasploit primaryMetasploit primary
Metasploit primary
 
Api security-testing
Api security-testingApi security-testing
Api security-testing
 
Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...
Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...
Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...
 
Talking About SSRF,CRLF
Talking About SSRF,CRLFTalking About SSRF,CRLF
Talking About SSRF,CRLF
 
Building active directory lab for red teaming
Building active directory lab for red teamingBuilding active directory lab for red teaming
Building active directory lab for red teaming
 
Owning a company through their logs
Owning a company through their logsOwning a company through their logs
Owning a company through their logs
 
Introduction to shodan
Introduction to shodanIntroduction to shodan
Introduction to shodan
 
Cloud security
Cloud security Cloud security
Cloud security
 
Detecting persistence in windows
Detecting persistence in windowsDetecting persistence in windows
Detecting persistence in windows
 
Frida - Objection Tool Usage
Frida - Objection Tool UsageFrida - Objection Tool Usage
Frida - Objection Tool Usage
 
OSQuery - Monitoring System Process
OSQuery - Monitoring System ProcessOSQuery - Monitoring System Process
OSQuery - Monitoring System Process
 
DevSecOps Jenkins Pipeline -Security
DevSecOps Jenkins Pipeline -SecurityDevSecOps Jenkins Pipeline -Security
DevSecOps Jenkins Pipeline -Security
 
Extensible markup language attacks
Extensible markup language attacksExtensible markup language attacks
Extensible markup language attacks
 
Linux for hackers
Linux for hackersLinux for hackers
Linux for hackers
 
Android Pentesting
Android PentestingAndroid Pentesting
Android Pentesting
 
News bytes null 200314121904
News bytes null 200314121904News bytes null 200314121904
News bytes null 200314121904
 

Recently uploaded

TESDA TM1 REVIEWER FOR NATIONAL ASSESSMENT WRITTEN AND ORAL QUESTIONS WITH A...
TESDA TM1 REVIEWER FOR NATIONAL ASSESSMENT WRITTEN AND ORAL QUESTIONS WITH A...TESDA TM1 REVIEWER FOR NATIONAL ASSESSMENT WRITTEN AND ORAL QUESTIONS WITH A...
TESDA TM1 REVIEWER FOR NATIONAL ASSESSMENT WRITTEN AND ORAL QUESTIONS WITH A...
EugeneSaldivar
 
Mule 4.6 & Java 17 Upgrade | MuleSoft Mysore Meetup #46
Mule 4.6 & Java 17 Upgrade | MuleSoft Mysore Meetup #46Mule 4.6 & Java 17 Upgrade | MuleSoft Mysore Meetup #46
Mule 4.6 & Java 17 Upgrade | MuleSoft Mysore Meetup #46
MysoreMuleSoftMeetup
 
Unit 8 - Information and Communication Technology (Paper I).pdf
Unit 8 - Information and Communication Technology (Paper I).pdfUnit 8 - Information and Communication Technology (Paper I).pdf
Unit 8 - Information and Communication Technology (Paper I).pdf
Thiyagu K
 
June 3, 2024 Anti-Semitism Letter Sent to MIT President Kornbluth and MIT Cor...
June 3, 2024 Anti-Semitism Letter Sent to MIT President Kornbluth and MIT Cor...June 3, 2024 Anti-Semitism Letter Sent to MIT President Kornbluth and MIT Cor...
June 3, 2024 Anti-Semitism Letter Sent to MIT President Kornbluth and MIT Cor...
Levi Shapiro
 
The Roman Empire A Historical Colossus.pdf
The Roman Empire A Historical Colossus.pdfThe Roman Empire A Historical Colossus.pdf
The Roman Empire A Historical Colossus.pdf
kaushalkr1407
 
The basics of sentences session 5pptx.pptx
The basics of sentences session 5pptx.pptxThe basics of sentences session 5pptx.pptx
The basics of sentences session 5pptx.pptx
heathfieldcps1
 
CLASS 11 CBSE B.St Project AIDS TO TRADE - INSURANCE
CLASS 11 CBSE B.St Project AIDS TO TRADE - INSURANCECLASS 11 CBSE B.St Project AIDS TO TRADE - INSURANCE
CLASS 11 CBSE B.St Project AIDS TO TRADE - INSURANCE
BhavyaRajput3
 
Honest Reviews of Tim Han LMA Course Program.pptx
Honest Reviews of Tim Han LMA Course Program.pptxHonest Reviews of Tim Han LMA Course Program.pptx
Honest Reviews of Tim Han LMA Course Program.pptx
timhan337
 
Acetabularia Information For Class 9 .docx
Acetabularia Information For Class 9 .docxAcetabularia Information For Class 9 .docx
Acetabularia Information For Class 9 .docx
vaibhavrinwa19
 
Guidance_and_Counselling.pdf B.Ed. 4th Semester
Guidance_and_Counselling.pdf B.Ed. 4th SemesterGuidance_and_Counselling.pdf B.Ed. 4th Semester
Guidance_and_Counselling.pdf B.Ed. 4th Semester
Atul Kumar Singh
 
Unit 2- Research Aptitude (UGC NET Paper I).pdf
Unit 2- Research Aptitude (UGC NET Paper I).pdfUnit 2- Research Aptitude (UGC NET Paper I).pdf
Unit 2- Research Aptitude (UGC NET Paper I).pdf
Thiyagu K
 
BÀI TẬP BỔ TRỢ TIẾNG ANH GLOBAL SUCCESS LỚP 3 - CẢ NĂM (CÓ FILE NGHE VÀ ĐÁP Á...
BÀI TẬP BỔ TRỢ TIẾNG ANH GLOBAL SUCCESS LỚP 3 - CẢ NĂM (CÓ FILE NGHE VÀ ĐÁP Á...BÀI TẬP BỔ TRỢ TIẾNG ANH GLOBAL SUCCESS LỚP 3 - CẢ NĂM (CÓ FILE NGHE VÀ ĐÁP Á...
BÀI TẬP BỔ TRỢ TIẾNG ANH GLOBAL SUCCESS LỚP 3 - CẢ NĂM (CÓ FILE NGHE VÀ ĐÁP Á...
Nguyen Thanh Tu Collection
 
Biological Screening of Herbal Drugs in detailed.
Biological Screening of Herbal Drugs in detailed.Biological Screening of Herbal Drugs in detailed.
Biological Screening of Herbal Drugs in detailed.
Ashokrao Mane college of Pharmacy Peth-Vadgaon
 
Palestine last event orientationfvgnh .pptx
Palestine last event orientationfvgnh .pptxPalestine last event orientationfvgnh .pptx
Palestine last event orientationfvgnh .pptx
RaedMohamed3
 
Lapbook sobre os Regimes Totalitários.pdf
Lapbook sobre os Regimes Totalitários.pdfLapbook sobre os Regimes Totalitários.pdf
Lapbook sobre os Regimes Totalitários.pdf
Jean Carlos Nunes Paixão
 
CACJapan - GROUP Presentation 1- Wk 4.pdf
CACJapan - GROUP Presentation 1- Wk 4.pdfCACJapan - GROUP Presentation 1- Wk 4.pdf
CACJapan - GROUP Presentation 1- Wk 4.pdf
camakaiclarkmusic
 
Phrasal Verbs.XXXXXXXXXXXXXXXXXXXXXXXXXX
Phrasal Verbs.XXXXXXXXXXXXXXXXXXXXXXXXXXPhrasal Verbs.XXXXXXXXXXXXXXXXXXXXXXXXXX
Phrasal Verbs.XXXXXXXXXXXXXXXXXXXXXXXXXX
MIRIAMSALINAS13
 
2024.06.01 Introducing a competency framework for languag learning materials ...
2024.06.01 Introducing a competency framework for languag learning materials ...2024.06.01 Introducing a competency framework for languag learning materials ...
2024.06.01 Introducing a competency framework for languag learning materials ...
Sandy Millin
 
Francesca Gottschalk - How can education support child empowerment.pptx
Francesca Gottschalk - How can education support child empowerment.pptxFrancesca Gottschalk - How can education support child empowerment.pptx
Francesca Gottschalk - How can education support child empowerment.pptx
EduSkills OECD
 
Digital Tools and AI for Teaching Learning and Research
Digital Tools and AI for Teaching Learning and ResearchDigital Tools and AI for Teaching Learning and Research
Digital Tools and AI for Teaching Learning and Research
Vikramjit Singh
 

Recently uploaded (20)

TESDA TM1 REVIEWER FOR NATIONAL ASSESSMENT WRITTEN AND ORAL QUESTIONS WITH A...
TESDA TM1 REVIEWER FOR NATIONAL ASSESSMENT WRITTEN AND ORAL QUESTIONS WITH A...TESDA TM1 REVIEWER FOR NATIONAL ASSESSMENT WRITTEN AND ORAL QUESTIONS WITH A...
TESDA TM1 REVIEWER FOR NATIONAL ASSESSMENT WRITTEN AND ORAL QUESTIONS WITH A...
 
Mule 4.6 & Java 17 Upgrade | MuleSoft Mysore Meetup #46
Mule 4.6 & Java 17 Upgrade | MuleSoft Mysore Meetup #46Mule 4.6 & Java 17 Upgrade | MuleSoft Mysore Meetup #46
Mule 4.6 & Java 17 Upgrade | MuleSoft Mysore Meetup #46
 
Unit 8 - Information and Communication Technology (Paper I).pdf
Unit 8 - Information and Communication Technology (Paper I).pdfUnit 8 - Information and Communication Technology (Paper I).pdf
Unit 8 - Information and Communication Technology (Paper I).pdf
 
June 3, 2024 Anti-Semitism Letter Sent to MIT President Kornbluth and MIT Cor...
June 3, 2024 Anti-Semitism Letter Sent to MIT President Kornbluth and MIT Cor...June 3, 2024 Anti-Semitism Letter Sent to MIT President Kornbluth and MIT Cor...
June 3, 2024 Anti-Semitism Letter Sent to MIT President Kornbluth and MIT Cor...
 
The Roman Empire A Historical Colossus.pdf
The Roman Empire A Historical Colossus.pdfThe Roman Empire A Historical Colossus.pdf
The Roman Empire A Historical Colossus.pdf
 
The basics of sentences session 5pptx.pptx
The basics of sentences session 5pptx.pptxThe basics of sentences session 5pptx.pptx
The basics of sentences session 5pptx.pptx
 
CLASS 11 CBSE B.St Project AIDS TO TRADE - INSURANCE
CLASS 11 CBSE B.St Project AIDS TO TRADE - INSURANCECLASS 11 CBSE B.St Project AIDS TO TRADE - INSURANCE
CLASS 11 CBSE B.St Project AIDS TO TRADE - INSURANCE
 
Honest Reviews of Tim Han LMA Course Program.pptx
Honest Reviews of Tim Han LMA Course Program.pptxHonest Reviews of Tim Han LMA Course Program.pptx
Honest Reviews of Tim Han LMA Course Program.pptx
 
Acetabularia Information For Class 9 .docx
Acetabularia Information For Class 9 .docxAcetabularia Information For Class 9 .docx
Acetabularia Information For Class 9 .docx
 
Guidance_and_Counselling.pdf B.Ed. 4th Semester
Guidance_and_Counselling.pdf B.Ed. 4th SemesterGuidance_and_Counselling.pdf B.Ed. 4th Semester
Guidance_and_Counselling.pdf B.Ed. 4th Semester
 
Unit 2- Research Aptitude (UGC NET Paper I).pdf
Unit 2- Research Aptitude (UGC NET Paper I).pdfUnit 2- Research Aptitude (UGC NET Paper I).pdf
Unit 2- Research Aptitude (UGC NET Paper I).pdf
 
BÀI TẬP BỔ TRỢ TIẾNG ANH GLOBAL SUCCESS LỚP 3 - CẢ NĂM (CÓ FILE NGHE VÀ ĐÁP Á...
BÀI TẬP BỔ TRỢ TIẾNG ANH GLOBAL SUCCESS LỚP 3 - CẢ NĂM (CÓ FILE NGHE VÀ ĐÁP Á...BÀI TẬP BỔ TRỢ TIẾNG ANH GLOBAL SUCCESS LỚP 3 - CẢ NĂM (CÓ FILE NGHE VÀ ĐÁP Á...
BÀI TẬP BỔ TRỢ TIẾNG ANH GLOBAL SUCCESS LỚP 3 - CẢ NĂM (CÓ FILE NGHE VÀ ĐÁP Á...
 
Biological Screening of Herbal Drugs in detailed.
Biological Screening of Herbal Drugs in detailed.Biological Screening of Herbal Drugs in detailed.
Biological Screening of Herbal Drugs in detailed.
 
Palestine last event orientationfvgnh .pptx
Palestine last event orientationfvgnh .pptxPalestine last event orientationfvgnh .pptx
Palestine last event orientationfvgnh .pptx
 
Lapbook sobre os Regimes Totalitários.pdf
Lapbook sobre os Regimes Totalitários.pdfLapbook sobre os Regimes Totalitários.pdf
Lapbook sobre os Regimes Totalitários.pdf
 
CACJapan - GROUP Presentation 1- Wk 4.pdf
CACJapan - GROUP Presentation 1- Wk 4.pdfCACJapan - GROUP Presentation 1- Wk 4.pdf
CACJapan - GROUP Presentation 1- Wk 4.pdf
 
Phrasal Verbs.XXXXXXXXXXXXXXXXXXXXXXXXXX
Phrasal Verbs.XXXXXXXXXXXXXXXXXXXXXXXXXXPhrasal Verbs.XXXXXXXXXXXXXXXXXXXXXXXXXX
Phrasal Verbs.XXXXXXXXXXXXXXXXXXXXXXXXXX
 
2024.06.01 Introducing a competency framework for languag learning materials ...
2024.06.01 Introducing a competency framework for languag learning materials ...2024.06.01 Introducing a competency framework for languag learning materials ...
2024.06.01 Introducing a competency framework for languag learning materials ...
 
Francesca Gottschalk - How can education support child empowerment.pptx
Francesca Gottschalk - How can education support child empowerment.pptxFrancesca Gottschalk - How can education support child empowerment.pptx
Francesca Gottschalk - How can education support child empowerment.pptx
 
Digital Tools and AI for Teaching Learning and Research
Digital Tools and AI for Teaching Learning and ResearchDigital Tools and AI for Teaching Learning and Research
Digital Tools and AI for Teaching Learning and Research
 

Introduction to TLS 1.3

  • 1. INTRODUCTION TO TLS 1.3 Presented by Vedant Jain NULL BHOPAL MONTHLY MEET JANUARY 2020
  • 2. SUMMARY OF CONTENTS OUR MAIN TOPICS TODAY What is Transport Layer Security Whats New in TLS 1.3 How TLS Achieves This Key Goals of TLS 1.3 Security Benefits Privacy Benefits Difference between Handshake in TLS 1.2 & 1.3
  • 3. WHAT IS TLS THE BEGINNING OF TRANSPORT LAYER SECURITY Probably the Internet’s most important security protocol Designed over 20 years ago by Netscape for Web transactions But used for just about everything you can think of Maintained by the Internet Engineering Task Force – Back then, called Secure Sockets Layer – HTTP – SSL-VPNs – E-mail – Voice/video – IoT – We’re now at version 1.2
  • 4. WHATS NEW IN TLS 1.3 TLS 1.3 offers some great improvements over TLS 1.2. Vulnerable optional parts of the protocol have been removed, there’s support for stronger ciphers required to implement perfect forward secrecy (PFS), and the handshake process has been significantly shortened. In addition, implementing TLS 1.3 should be relatively simple. You can use the same keys you used for TLS 1.2. Clients and servers will automatically negotiate a TLS 1.3 handshake when they both support it, and Google Chrome and Mozilla Firefox already do it by default.
  • 5. TLS ACHIEVES THIS USING VARIOUS TECHNIQUES… – Symmetric key encryption for application data. – Typically Advanced Encryption Standard (AES). PRIVACY – Authenticated Encryption with Additional Data (AEAD). – Usually AES-GCM (Galois/Counter Mode) cipher mode. INTEGRITY – X509 certificates signed by a mutually trusted third party. – Typically server authenticated only. AUTHENTICATION
  • 6. KEY GOALS OF TLS 1.3 Clean up - Remove unsafe or Unused features Security - Improve security w/modern techniques Privacy - Encrypt more of the protocol. Performance -1-RTT and 0-RTT handshakes Continuity - Backwards compatibility
  • 7. SECURITY BENEFITS Although TLS 1.2 can still be deployed securely, several high-profile vulnerabilities have exploited optional parts of the protocol and outdated ciphers. TLS 1.3 removes many of these problematic options and only includes support for algorithms with no known vulnerabilities (at this time). The IETF chose to remove all ciphers that do not support PFS from TLS connections. These include DES, AESCBC, RC4, and other ciphers less commonly used.
  • 8. PRIVACY BENEFITS TLS 1.3 also enables PFS(Perfect Forward Secrecy) by default. This cryptographic technique adds another layer of confidentiality to an encrypted session, ensuring that only the two endpoints can decrypt the traffic. With PFS, even if a third party were to record an encrypted session, and later gain access to the server private key, they could not use that key to decrypt the session.
  • 10. REFERENCES WOULD I PREFERRED… http://web.stanford.edu/class/ee380/Abstracts/151118-slides.pdf https://www.owasp.org/images/9/91/OWASPLondon20180125_TLSv1.3_ Andy_Brodie.pdf https://www.cloudflare.com/learning-resources/tls-1-3/ https://www.f5.com/pdf/products/tls1-3_are-you-ready.pdf
  • 11. QUESTIONS? COMMENTS? LET US KNOW! @Vedant__Jain TWITTER jainvedant786@gmail.com EMAIL