Siddhartha Rao, profile picture
Uploaded bySiddhartha Rao
PPTX, PDF623 views

TLS v1.3

The document discusses Transport Layer Security (TLS) version 1.3, including what SSL is, the evolution from SSL to TLS, a comparison of TLS 1.2 and 1.3, and two caveats in TLS 1.3. SSL was a method to secure and encrypt sensitive information over HTTPS and had vulnerabilities like BEAST and POODLE that impacted browser security. TLS was developed as an updated standard by IETF in 1999 and revised in 2006 and 2008, addressing issues with earlier SSL versions. TLS 1.3 focuses on authentication, confidentiality, integrity and includes improvements like 0-RTT resumption and forward secrecy.

Embed presentation

Downloaded 35 times
RAJAN SINGH SIDDHARTHA RAO SANKET KAMATH GAURAV SHINDE Transport Layer Security (TLS) 1.3
• Authentication • Confidentiality • Integrity
Solution: - • Secure Connection • SSL Protocol • Different Versions
Agenda: • What is SSL? • Evolution from SSL to TLS • TLS in a nutshell • TLS 1.2 vs 1.3 • Handshake • Resumption • Forward secrecy • 2 caveats in TLS 1.3
What is SSL? https://vimeo.com/135666049
What is SSL ? ➢Secure Socket Layer is a method to secure and encrypt sensitive information. ➢ HTTPS ➢ SSL v1.0, V2.0, V3.0
Vulnerabilities • BEAST - 2011 • POODLE - 2014 Impact • By exploiting this vulnerability, an attacker can gain access to things like passwords and cookies, enabling him to access a user’s private account data on a website.
Evolution from SSL to TLS • Browsers and websites need to turn off SSLv3 and use more modern security protocols as soon as possible, in order to avoid compromising users’ private information.
TLS in a Nutshell • Developed by IETF in 1999 • Revised to TLS v1.1 in 2006 • Again, revised Tls v1.2 in 2008 • SSL v3.0 served as a basis for TLS 1.0 and closely related to SSL 3.0, and is sometimes referred to as "SSL 3.1" • Algorithms used: • Key Exchange: ECDHE-RSA, PSK etc • Cipher: AES CBC • Hashing: HMAC - MD5, SHA1
TLS in a Nutshell • 3 properties offered by TLS connection: • Private connection due to symmetric key encryption • Authentication due to public key encryption • Ensures integrity due to message integrity check
TLS in a Nutshell TLS handshake
What is TLS 1.3
TLS 1.2 Resumption
0-RTT Resumption
TLS 1.3 Caveats
Counter measures against Replay attacks
Thank you!

More Related Content

PDF
Lecture #21: HTTPS , SSL & TLS
byDr. Ramchandra Mangrulkar
 
PPTX
DNS spoofing/poisoning Attack
byFatima Qayyum
 
PDF
Introduction to TLS-1.3
byVedant Jain
 
PPTX
HTTPS
bymaroti164
 
PPT
SSL
bytheekuchi
 
PPTX
TLS 1.3: Everything You Need to Know - CheapSSLsecurity
byCheapSSLsecurity
 
PDF
Offzone | Another waf bypass
byДмитрий Бумов
 
PPTX
SSL And TLS
byGhanshyam Patel
 
Lecture #21: HTTPS , SSL & TLS
byDr. Ramchandra Mangrulkar
 
DNS spoofing/poisoning Attack
byFatima Qayyum
 
Introduction to TLS-1.3
byVedant Jain
 
HTTPS
bymaroti164
 
SSL
bytheekuchi
 
TLS 1.3: Everything You Need to Know - CheapSSLsecurity
byCheapSSLsecurity
 
Offzone | Another waf bypass
byДмитрий Бумов
 
SSL And TLS
byGhanshyam Patel
 

What's hot

PPSX
Secure socket layer
byNishant Pahad
 
PPTX
Rest API Security
byStormpath
 
PDF
SSL intro
byThree Lee
 
PPTX
SSL TLS Protocol
byDevang Badrakiya
 
PPTX
SSL
byBadrul Alam bulon
 
ODP
Tls 1.3
byKevin OBrien
 
PPTX
Cryptography
byHarry Potter
 
PPT
Secure Socket Layer
byNaveen Kumar
 
PPT
Penetration Testing Basics
byRick Wanner
 
PPTX
OpenSSL
byTimbal Mayank
 
PDF
Https
byPooya Sagharchiha
 
PPTX
Secure Socket Layer
byAbhishek Gupta
 
PPT
Ssl https
byAndrada Boldis
 
PPTX
Ssl (Secure Socket Layer)
bySandeep Gupta
 
PPT
RADIUS
byamogh_ubale
 
PDF
Gpg basics
byobsidisconsortia
 
PPTX
Introduction to penetration testing
byNezar Alazzabi
 
PPTX
TLS - Transport Layer Security
byByronKimani
 
PDF
HashiCorp's Vault - The Examples
byMichał Czeraszkiewicz
 
PPTX
Penetration testing reporting and methodology
byRashad Aliyev
 
Secure socket layer
byNishant Pahad
 
Rest API Security
byStormpath
 
SSL intro
byThree Lee
 
SSL TLS Protocol
byDevang Badrakiya
 
SSL
byBadrul Alam bulon
 
Tls 1.3
byKevin OBrien
 
Cryptography
byHarry Potter
 
Secure Socket Layer
byNaveen Kumar
 
Penetration Testing Basics
byRick Wanner
 
OpenSSL
byTimbal Mayank
 
Https
byPooya Sagharchiha
 
Secure Socket Layer
byAbhishek Gupta
 
Ssl https
byAndrada Boldis
 
Ssl (Secure Socket Layer)
bySandeep Gupta
 
RADIUS
byamogh_ubale
 
Gpg basics
byobsidisconsortia
 
Introduction to penetration testing
byNezar Alazzabi
 
TLS - Transport Layer Security
byByronKimani
 
HashiCorp's Vault - The Examples
byMichał Czeraszkiewicz
 
Penetration testing reporting and methodology
byRashad Aliyev
 

Similar to TLS v1.3

PPTX
Ssl and tls
byRana assad ali
 
PDF
Transport Layer Security
byIbrahiem Mohammed
 
PPTX
chp2 IS.pptx information security and data
bygallanandhini
 
PDF
Introduction to TLS 1.3
byn|u - The Open Security Community
 
PDF
CNIT 141: 13. TLS
bySam Bowne
 
PPTX
Green Modern Simple Cybersecurity Presentation.pptx
byMallikarjunpatilMall
 
PPTX
Difference between TLS 1.2 vs TLS 1.3 and tutorial of TLS2 and TLS2 version c...
byjeetendra mandal
 
ODP
Tls 13final13
byVitezslav Cizek
 
PDF
Rootconf2019
byHuzaifa Sidhpurwala
 
PPTX
Jim-Nitterauer-Decrypting-the-Mess-that-is-SSL-TLS-Negotiation-Preparing-for-...
byAliHaider897273
 
PPTX
secure socket layer
byAmar Shah
 
PPTX
Egor Podmokov - TLS from security point of view
bySergey Arkhipov
 
PDF
CNIT 141 13. TLS
bySam Bowne
 
PPTX
Transport Layer Security.pptx network se
byrehmankhansa9
 
PPTX
SSL_and_TLS_Overview concept the nice .pptx
byyvenkateswaracse
 
PDF
CNIT 141: 13. TLS
bySam Bowne
 
PPTX
SSL.pptx
byhammadhassan9507
 
PPTX
Transport_Level_Security in crotography.pptx
byyvenkateswaracse
 
PDF
Comparative Analysis of Open-SSL Vulnerabilities & Heartbleed Exploit Detection
byCSCJournals
 
PPTX
Secure Sockets Layer (SSL)
byBGSBU Rajouri
 
Ssl and tls
byRana assad ali
 
Transport Layer Security
byIbrahiem Mohammed
 
chp2 IS.pptx information security and data
bygallanandhini
 
Introduction to TLS 1.3
byn|u - The Open Security Community
 
CNIT 141: 13. TLS
bySam Bowne
 
Green Modern Simple Cybersecurity Presentation.pptx
byMallikarjunpatilMall
 
Difference between TLS 1.2 vs TLS 1.3 and tutorial of TLS2 and TLS2 version c...
byjeetendra mandal
 
Tls 13final13
byVitezslav Cizek
 
Rootconf2019
byHuzaifa Sidhpurwala
 
Jim-Nitterauer-Decrypting-the-Mess-that-is-SSL-TLS-Negotiation-Preparing-for-...
byAliHaider897273
 
secure socket layer
byAmar Shah
 
Egor Podmokov - TLS from security point of view
bySergey Arkhipov
 
CNIT 141 13. TLS
bySam Bowne
 
Transport Layer Security.pptx network se
byrehmankhansa9
 
SSL_and_TLS_Overview concept the nice .pptx
byyvenkateswaracse
 
CNIT 141: 13. TLS
bySam Bowne
 
SSL.pptx
byhammadhassan9507
 
Transport_Level_Security in crotography.pptx
byyvenkateswaracse
 
Comparative Analysis of Open-SSL Vulnerabilities & Heartbleed Exploit Detection
byCSCJournals
 
Secure Sockets Layer (SSL)
byBGSBU Rajouri
 

TLS v1.3

  • 1.
    RAJAN SINGH SIDDHARTHA RAO SANKETKAMATH GAURAV SHINDE Transport Layer Security (TLS) 1.3
  • 3.
  • 4.
    Solution: - • SecureConnection • SSL Protocol • Different Versions
  • 5.
    Agenda: • What isSSL? • Evolution from SSL to TLS • TLS in a nutshell • TLS 1.2 vs 1.3 • Handshake • Resumption • Forward secrecy • 2 caveats in TLS 1.3
  • 6.
  • 7.
    What is SSL? ➢Secure Socket Layer is a method to secure and encrypt sensitive information. ➢ HTTPS ➢ SSL v1.0, V2.0, V3.0
  • 8.
    Vulnerabilities • BEAST -2011 • POODLE - 2014 Impact • By exploiting this vulnerability, an attacker can gain access to things like passwords and cookies, enabling him to access a user’s private account data on a website.
  • 9.
    Evolution from SSLto TLS • Browsers and websites need to turn off SSLv3 and use more modern security protocols as soon as possible, in order to avoid compromising users’ private information.
  • 10.
    TLS in aNutshell • Developed by IETF in 1999 • Revised to TLS v1.1 in 2006 • Again, revised Tls v1.2 in 2008 • SSL v3.0 served as a basis for TLS 1.0 and closely related to SSL 3.0, and is sometimes referred to as "SSL 3.1" • Algorithms used: • Key Exchange: ECDHE-RSA, PSK etc • Cipher: AES CBC • Hashing: HMAC - MD5, SHA1
  • 11.
    TLS in aNutshell • 3 properties offered by TLS connection: • Private connection due to symmetric key encryption • Authentication due to public key encryption • Ensures integrity due to message integrity check
  • 12.
    TLS in aNutshell TLS handshake
  • 13.
  • 15.
  • 17.
  • 20.
  • 21.
  • 22.