The document provides an introduction to Transport Layer Security (TLS) and discusses some dos and don'ts for improving TLS connection security. It begins with an overview of cryptography concepts like encryption, hashing, and digital signatures. It then covers the history and development of TLS, including threats it aims to address. The document emphasizes that while TLS can provide protection, it is important for developers to properly configure and harden TLS implementations.
PGP and S/MIME are open source software packages that provide email security through encryption, authentication with digital signatures, and integrity checks. PGP uses algorithms like RSA, IDEA, and SHA-1, while S/MIME provides the same security functions as an extension to the MIME email format standard using technologies like digital signatures, encryption, and authentication. Both aim to ensure privacy, data security, and non-repudiation of email messages.
This document discusses how TLS (Transport Layer Security) works to securely encrypt internet communication. It explains the key aspects of TLS including authentication, key exchange, encryption, integrity protection, and forward secrecy. It discusses X.509 certificates and certificate chains. It also covers choosing strong cryptographic algorithms and key lengths to provide adequate security. Examples of cipher suites are provided that specify the cryptographic primitives and parameters used to implement security. Finally, resources for further learning about TLS/SSL and ways to validate TLS configurations are recommended.
Key management is the set of techniques and procedures for establishing and maintaining secure key relationships between parties. It involves generating, distributing, storing, updating, and revoking cryptographic keys. The objectives of key management are to maintain secure keying material and relationships to counter relevant threats like key compromise, in accordance with a security policy. Techniques include symmetric and public-key encryption, key hierarchies, certificates, and life cycle processes around user registration and key installation, update, and destruction.
Key management: Introduction, How public key distribution done, Diffie Hellman Key Exchage Algorithm,Digital Certificate. Key Management using Digital certificate is done etc. wireshark screenshot showing digital cetificate.
PGP and S/MIME are two standards for securing email. PGP uses asymmetric encryption and digital signatures to provide authentication, confidentiality, and compression of messages. It utilizes public/private key pairs and trust is established through signatures on public keys. S/MIME is an Internet standard that provides similar security services to MIME messages as PGP, using PKI/certificates and industry standard algorithms. Both standards encrypt messages and attach digital signatures to authenticate senders and guarantee message integrity.
This document discusses Message Authentication Codes (MACs). It describes MACs as secret key algorithms that generate a tag to authenticate messages. There are two main types of MACs - cipher-based MACs that use symmetric encryption algorithms like block ciphers, and hash-based MACs that apply hash functions. The document outlines the security properties MACs should provide, such as being difficult to forge tags or recover keys from known message-tag pairs. It also describes common attacks on MACs like key recovery attacks or forging valid message-tag pairs.
The document provides an overview of security topics including algorithms, encryption, digital signatures, certificates, and cryptography. It discusses the need for message security, privacy, authentication, integrity and non-repudiation. It then describes symmetric key cryptography, public key cryptography, digital signatures, key management, certificates, and security at the IP, transport and application layers including SSL/TLS, IPSec, PGP and S/MIME.
This document provides an overview of web security concepts for e-commerce, including client/server applications, communication channels, TCP/IP, the OSI model, and TCP/IP addressing. It then discusses various security threats and how cryptography, digital signatures, certificates, SSL/TLS, and firewalls can provide security. Cryptography techniques like symmetric/asymmetric encryption, hashing, and digital signatures are explained. The document also covers setting up secure SSL connections and the SET protocol for secure online payments.
PGP and S/MIME are open source software packages that provide email security through encryption, authentication with digital signatures, and integrity checks. PGP uses algorithms like RSA, IDEA, and SHA-1, while S/MIME provides the same security functions as an extension to the MIME email format standard using technologies like digital signatures, encryption, and authentication. Both aim to ensure privacy, data security, and non-repudiation of email messages.
This document discusses how TLS (Transport Layer Security) works to securely encrypt internet communication. It explains the key aspects of TLS including authentication, key exchange, encryption, integrity protection, and forward secrecy. It discusses X.509 certificates and certificate chains. It also covers choosing strong cryptographic algorithms and key lengths to provide adequate security. Examples of cipher suites are provided that specify the cryptographic primitives and parameters used to implement security. Finally, resources for further learning about TLS/SSL and ways to validate TLS configurations are recommended.
Key management is the set of techniques and procedures for establishing and maintaining secure key relationships between parties. It involves generating, distributing, storing, updating, and revoking cryptographic keys. The objectives of key management are to maintain secure keying material and relationships to counter relevant threats like key compromise, in accordance with a security policy. Techniques include symmetric and public-key encryption, key hierarchies, certificates, and life cycle processes around user registration and key installation, update, and destruction.
Key management: Introduction, How public key distribution done, Diffie Hellman Key Exchage Algorithm,Digital Certificate. Key Management using Digital certificate is done etc. wireshark screenshot showing digital cetificate.
PGP and S/MIME are two standards for securing email. PGP uses asymmetric encryption and digital signatures to provide authentication, confidentiality, and compression of messages. It utilizes public/private key pairs and trust is established through signatures on public keys. S/MIME is an Internet standard that provides similar security services to MIME messages as PGP, using PKI/certificates and industry standard algorithms. Both standards encrypt messages and attach digital signatures to authenticate senders and guarantee message integrity.
This document discusses Message Authentication Codes (MACs). It describes MACs as secret key algorithms that generate a tag to authenticate messages. There are two main types of MACs - cipher-based MACs that use symmetric encryption algorithms like block ciphers, and hash-based MACs that apply hash functions. The document outlines the security properties MACs should provide, such as being difficult to forge tags or recover keys from known message-tag pairs. It also describes common attacks on MACs like key recovery attacks or forging valid message-tag pairs.
The document provides an overview of security topics including algorithms, encryption, digital signatures, certificates, and cryptography. It discusses the need for message security, privacy, authentication, integrity and non-repudiation. It then describes symmetric key cryptography, public key cryptography, digital signatures, key management, certificates, and security at the IP, transport and application layers including SSL/TLS, IPSec, PGP and S/MIME.
This document provides an overview of web security concepts for e-commerce, including client/server applications, communication channels, TCP/IP, the OSI model, and TCP/IP addressing. It then discusses various security threats and how cryptography, digital signatures, certificates, SSL/TLS, and firewalls can provide security. Cryptography techniques like symmetric/asymmetric encryption, hashing, and digital signatures are explained. The document also covers setting up secure SSL connections and the SET protocol for secure online payments.
The presentation covers the topic concerned with message authentication code, which is used to verify the message integrity (Message is modified or not?).
Message authentication and hash functionomarShiekh1
The document discusses message authentication and hash functions. It covers security requirements including integrity, authentication and non-repudiation. It describes different authentication functions such as message encryption, message authentication codes (MACs), and hash functions. It provides examples of how hash functions work and evaluates the security of hash functions and MACs against brute force and cryptanalytic attacks.
Module 1: Introduction to Cryptography and Symmetric Key Ciphers
Computer Security Concepts - OSI Security Architecture -Security Attacks - Services, Mechanisms -
Symmetric Cipher Model - Traditional Block Cipher Structure - The Data Encryption Standard -The Strength of DES - Advanced Encryption Standard.
SECURITY PRACTICE & SYSTEM SECURITY
Authentication applications – Kerberos – X.509 Authentication services – Internet Firewalls for Trusted System: Roles of Firewalls – Firewall related terminology- Types of Firewalls – Firewall designs – SET for E-Commerce Transactions. Intruder – Intrusion detection system – Virus and related threats – Countermeasures – Firewalls design principles – Trusted systems – Practical implementation of
cryptography and security.
SSL is a secure protocol that runs above TCP/IP and allows users to encrypt data and authenticate server and client identities securely. It uses public key encryption to generate a shared secret and establish an encrypted connection. The SSL handshake process verifies the server's identity and allows the client and server to agree on encryption algorithms before exchanging data. This helps prevent man-in-the-middle attacks by authenticating servers and encrypting the connection.
The document provides an overview of cryptography and cryptanalysis. It discusses the history and foundations of cryptology, including definitions of key terms. Symmetric and asymmetric encryption algorithms are described, such as DES, AES, RSA, and their uses of secret or public keys. The importance of key size for encryption strength is also noted. Cryptographic methods like substitution, transposition, XOR, Vernam, and hash ciphers are outlined.
Pgp-Pretty Good Privacy is the open source freely available tool to encrypt your emails then you can very securely send mails to others over internet without fear of eavesdropping by cryptanalyst.
Key Distribution Problem in advanced operating systemMerlin Florrence
The document discusses the key distribution problem in cryptography. When two entities want to securely communicate, they must obtain matching encryption and decryption keys. There are different approaches to key distribution, including a centralized approach where a single Key Distribution Center (KDC) maintains secret keys for each user, and a fully distributed approach without a central authority. The centralized approach is simple to implement but relies on a single point of failure.
This presentation summarizes Secure Socket Layer (SSL) technology. It discusses how SSL uses encryption to provide security and integrity for data transmission. The presentation covers SSL architecture, including the certificate and hashing components. It also describes the SSL handshake process and how symmetric and asymmetric encryption algorithms are used to securely transfer data. Common algorithms like RSA, Diffie-Hellman, DES, and AES are also mentioned.
The document presents an overview of Secure Socket Layer (SSL) technology. It discusses how SSL establishes encrypted connections to provide security and integrity. It describes SSL architecture including certificates, hashing, asymmetric and symmetric data transfer, and the SSL handshake process. It also covers encryption algorithms like RC4, AES, Triple DES, and RSA that are used. Finally, it discusses asymmetric key cryptography algorithms like Diffie-Hellman and RSA, as well as symmetric key cryptography and the future scope of encryption standards.
This document outlines concepts related to system security and cryptography. It discusses security requirements like confidentiality, integrity, and authentication. It also explains different security mechanisms like symmetric and asymmetric encryption, hash functions, digital signatures, and their uses in message authentication and non-repudiation. Public key infrastructure and entity authentication using random numbers are also mentioned.
The document discusses SSL/TLS (Secure Sockets Layer/Transport Layer Security), which are cryptographic protocols that provide secure communication over the internet. It covers SSL/TLS concepts like handshaking, encryption, authentication. It also describes JSSE (Java Secure Socket Extension), the Java implementation of SSL/TLS, including its architecture, classes and configuration. The document provides references for further reading on SSL/TLS and JSSE.
Nate Lawson presents an overview of the TLS/SSL protocol design. He discusses the security goals of privacy, integrity, and authentication. He explains how these goals are achieved using cryptography primitives like symmetric encryption, public key encryption, certificates, message authentication codes, and secure PRNGs. He walks through the TLS handshake protocol in detail and discusses various attacks against SSL/TLS like side channel attacks, similarly-named certificate attacks, and data injection via renegotiation attacks.
This document discusses content protection in MPEG-DASH. It describes how DASH-IF IOP provides a framework for multiple DRMs to protect DASH content by adding instructions for protection system specific information and common encryption. Common encryption in MPEG-DASH uses AES 128 CTR mode to encrypt media data. The document outlines the main DRM components in DASH including content protection descriptors, encryption parameters, and license acquisition data. It provides an overview of the workflow and information flow for DRM license retrieval in MPEG-DASH.
This document discusses searchable encryption systems and the current state of data security. It covers common uses of encryption like SSL and describes limitations of early encryption methods like Yao's Garbled Circuits. The document then focuses on fully homomorphic encryption, which allows computations on encrypted data without decrypting it first. While promising, homomorphic encryption has limitations in speed and potential security issues that require more research to address.
Module: drand - the Distributed Randomness BeaconIoannis Psaras
drand is a distributed randomness beacon. It provides
publicly-verifiable, unpredictable and bias-resistant random numbers as a public service. In this module we'll walk through:
- Threshold Cryptography & Randomness
- The Distributed Key Generation in drand
- The Setup and Randomness Generation Phases
- The League of Entropy
The document summarizes details about a virtual meetup organized by the Bangalore MuleSoft Community on 5th September 2020. The agenda includes introductions, presentations on data protection/security in Mule, integration challenges, and NetSuite integration using MuleSoft. There will also be Q&A sessions. Priyanka Taggar from Accenture and Santosh C from Happiest Minds will speak. The meetup will have quizzes and winners will receive digital certificates and exam vouchers. Attendees are encouraged to network and provide feedback to help improve future meetups.
The document discusses several topics related to internet security including key management and distribution, TLS, and email security protocols. TLS provides web traffic security at the transport layer and uses cryptographic protocols to establish secure sessions between clients and servers. Email security protocols like S/MIME provide authentication, confidentiality, compression and compatibility by applying digital signatures and encryption to email.
The presentation covers the topic concerned with message authentication code, which is used to verify the message integrity (Message is modified or not?).
Message authentication and hash functionomarShiekh1
The document discusses message authentication and hash functions. It covers security requirements including integrity, authentication and non-repudiation. It describes different authentication functions such as message encryption, message authentication codes (MACs), and hash functions. It provides examples of how hash functions work and evaluates the security of hash functions and MACs against brute force and cryptanalytic attacks.
Module 1: Introduction to Cryptography and Symmetric Key Ciphers
Computer Security Concepts - OSI Security Architecture -Security Attacks - Services, Mechanisms -
Symmetric Cipher Model - Traditional Block Cipher Structure - The Data Encryption Standard -The Strength of DES - Advanced Encryption Standard.
SECURITY PRACTICE & SYSTEM SECURITY
Authentication applications – Kerberos – X.509 Authentication services – Internet Firewalls for Trusted System: Roles of Firewalls – Firewall related terminology- Types of Firewalls – Firewall designs – SET for E-Commerce Transactions. Intruder – Intrusion detection system – Virus and related threats – Countermeasures – Firewalls design principles – Trusted systems – Practical implementation of
cryptography and security.
SSL is a secure protocol that runs above TCP/IP and allows users to encrypt data and authenticate server and client identities securely. It uses public key encryption to generate a shared secret and establish an encrypted connection. The SSL handshake process verifies the server's identity and allows the client and server to agree on encryption algorithms before exchanging data. This helps prevent man-in-the-middle attacks by authenticating servers and encrypting the connection.
The document provides an overview of cryptography and cryptanalysis. It discusses the history and foundations of cryptology, including definitions of key terms. Symmetric and asymmetric encryption algorithms are described, such as DES, AES, RSA, and their uses of secret or public keys. The importance of key size for encryption strength is also noted. Cryptographic methods like substitution, transposition, XOR, Vernam, and hash ciphers are outlined.
Pgp-Pretty Good Privacy is the open source freely available tool to encrypt your emails then you can very securely send mails to others over internet without fear of eavesdropping by cryptanalyst.
Key Distribution Problem in advanced operating systemMerlin Florrence
The document discusses the key distribution problem in cryptography. When two entities want to securely communicate, they must obtain matching encryption and decryption keys. There are different approaches to key distribution, including a centralized approach where a single Key Distribution Center (KDC) maintains secret keys for each user, and a fully distributed approach without a central authority. The centralized approach is simple to implement but relies on a single point of failure.
This presentation summarizes Secure Socket Layer (SSL) technology. It discusses how SSL uses encryption to provide security and integrity for data transmission. The presentation covers SSL architecture, including the certificate and hashing components. It also describes the SSL handshake process and how symmetric and asymmetric encryption algorithms are used to securely transfer data. Common algorithms like RSA, Diffie-Hellman, DES, and AES are also mentioned.
The document presents an overview of Secure Socket Layer (SSL) technology. It discusses how SSL establishes encrypted connections to provide security and integrity. It describes SSL architecture including certificates, hashing, asymmetric and symmetric data transfer, and the SSL handshake process. It also covers encryption algorithms like RC4, AES, Triple DES, and RSA that are used. Finally, it discusses asymmetric key cryptography algorithms like Diffie-Hellman and RSA, as well as symmetric key cryptography and the future scope of encryption standards.
This document outlines concepts related to system security and cryptography. It discusses security requirements like confidentiality, integrity, and authentication. It also explains different security mechanisms like symmetric and asymmetric encryption, hash functions, digital signatures, and their uses in message authentication and non-repudiation. Public key infrastructure and entity authentication using random numbers are also mentioned.
The document discusses SSL/TLS (Secure Sockets Layer/Transport Layer Security), which are cryptographic protocols that provide secure communication over the internet. It covers SSL/TLS concepts like handshaking, encryption, authentication. It also describes JSSE (Java Secure Socket Extension), the Java implementation of SSL/TLS, including its architecture, classes and configuration. The document provides references for further reading on SSL/TLS and JSSE.
Nate Lawson presents an overview of the TLS/SSL protocol design. He discusses the security goals of privacy, integrity, and authentication. He explains how these goals are achieved using cryptography primitives like symmetric encryption, public key encryption, certificates, message authentication codes, and secure PRNGs. He walks through the TLS handshake protocol in detail and discusses various attacks against SSL/TLS like side channel attacks, similarly-named certificate attacks, and data injection via renegotiation attacks.
This document discusses content protection in MPEG-DASH. It describes how DASH-IF IOP provides a framework for multiple DRMs to protect DASH content by adding instructions for protection system specific information and common encryption. Common encryption in MPEG-DASH uses AES 128 CTR mode to encrypt media data. The document outlines the main DRM components in DASH including content protection descriptors, encryption parameters, and license acquisition data. It provides an overview of the workflow and information flow for DRM license retrieval in MPEG-DASH.
This document discusses searchable encryption systems and the current state of data security. It covers common uses of encryption like SSL and describes limitations of early encryption methods like Yao's Garbled Circuits. The document then focuses on fully homomorphic encryption, which allows computations on encrypted data without decrypting it first. While promising, homomorphic encryption has limitations in speed and potential security issues that require more research to address.
Module: drand - the Distributed Randomness BeaconIoannis Psaras
drand is a distributed randomness beacon. It provides
publicly-verifiable, unpredictable and bias-resistant random numbers as a public service. In this module we'll walk through:
- Threshold Cryptography & Randomness
- The Distributed Key Generation in drand
- The Setup and Randomness Generation Phases
- The League of Entropy
The document summarizes details about a virtual meetup organized by the Bangalore MuleSoft Community on 5th September 2020. The agenda includes introductions, presentations on data protection/security in Mule, integration challenges, and NetSuite integration using MuleSoft. There will also be Q&A sessions. Priyanka Taggar from Accenture and Santosh C from Happiest Minds will speak. The meetup will have quizzes and winners will receive digital certificates and exam vouchers. Attendees are encouraged to network and provide feedback to help improve future meetups.
The document discusses several topics related to internet security including key management and distribution, TLS, and email security protocols. TLS provides web traffic security at the transport layer and uses cryptographic protocols to establish secure sessions between clients and servers. Email security protocols like S/MIME provide authentication, confidentiality, compression and compatibility by applying digital signatures and encryption to email.
BSET_Lecture_Crypto and SSL_Overview_FINALGlenn Haley
This document provides an overview of cryptography and the SSL/TLS protocol. It begins with an introduction to symmetric and asymmetric cryptography. It then discusses how SSL/TLS uses both types of cryptography to provide data encryption, server authentication, and optional client authentication over unsecured networks. The document outlines the SSL/TLS handshake process and record layer format. It explains how SSL/TLS enables secure communication for applications like HTTPS. It also notes that SSL/TLS performance can be improved with hardware offloading due to its computational demands. Related books on cryptography and SSL/TLS are listed for additional reference.
With growing awareness and concerns regarding to cloud computing and information security, there is a growing awareness and usage of security algorithms into data systems and processes. Confidentiality means the data is understandable to the receiver only for all others it would be waste; it helps in preventing the unauthorized disclosure of sensitive information. Integrity means data received by receiver should be in the same form, the sender sends it; integrity helps in preventing modification from unauthorized user. Availability refers to assurance that user has access to information anytime and to any network. In the cloud confidentiality is obtained by cryptography. Cryptography is technique of converting data into unreadable form during storage and transmission, so that it appears waste to intruders. In the cloud integrity can be checked using a message authentication code (MAC) algorithm. Also by the help of calculating the hashing value. But both methods are not practically possible for large amount of data. Here symmetric algorithms (like IDEA, Blowfish, and DES) and asymmetric algorithms (like RSA, Homomorphic) are used for cloud based services that require data encryption. While sending data and during storage data is under threat because any unauthorized user can access it, modify it, so there is need to secure data. Any data is secure, if it fulfills three conditions i.e., Confidentiality, Integrity and Availability. There is a need to find a way to check data integrity while saving bandwidth and computation power. Remote data auditing, by which the data integrity or correctness of remotely stored data is investigated, has been given more attention recently.
This document discusses cryptography tools and protocols for secure communications. It describes public key infrastructure (PKI) systems which use public key cryptography to provide authentication, integrity, privacy, authorization and non-repudiation. Digital signatures and certificates are also discussed. The document outlines several protocols for securing email, web transactions, wireless networks and TCP/IP communications using methods like SSL, S/MIME, and IPSec. Symmetric and asymmetric cryptography are used in hybrid systems to securely transmit information over the internet and private networks.
The document discusses the history and purpose of TLS/SSL, including how it uses asymmetric and symmetric cryptography. It describes how TLS/SSL works, including the handshake and record layers, cipher suites, and public key infrastructure (PKI). It notes that TLS/SSL secures communications between applications and transport layers in the OSI model. Examples of exploits like session hijacking and man-in-the-middle attacks are provided to illustrate the importance of encryption.
This document discusses security issues related to mobile technology. It begins by explaining the importance of understanding threats when building a security system. It then discusses different types of attacks like interception, modification, and interruption that can target both static and dynamic assets. The document also covers security concepts like confidentiality, integrity, authorization, and availability. It explains symmetric and asymmetric encryption techniques as well as protocols like SSL, TLS, and WTLS that use these techniques to securely transmit data over networks.
This paper analyzes vulnerabilities of the SSL/TLS
Handshake
protocol
, which
is
responsible
for
authentication of
the parties in the
communication
and
negotiation of
security parameters
that
will be used
to protect
confidentiality and
integrity of the
data
. It
will
be
analyzed the
attacks
against the implementation of Handshake
protocol, as well as the
attacks against the other
elements
necessary to SSL/TLS protocol to discover security
flaws that were exploited, modes of
attack, the potential consequences, but also studyi
ng methods of defense
.
All versions of the
protocol are going to be the subject of the researc
h but
emphasis will be placed
on the critical
attack that
the most endanger the safety of data.
The goal of
the research
is
to point out the
danger of
existence
of at least
vulnerability
in the SSL/TLS protocol
, which
can be exploited
and
endanger the safety of
the data
that should be protected.
This paper analyzes vulnerabilities of the SSL/TLS Handshake protocol, which is responsible for authentication of the parties in the communication and negotiation of security parameters that will be used to protect confidentiality and integrity of the data. It will be analyzed the attacks against the implementation of Handshake protocol, as well as the attacks against the other
elements necessary to SSL/TLS protocol to discover security flaws that were exploited, modes of
attack, the potential consequences, but also studying methods of defense. All versions of the
protocol are going to be the subject of the research but emphasis will be placed on the critical attack that the most endanger the safety of data. The goal of the research is to point out the
danger of existence of at least vulnerability in the SSL/TLS protocol, which can be exploited and endanger the safety of the data that should be protected.
This is an introductory presentation to SSL and the basics of secure communication over the web. It walks over the concepts of how SSL works and the various methods for implementing a safe communication channel. It explains the mechanisms of web negotiation, before starting any web transaction between remote hosts.
International Journal of Engineering Research and Development (IJERD)IJERD Editor
journal publishing, how to publish research paper, Call For research paper, international journal, publishing a paper, IJERD, journal of science and technology, how to get a research paper published, publishing a paper, publishing of journal, publishing of research paper, reserach and review articles, IJERD Journal, How to publish your research paper, publish research paper, open access engineering journal, Engineering journal, Mathemetics journal, Physics journal, Chemistry journal, Computer Engineering, Computer Science journal, how to submit your paper, peer reviw journal, indexed journal, reserach and review articles, engineering journal, www.ijerd.com, research journals,
yahoo journals, bing journals, International Journal of Engineering Research and Development, google journals, hard copy of journal
IMPLEMENT A NOVEL SYMMETRIC BLOCK CIPHER ALGORITHMijcisjournal
Cryptography technology is a security technique used to change plain text to another shape of data or to symbols, which is known as the cipher text. Cryptography aims to keep the data secure during its journey through public networks. Currently, there are many proposed algorithms that provide this service especially for sensitive data or very important conversations either through mobile or video conferences. In this paper, an inventive security symmetric algorithm is implemented and evaluated, and its performance is compared to the AES. The algorithm has four different rounds for each quarter of the key container table, and each of them serves to shift the table. The algorithm uses the XOR operation, which, being lightweight and cheap, is very appropriate for use with Real Time Applications. The result shows that the suggested algorithm spends less time than AES although it has 16 rounds and the numbers used to mix up the table are big.
The Time-Consuming Task Of Preparing A Data Set For...Kimberly Thomas
The document discusses preparing data sets for analysis in data mining and privacy preserving techniques. It states that preparing data sets is a time-consuming task that requires complex SQL queries, joining tables, and aggregating columns. Significant manual effort is needed to build data sets in a horizontal layout. It also discusses the need for privacy-preserving algorithms to protect sensitive data during the data mining process. The document proposes using case, pivot and SPJ methods to horizontally aggregate data, then employing a homomorphic encryption scheme to preserve privacy during the aggregations. Homomorphic encryption allows computations on encrypted data to produce an encrypted result that matches the result of operations on plaintext.
Cryptography technology is a security technique used to change plain text to another shape of data or to
symbols, which is known as the cipher text. Cryptography aims to keep the data secure during its journey
through public networks. Currently, there are many proposed algorithms that provide this service
especially for sensitive data or very important conversations either through mobile or video conferences. In
this paper, an inventive security symmetric algorithm is implemented and evaluated, and its performance is
compared to the AES. The algorithm has four different rounds for each quarter of the key container table,
and each of them serves to shift the table. The algorithm uses the XOR operation, which, being lightweight
and cheap, is very appropriate for use with Real Time Applications. The result shows that the suggested
algorithm spends less time than AES although it has 16 rounds and the numbers used to mix up the table
are big.
A Survey On The Cryptographic Encryption AlgorithmsJoe Osborn
This document summarizes and compares several symmetric encryption algorithms, including DES, 3DES, Blowfish, AES, and HiSea. It discusses the components, workings, and security aspects of symmetric block ciphers and stream ciphers. It also briefly covers asymmetric encryption and key schedule algorithms. The document evaluates and compares the performance of the symmetric algorithms based on encryption speed, throughput, key size, security properties, and other factors to help users select the most suitable algorithm for their needs.
This document discusses several internet security protocols and standards, including S/MIME, DKIM, SSL/TLS, and IPSec. S/MIME provides security enhancements to email by adding features like digital signatures, encryption, and authentication. DKIM allows email domains to cryptographically sign messages to verify a message came from a claimed domain. SSL/TLS provides transport layer security and encryption for network protocols like HTTP. IPSec works at the IP layer to provide authentication, encryption, and key management for network traffic security.
This document provides an overview of cryptography and different cryptographic algorithms. It defines cryptography as scrambling information so it cannot be read by unauthorized individuals. There are three main types of cryptographic algorithms: hash algorithms that create a unique digital fingerprint of data, symmetric algorithms that use the same key to encrypt and decrypt, and asymmetric algorithms that use two related keys (a public and private key). Common symmetric algorithms include AES and DES, while asymmetric algorithms solve the key distribution problem of symmetric cryptography.
Research trends review on RSA scheme of asymmetric cryptography techniquesjournalBEEI
One of the cryptography classifications is asymmetric cryptography, which uses two different keys to encrypt and decrypt the message. This paper discusses a review of RSA scheme of asymmetric cryptography techniques. It is trying to present the domains of RSA scheme used including in public network, wireless sensor network, image encryption, cloud computing, proxy signature, Internet of Things and embedded device, based on the perspective of researchers’ effort in the last decade. Other than that, this paper reviewed the trends and the performance metrics of RSA scheme such as security, speed, efficiency, computational complexity and space based on the number of researches done. Finally, the technique and strengths of the proposed scheme are also stated in this paper.
Comparative Analysis of Open-SSL Vulnerabilities & Heartbleed Exploit DetectionCSCJournals
Since its introduction in 1994 the Secure Socket Layer (SSL) protocol (later renamed to Transport Layer Security (TLS)) evolved to the de facto standard for securing the transport layer. SSL/TLS can be used for ensuring data confidentiality, integrity and authenticity during transport. A main feature of the protocol is its flexibility. Modes of operation and security aims can easily be configured through different cipher suites. During its evolutionary development process several flaws were found. However, the flexible architecture of SSL/TLS allowed efficient fixes in order to counter the issues. This paper presents an overview on theoretical and practical attacks of the last 20 years.
The document discusses securing remote access connections by using a virtual private network (VPN) with Windows Server 2012 R2's Routing and Remote Access feature. It will use Extensible Authentication Protocol-Transport Level Security (EAP-TLS) and smartcards for authentication to encrypt traffic and securely connect remote users to the network. The goal is to properly secure these connections to provide end users with secure access to potentially sensitive company data and resources from outside the office.
Similar to Why “It’s over TLS” is not good enough (20)
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...Neo4j
Leonard Jayamohan, Partner & Generative AI Lead, Deloitte
This keynote will reveal how Deloitte leverages Neo4j’s graph power for groundbreaking digital twin solutions, achieving a staggering 100x performance boost. Discover the essential role knowledge graphs play in successful generative AI implementations. Plus, get an exclusive look at an innovative Neo4j + Generative AI solution Deloitte is developing in-house.
Dr. Sean Tan, Head of Data Science, Changi Airport Group
Discover how Changi Airport Group (CAG) leverages graph technologies and generative AI to revolutionize their search capabilities. This session delves into the unique search needs of CAG’s diverse passengers and customers, showcasing how graph data structures enhance the accuracy and relevance of AI-generated search results, mitigating the risk of “hallucinations” and improving the overall customer journey.
In his public lecture, Christian Timmerer provides insights into the fascinating history of video streaming, starting from its humble beginnings before YouTube to the groundbreaking technologies that now dominate platforms like Netflix and ORF ON. Timmerer also presents provocative contributions of his own that have significantly influenced the industry. He concludes by looking at future challenges and invites the audience to join in a discussion.
“An Outlook of the Ongoing and Future Relationship between Blockchain Technologies and Process-aware Information Systems.” Invited talk at the joint workshop on Blockchain for Information Systems (BC4IS) and Blockchain for Trusted Data Sharing (B4TDS), co-located with with the 36th International Conference on Advanced Information Systems Engineering (CAiSE), 3 June 2024, Limassol, Cyprus.
Infrastructure Challenges in Scaling RAG with Custom AI modelsZilliz
Building Retrieval-Augmented Generation (RAG) systems with open-source and custom AI models is a complex task. This talk explores the challenges in productionizing RAG systems, including retrieval performance, response synthesis, and evaluation. We’ll discuss how to leverage open-source models like text embeddings, language models, and custom fine-tuned models to enhance RAG performance. Additionally, we’ll cover how BentoML can help orchestrate and scale these AI components efficiently, ensuring seamless deployment and management of RAG systems in the cloud.
Driving Business Innovation: Latest Generative AI Advancements & Success StorySafe Software
Are you ready to revolutionize how you handle data? Join us for a webinar where we’ll bring you up to speed with the latest advancements in Generative AI technology and discover how leveraging FME with tools from giants like Google Gemini, Amazon, and Microsoft OpenAI can supercharge your workflow efficiency.
During the hour, we’ll take you through:
Guest Speaker Segment with Hannah Barrington: Dive into the world of dynamic real estate marketing with Hannah, the Marketing Manager at Workspace Group. Hear firsthand how their team generates engaging descriptions for thousands of office units by integrating diverse data sources—from PDF floorplans to web pages—using FME transformers, like OpenAIVisionConnector and AnthropicVisionConnector. This use case will show you how GenAI can streamline content creation for marketing across the board.
Ollama Use Case: Learn how Scenario Specialist Dmitri Bagh has utilized Ollama within FME to input data, create custom models, and enhance security protocols. This segment will include demos to illustrate the full capabilities of FME in AI-driven processes.
Custom AI Models: Discover how to leverage FME to build personalized AI models using your data. Whether it’s populating a model with local data for added security or integrating public AI tools, find out how FME facilitates a versatile and secure approach to AI.
We’ll wrap up with a live Q&A session where you can engage with our experts on your specific use cases, and learn more about optimizing your data workflows with AI.
This webinar is ideal for professionals seeking to harness the power of AI within their data management systems while ensuring high levels of customization and security. Whether you're a novice or an expert, gain actionable insights and strategies to elevate your data processes. Join us to see how FME and AI can revolutionize how you work with data!
How to Get CNIC Information System with Paksim Ga.pptxdanishmna97
Pakdata Cf is a groundbreaking system designed to streamline and facilitate access to CNIC information. This innovative platform leverages advanced technology to provide users with efficient and secure access to their CNIC details.
Threats to mobile devices are more prevalent and increasing in scope and complexity. Users of mobile devices desire to take full advantage of the features
available on those devices, but many of the features provide convenience and capability but sacrifice security. This best practices guide outlines steps the users can take to better protect personal devices and information.
Full-RAG: A modern architecture for hyper-personalizationZilliz
Mike Del Balso, CEO & Co-Founder at Tecton, presents "Full RAG," a novel approach to AI recommendation systems, aiming to push beyond the limitations of traditional models through a deep integration of contextual insights and real-time data, leveraging the Retrieval-Augmented Generation architecture. This talk will outline Full RAG's potential to significantly enhance personalization, address engineering challenges such as data management and model training, and introduce data enrichment with reranking as a key solution. Attendees will gain crucial insights into the importance of hyperpersonalization in AI, the capabilities of Full RAG for advanced personalization, and strategies for managing complex data integrations for deploying cutting-edge AI solutions.
GraphRAG for Life Science to increase LLM accuracyTomaz Bratanic
GraphRAG for life science domain, where you retriever information from biomedical knowledge graphs using LLMs to increase the accuracy and performance of generated answers
Goodbye Windows 11: Make Way for Nitrux Linux 3.5.0!SOFTTECHHUB
As the digital landscape continually evolves, operating systems play a critical role in shaping user experiences and productivity. The launch of Nitrux Linux 3.5.0 marks a significant milestone, offering a robust alternative to traditional systems such as Windows 11. This article delves into the essence of Nitrux Linux 3.5.0, exploring its unique features, advantages, and how it stands as a compelling choice for both casual users and tech enthusiasts.
UiPath Test Automation using UiPath Test Suite series, part 6DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 6. In this session, we will cover Test Automation with generative AI and Open AI.
UiPath Test Automation with generative AI and Open AI webinar offers an in-depth exploration of leveraging cutting-edge technologies for test automation within the UiPath platform. Attendees will delve into the integration of generative AI, a test automation solution, with Open AI advanced natural language processing capabilities.
Throughout the session, participants will discover how this synergy empowers testers to automate repetitive tasks, enhance testing accuracy, and expedite the software testing life cycle. Topics covered include the seamless integration process, practical use cases, and the benefits of harnessing AI-driven automation for UiPath testing initiatives. By attending this webinar, testers, and automation professionals can gain valuable insights into harnessing the power of AI to optimize their test automation workflows within the UiPath ecosystem, ultimately driving efficiency and quality in software development processes.
What will you get from this session?
1. Insights into integrating generative AI.
2. Understanding how this integration enhances test automation within the UiPath platform
3. Practical demonstrations
4. Exploration of real-world use cases illustrating the benefits of AI-driven test automation for UiPath
Topics covered:
What is generative AI
Test Automation with generative AI and Open AI.
UiPath integration with generative AI
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
For the full video of this presentation, please visit: https://www.edge-ai-vision.com/2024/06/building-and-scaling-ai-applications-with-the-nx-ai-manager-a-presentation-from-network-optix/
Robin van Emden, Senior Director of Data Science at Network Optix, presents the “Building and Scaling AI Applications with the Nx AI Manager,” tutorial at the May 2024 Embedded Vision Summit.
In this presentation, van Emden covers the basics of scaling edge AI solutions using the Nx tool kit. He emphasizes the process of developing AI models and deploying them globally. He also showcases the conversion of AI models and the creation of effective edge AI pipelines, with a focus on pre-processing, model conversion, selecting the appropriate inference engine for the target hardware and post-processing.
van Emden shows how Nx can simplify the developer’s life and facilitate a rapid transition from concept to production-ready applications.He provides valuable insights into developing scalable and efficient edge AI solutions, with a strong focus on practical implementation.
Programming Foundation Models with DSPy - Meetup SlidesZilliz
Prompting language models is hard, while programming language models is easy. In this talk, I will discuss the state-of-the-art framework DSPy for programming foundation models with its powerful optimizers and runtime constraint system.
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slackshyamraj55
Discover the seamless integration of RPA (Robotic Process Automation), COMPOSER, and APM with AWS IDP enhanced with Slack notifications. Explore how these technologies converge to streamline workflows, optimize performance, and ensure secure access, all while leveraging the power of AWS IDP and real-time communication via Slack notifications.
UiPath Test Automation using UiPath Test Suite series, part 5DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 5. In this session, we will cover CI/CD with devops.
Topics covered:
CI/CD with in UiPath
End-to-end overview of CI/CD pipeline with Azure devops
Speaker:
Lyndsey Byblow, Test Suite Sales Engineer @ UiPath, Inc.
Communications Mining Series - Zero to Hero - Session 1DianaGray10
This session provides introduction to UiPath Communication Mining, importance and platform overview. You will acquire a good understand of the phases in Communication Mining as we go over the platform with you. Topics covered:
• Communication Mining Overview
• Why is it important?
• How can it help today’s business and the benefits
• Phases in Communication Mining
• Demo on Platform overview
• Q/A
Communications Mining Series - Zero to Hero - Session 1
Why “It’s over TLS” is not good enough
1. Why “It’s over TLS” is not good enough
An introduction to TLS with some Do’s and Don’ts to improve TLS
connection security
April 2018
2. M. Hooper [April 2018, v1.0]
2
Introduction
●
Who am I?
– Matt Hooper
●
https://www.linkedin.com/in/matthewhooper1/
– Software Engineer and Security Advocate
●
Why make these slides?
– This deck is a combination of a few smaller presentations that I’ve merged together with the hopes that it proves useful as both a
learning resource and future point of reference
●
What will I cover?
– Cryptography Primer
– Introduction to TLS
– Certifcates and Public Key Infrastructure (PKI)
– 7 things to remember – Do’s and Don’ts
– Tools and Testing
3. M. Hooper [April 2018, v1.0]
3
Why should we care?
●
Communication security is hugely important
– Just think of all the Personal, Medical, Financial, Social, IoT, Proprietary and Government communication on the Internet these days
and how it all needs protecting
– “With one in ten adults now falling victim to cyber crime, it is clear that the uptake of connected products and services will only
increase the attack surface” [49]
●
TLS is often used as “the answer” to securing all communications
– It’s the responsibility of the person coding / deploying the TLS enabled service to ensure that it is secure but too often default
confgurations are used which are not hardened
– Many protocols rely completely on the protection of the TLS connection; a good example being OAuth2 [77]
– “It doesn’t matter if we send the password in plain-text; it’s over TLS”
I’ve heard this before and it’s certainly true that TLS can provide a great deal of protection for data “on the wire” but if you’ve
skipped the above hardening step then the resulting connections may not be as secure as you think...
5. M. Hooper [April 2018, v1.0]
5
Cryptography Primer – What is Encryption?
●
What is Encryption?
– “Data encryption translates data into another form, or code, so that only people with access to a secret key (formally called a
decryption key) or password can read it. Encrypted data is commonly referred to as ciphertext, while unencrypted data is called
plaintext. Currently, encryption is one of the most popular and efective data security methods used by organizations. Two main
types of data encryption exist - asymmetric encryption, also known as public-key encryption, and symmetric encryption.” [50]
●
Encryption provides confientiality [52]
●
Two forms
– Symmetric (1 key)
– Asymmetric (2 keys)
●
TLS utilises both Symmetric and Asymmetric encryption
Image: https://www.linkedin.com/pulse/cia-triad-jubran-alloghbi
6. M. Hooper [April 2018, v1.0]
6
Cryptography Primer – Symmetric Encryption
●
Same key used for both encryption and decryption [1]
– Introduces a key distribution problem
●
Two types – Stream and Block
– Stream ciphers [2] encrypt a stream bit by bit
– Block ciphers [3] take a number of bits and encrypt them as a block
●
Block ciphers can have diferent operating modes
– These modes defne how each block is handled
●
e.g. independently or chained with the previous block
– Common modes
●
Cipher Block Chaining (CBC) [4]
●
Counter Mode (CTR) [5]
●
Counter Mode with CBC-MAC (CCM) [6]
●
Galois-Counter Mode (GCM) [7]
– Form of Authenticated Encryption with Associated Data (AEAD) [8, 39, 76]
●
TLS can use symmetric encryption ciphers for data encryption to provide confdentiality
Image: http://msdn.microsoft.com/en-us/library/f650720.aspx
7. M. Hooper [April 2018, v1.0]
7
Cryptography Primer – Asymmetric Encryption
Image: http://msdn.microsoft.com/en-us/library/f650720.aspx
●
Also known as Public Key Encryption [9]
●
Uses a key pair – one Public and the other Private
– Encrypt with one, decrypt with the other
– Solves the key distribution problem from symmetric encryption
●
Data encrypted with the Public key can only be decrypted
with the Private key
– Provides confdentiality
– Allows you to publish your Public key and receive secure messages as only you have the
Private key to decrypt them
●
Data encrypted with the Private key can only be decrypted with
the Public key
– Provides proof of authorship but not confdentiality
– As only you have the Private key only you could have encrypted the message
– Does not provide confdentiality as anyone can have your Public key and decrypt the message
8. M. Hooper [April 2018, v1.0]
8
Cryptography Primer – Asymmetric Encryption
Image: http://msdn.microsoft.com/en-us/library/f650720.aspx
●
Asymmetric ciphers are often slower than symmetric ciphers
●
Keys are typically larger than for symmetric ciphers
– e.g. 3072bit RSA (asymmetric) ≈ 128bit AES (symmetric) [10, 41]
●
TLS can use asymmetric ciphers for authentication and/or key
exchange
9. M. Hooper [April 2018, v1.0]
9
Cryptography Primer – Digests
●
Also known as a Hash [11]
– e.g. SHA-256 [29]
●
A deterministic, one way function that produces a given output for a given input where a small
change to the input has a large change to the output
●
Typically the output is short and fxed length, regardless of the size of the input
●
A cryptographic digest has 4 signifcant properties
– Easy (but not necessarily quick) to compute the hash value for any given message
– Infeasable to generate a message that has a given hash
– Infeasable to modify a message without changing the hash
– Infeasable to fnd two diferent messages with the same hash; this is known as a collision
●
TLS uses digest algorithms to provide integrity
10. M. Hooper [April 2018, v1.0]
10
Cryptography Primer – Digital Signatures
Image: https://en.wikipedia.org/wiki/Digital_signature
●
Combination of Asymmetric encryption and Digests [12]
●
Author computes digest of data and then that
digest is encrypted with the authors Private key
to produce the Signature
– Provides proof of authorship as only the author has their Private key
– Provides message integrity as the hash can be verifed by the recipient
●
Recipient decrypts the signature with the authors
Public key resulting in the original digest value which
is then compared with the digest they compute of the
received message
– If the signature decrypts then it must be from the author
– If the digest values match then the message has not been tampered
with
11. M. Hooper [April 2018, v1.0]
11
Cryptography Primer – Elliptic-Curves
●
Can be used for key agreement, pseudo-random number generation and digital signatures [13]
●
More efcient with equivalent security from smaller keys than traditional algorithms such as
RSA
●
Uses
– Elliptic-Curve Dife-Hellman (ECDH) [31] can be used for key agreement
– Elliptic-Curve Digital Signature Algorithm (ECDSA) [30] for digital signatures
– Elliptic-Curve cryptography combines Elliptic-Curve key agreement and symmetric encryption
●
TLS can use elliptic-curves for key agreement and/or digital signatures
13. M. Hooper [April 2018, v1.0]
13
Introduction to TLS
●
Transport Layer Security [15]
– Often still referred to as Secure Sockets Layer (SSL) for historical reasons
●
Designed for confientiality and integrity
●
TLS is best thought of as an extensible negotiation protocol
– You can negotiate strong encryption
– You can negotiate authentication
– You can negotiate secure key agreement and forward secrecy
– These are all optional
●
Yes, encryption is optional
●
Easy to deploy but harier to ieploy securely
– Complicated protocols and ecosystem with a lot of scope for mistakes leading to a large attack surface
14. M. Hooper [April 2018, v1.0]
14
Introduction to TLS – Threat Model
Image: https://www.ssllabs.com/downloads/SSL_Threat_Model.png
15. M. Hooper [April 2018, v1.0]
15
Introduction to TLS – History
●
Before there was TLS, there was SSL
●
SSLv1, Secure Sockets Layer, not released
●
SSLv2 released by Netscape in 1994
– Do NOT use
– Prohibited in RFC6176 [17]
●
SSLv3 (RFC6101 [16]) released in 1995
– Do NOT use
– Deprecated in RFC7568 [18]
Image: https://www.slideshare.net/danrlde/20120418-luedtke-ssltlscbcbeast
16. M. Hooper [April 2018, v1.0]
16
Introduction to TLS – History
●
TLS, Transport Layer Security, Working Group formed in 1996
●
TLSv1.0 (RFC2246 [19]) released in 1999
– Not compatible with SSL but there is a downgrade mechanism
●
TLSv1.1 (RFC4346 [20]) released in 2006
– Added CBC cipher mode improvements, due to the POODLE
attack [22, 23] (explicit initialisation vector), and padding changes
●
TLSv1.2 (RFC5246 [21]) released in 2008
– Extensions added
– MD5-SHA1 psuedorandom function replaced with SHA-256
– Signature digest now negotiated
– Added support for AEAD ciphers, such as GCM and CCM modes
Image: https://www.slideshare.net/danrlde/20120418-luedtke-ssltlscbcbeast
17. M. Hooper [April 2018, v1.0]
17
Introduction to TLS – Present (almost)
●
TLSv1.3 (draft-ietf-tls-tls13-28 [34])
– Prunes “legacy” symmetric algorithms
– “The ciphersuite concept has been changed to separate the authentication and key exchange mechanisms from the record
protection algorithm (including secret key length) and a hash to be used with the key derivation function and HMAC.” [34]
– Static RSA and DH cipher suites removed so all public key based mechanisms now provide forward secrecy
– All handshake messages after the ServerHello are encrypted
●
One advantage is that Certifcates are now protected during the handshake which removes the information leak
– Elliptic-curve algorithms now included in the base specifcation
– Version negotiation has been changed to an explicit list
– 0-RTT handshake option available but at the cost of certain security properties
18. M. Hooper [April 2018, v1.0]
18
Introduction to TLS – Handshake Protocol
Image: Bulletproof SSL and TLS, Feisty Duck publishing [14]
●
The Handshake Protocol is responsible for negotiating a
session
●
“The TLS Handshake Protocol involves the following
steps:
– Exchange hello messages to agree on algorithms, exchange random
values, and check for session resumption.
– Exchange the necessary cryptographic parameters to allow the client and
server to agree on a premaster secret.
– Exchange certifcates and cryptographic information to allow the client and
server to authenticate themselves.
– Generate a master secret from the premaster secret and exchanged
random values.
– Provide security parameters to the record layer.
– Allow the client and server to verify that their peer has
calculated the same security parameters and that the
handshake occurred without tampering by an attacker.” [21]
19. M. Hooper [April 2018, v1.0]
19
Introduction to TLS – Handshake Protocol
Image: Bulletproof SSL and TLS, Feisty Duck publishing [14]
●
Keys need to be exchanged / agreed
– Both Client and Server need a symmetric (Master) key but this obviously
can’t be sent plain-text in the handshake
– Enter the Master and PreMaster Secrets…
●
PreMaster Secret
– Secret data exchanged / agreed between client and server
– RSA key exchange
●
When RSA key exchange has been used, the PreMaster Secret is generated
by the client and sent to the server encrypted with the servers public key
– Dife-Hellman
●
When DH key agreement has been used the result of the DH exchange is
used as the PreMaster Secret
●
Master Secret
– Derived from the PreMaster Secret and other data in the
handshake
– Encryption and Hashing keys are generated from the Master
secret
20. M. Hooper [April 2018, v1.0]
20
Introduction to TLS – Record Protocol
●
Responsible for chunking messages, bulk data encryption and integrity
●
Base protocol for messaging
– “The Record Protocol takes messages to be transmitted, fragments the
data into manageable blocks, optionally compresses the data, applies a
MAC, encrypts, and transmits the result. Received data is decrypted,
verifed, decompressed, reassembled, and then delivered to higher-level
clients.” [21]
●
Connection states
– “A TLS connection state is the operating environment of the TLS Record
Protocol. It specifes a compression algorithm, an encryption algorithm,
and a MAC algorithm. In addition, the parameters for these algorithms
are known: the MAC key and the bulk encryption keys for the connection
in both the read and the write directions.” [21]
●
Records
– “The record layer fragments information blocks into TLSPlaintext records carrying data in chunks of 2^14 bytes or less. Client
message boundaries are not preserved in the record layer (i.e., multiple client messages of the same ContentType MAY be coalesced
into a single TLSPlaintext record, or a single message MAY be fragmented across several records).” [21]
Image: https://www.slideshare.net/danrlde/20120418-luedtke-ssltlscbcbeast
21. M. Hooper [April 2018, v1.0]
21
Introduction to TLS – Protocol Versions
●
Handshake
– TLS protocol version is negotiated between Client and Server
– ClientHello version
●
Maximum TLS protocol version supported by the client
– e.g. 0x0303 is TLSv1.2
– ServerHello version
●
Selected TLS protocol version number for the negotiation
●
Ideally, the highest common version between Client and Server
●
Records
– The record layer is also versioned so that the Client and Server use the same record format
– Versioning independent of the TLS protocol version
22. M. Hooper [April 2018, v1.0]
22
Introduction to TLS – Cipher Suites
●
Cipher suites defne which algorithms a connection uses
●
For example, the cipher suite ECDHE-RSA-AES256-GCM-SHA384 (OpenSSL format [54]) can be
read as
– Ephemeral Elliptic-Curve Dife-Hellman (ECDHE) Key Agreement
●
Alternatives include regular Dife-Hellman (DH) and RSA key exchange
– RSA based Authentication
●
Alternatives include Elliptic-Curve Digital Signature Algorithm (ECDSA) and Pre-Shared Keys (PSK)
– AES encryption with a 256bit key (AES256) as the Symmetric Cipher (data encryption scheme)
●
Alternatives include Cammellia, 3DES, AES-128
– Galois-Counter Mode (GCM) as the Symmetric Cipher Mode
●
Alternatives include CBC, CCM
– SHA-384 digest for the Message Authentication Code (integrity protection)
●
Alternatives include SHA-256, AEAD schemes
23. M. Hooper [April 2018, v1.0]
23
Introduction to TLS – Cipher Suites
●
Examples of available cipher suites from OpenSSL
– Example NULL algorithms highlighted in Red
– Example weak algorithms highlighted in Orange
24. M. Hooper [April 2018, v1.0]
24
Introduction to TLS – Forward Secrecy
●
“Forward Secrecy or Perfect Forward Secrecy is a property of a cipher suite that ensures
confdentiality even if the server key has been compromised. Thus if trafc has been recorded
it cannot be decrypted even if an adversary has got hold of the server key” [44]
●
Mitigates future key compromise
– e.g. If you’re using RSA keys in your certifcates and a cipher suite that uses RSA key exchange then the pre-master secret is
protected by the RSA key when it is sent over the wire. If the RSA keys are later obtained from the server, previously captured trafc
can be decrypted – you have no forward secrecy
●
Ephemeral Dife-Hellman uses a unique key per session to provide Forwari Secrecy
– Ephemeral Dife-Hellman (EDH or DHE)
– Ephemeral Elliptic-Curve Dife-Hellman (EECDH or ECDHE)
●
Real world problems
– HeartBleed [45] vulnerability
●
A problem with OpenSSLs implementation of the TLS Heartbeat extension
●
Can be exploited to retrieve memory (from client or server)
●
Stolen memory could include private keys allowing decryption of the pre-master secret and therefore any captured trafc
25. M. Hooper [April 2018, v1.0]
25
Certifcates and Public Key Infrastructure
26. M. Hooper [April 2018, v1.0]
26
Certifcates and PKI
●
Certifcates are probably the most commonly used form of authentication for TLS connections
– Typically you see the Client authenticate the Server
●
Server sends its certifcate to the client
●
Client authenticates the server using the Public Key in the server’s certifcate
●
The Server doesn’t authenticate the client
– Mutual TLS is where the Server also requests a certifcate from the Client
●
Client authenticates server as before
●
Server requests a certifcate from the client
●
Server receives a certifcate from the client so it can perform authentication too
27. M. Hooper [April 2018, v1.0]
27
Certifcates and PKI – What is a Certifcate?
●
Certifcates
– The standard for digital certifcates is X.509v3 [48]
– Basically a container for a public key
– Carries meta data about who/what the certifcate was issued to, when it can be used and how
●
Uses include Server, Client, E-mail and Software Signing
– Issuer digitally signs the certifcate as proof of issuance
– Can be used for key exchange, when using RSA keys, but this does not provide Forward Secrecy
●
Certifcates require some management – an issuer, way to revoke, etc. - which is where Public
Key Infrastructure comes into play
28. M. Hooper [April 2018, v1.0]
28
Certifcates and PKI – What is PKI?
●
“A public key infrastructure (PKI) is a set of roles, policies, and procedures needed to create,
manage, distribute, use, store, and revoke digital certifcates and manage public-key
encryption” [78]
●
PKI revolves around a trusted third party model
– If a client trusts the third party then it trusts any certifcates and revocation information issued by
that third party
– Third party roles
●
Registration Authority (RA)
– Responsible for ensuring the binding between user identity and public key
– Should perform enough checks to stop an attacker obtaining a certifcate for
someone elses domain
– Usually rolled into the Certifcate Authority
●
Certifcate Authority (CA)
– Responsible for issuance, handling and revocation of certifcates
– Primary role of a CA is to digitally sign and publish the public key bound to a user
– CA uses it's own private key for signing
– Trust of certifcate relies upon the trust of the CA
Image: http://msdn.microsoft.com/en-us/library/f647097.aspx
29. M. Hooper [April 2018, v1.0]
29
Certifcates and PKI – Certifcate Chains
●
Certifcate Authorities issue certifcates to the end entity (i.e.
user or server)
– Common practice not to issue from the Root CA and to segment issuance through the
use of subordinate CAs
– In this example, the Root CA has sub-CAs for diferent geographic regions and they in
turn have sub-CAs for organisational departments
– Here the end entity certifcate is issued by the Engineering CA in the USA
●
To verify a certifcate you need to follow the chain back to the
Root CA
– Ensure that each certifcate is valid and correctly signed by its parent
– If you successfully reach the Root and you trust the Root CA then you can trust the
certifcate you’re verifying
– Note that this verifcation is a tad more complicated in real life!
Image: https://docs.oracle.com/cd/E19316-01/820-2765/gdzeb/index.html
30. M. Hooper [April 2018, v1.0]
30
Certifcates and PKI – Expiration and Revocation
●
Certifcates have expiration dates but can also be revoked
– Revoking a certifcate marks it as untrusted
– Useful in cases where the keys or CA have been compromised long before the certifcate is due to expire
– When a certifcate is revoked it can no longer be trusted; if it is a CA certifcate this also holds true for all the certifcates that it has
issued (i.e. everything lower in the chain)
●
Note that it’s the responsibility of the device that’s verifying a certifcate to also check revocation status
●
Two revocation mechanisms
– Certifcate Revocation Lists (CRL)
– Online Certifcate Status Protocol (OCSP)
31. M. Hooper [April 2018, v1.0]
31
Certifcates and PKI – Expiration and Revocation
●
Certifcate Revocation List (CRL) [72]
– File containing a list of serial numbers for revoked certifcates
●
Includes details of when the certifcates were revoked and a reason
– Designed for ofine processing by the device performing certifcate verifcation (e.g. a browser connecting to a web server)
– CRLs are issued by a CA for certifcates that it has revoked
– CRLs are signed by the CA so that they can be verifed as authentic
– CRLs have an expiration date
●
To fail secure, when you have a CRL as your revocation checking mechanism but it has expired then you should treat all certifcates from
the CA as revoked – you don’t know what has changed since your CRL fle is out of date
32. M. Hooper [April 2018, v1.0]
32
Certifcates and PKI – Expiration and Revocation
●
Online Certifcate Status Protocol (OCSP) [73]
– Online mechanism consisting of an OCSP Responder, hosted by the CA, and a client verifying a certifcate
– Client sends the certifcate to the OCSP Responder and gets a valid/invalid response
– Responses are signed by the CA so that they can be verifed as authentic
– Adds a dependency on a network service
●
Risk of connectivity issues to the OCSP Responder
●
Information leak as the OCSP Responder is being informed about each certifcate you are verifying
– Techniques such as OCSP Stapling [74, 75] aim to resolve this
34. M. Hooper [April 2018, v1.0]
34
Recommendation 1 – Defence in Depth
●
DO
– Do produce a Threat Model [32, 33, 65]
●
Helps to identify threats and aides in determining appropriate mitigations
●
Will help you decide on your level of risk
●
Will help you determine where it’s appropriate to use TLS
– Do layer your defences
●
Don’t trust a single technology; just in case
●
Raises cost and efort for an attacker
●
DO NOT
– Do not rely solely upon TLS
●
e.g. Don’t send passwords in plain-text; consider a scheme that ofers some protections of it’s own
– Do not assume that the other end will “do the correct thing”
●
You may be talking to a poor implementation of TLS
●
You may be the victim of a Man-in-the-Middle (MitM) attack [35]
35. M. Hooper [April 2018, v1.0]
35
Recommendation 2 – Protocol Versions
●
DO
– Do use a modern protocol version
●
Recommend ≥ TLSv1.1
– Avoid DROWN [36], POODLE [21, 22], BEAST [37] and other attacks against older versions
●
TLSv1.2 supports more modern cipher suites
– Do explicitly confgure protocol version requirements
●
Ensure that you’ve disabled versions you don’t want to use explicitly for your socket/service/package/OS
●
DO NOT
– Do not use old protocol versions [38]
●
Avoid known protocol vulnerabilities; this also means updating regularly
●
Do not use SSL
●
Avoid TLSv1.0 as it has drawbacks
– Allows fallback to SSLv3
– Do not “ofer everything” and rely upon the other end to make the decision
●
You may not be able to trust the other end
36. M. Hooper [April 2018, v1.0]
36
Recommendation 3 – Cipher Suites
●
DO
– Do explicitly confgure cipher suite requirements
●
Ensure that you’ve disabled any cipher suites you’re not happy to use for your socket/service/package/OS
– Do use cipher suites that provide Forward Secrecy [40]
●
Ensures that data is encrypted with an ephemeral key, protecting it from future key compromises
●
E.g. cipher suites using Ephemeral Elliptic-Curve Dife-Hellman for key agreement
– Do use Authenticated Encryption with Additional Data (AEAD) [8, 39] cipher suites
●
Requires TLSv1.2
– Do use algorithms and key sizes that provide ≥ 128bit security
●
Note that this is not the same as the key size
●
128bit security ≈ 3072bit RSA ≈ 256bit Elliptic Curves ≈ AES-128 ≈ SHA-256 [41, 42]
●
Remember that the cipher suite is only as strong as the weakest link
37. M. Hooper [April 2018, v1.0]
37
Recommendation 3 – Cipher Suites
●
DO NOT
– Do not use NULL cipher suites
●
No encryption / authentication
– Do not use EXPORT cipher suites
●
They are ludicrously weak [58]
●
U.S. export regulations in the 1990s limited cryptography
– Do not use known weak or bad algorithms [38]
●
Sounds obvious but you may be ofering/accepting them if you haven’t explicitly disabled them
●
e.g. RC4 [56, 70], DES, 3DES, MD5, SHA-1 [57]
38. M. Hooper [April 2018, v1.0]
38
Recommendation 4 – Key Agreement
●
DO
– Do use cipher suites providing ECDH/EDH based key agreement
– Do use Ephemeral ECDH/DH
●
Provides Forward Secrecy
– Do use a DH key with ≥ 2048bit prime [46]
●
Remember to code/confgure these DH parameters
– Do use a ECDH curve of ≥ 256bit
●
Remember to code/confgure these ECDH parameters
– Do prefer ECDH over DH [47]
●
Stronger protection against precomputation attacks [46]
●
Faster
●
Smaller keys means smaller packets
39. M. Hooper [April 2018, v1.0]
39
Recommendation 4 – Key Agreement
●
DO NOT
– Do not use Anonymous Dife-Hellman
●
Not authenticated so suceptible to Man-in-the-Middle (MitM) attacks
– Do not use a DH key with a prime ≤ 1024bit
●
Broken [46, 47]
– Do not use RSA key exchange
●
Does not provide forward secrecy
●
Your implementation may be vulnerable to ROBOT [55] which would allow attackers to passively record trafc and later decrypt
it
40. M. Hooper [April 2018, v1.0]
40
Recommendation 5 – Certifcates and PKI
●
DO
– Do verify the Subject Alternative Name (SAN) and Common Name (CN) felds
●
They contain the details of who/what the certifcate was issued to
●
Ensures that you have received a certifcate that claims to be from what you’re connecting to
– Do check validity time stamps (up to the root)
●
Certifcates contain Begin and End times and should not be trusted outside of these times
– Do check signatures (up to the root)
●
Verifes issuance and integrity
– Do check constraints and policies (up to the root)
●
End entity certifcates should never be marked as a Certifcate Authority (CA)
●
All certifcates in the chain above the end entity certifcate must be marked as CA certifcates
– i.e. they’re actually allowed to issue and sign certifcates
●
Certifcates should only be used based upon their key usage attribiates
– e.g. an e-mail certifcate should not be used to authenticate a web server
41. M. Hooper [April 2018, v1.0]
41
Recommendation 5 – Certifcates and PKI
●
DO
– Do check revocation status (up to the root)
●
Don’t trust revoked certifcates
●
If a CA is revoked, don’t trust anything that it has issued
– i.e. don’t trust anything below in the chain
– Do only trust the minimum number of Certifcate Authorities
●
Reduces the risk of compromised CAs or accidental certifcate issuance by trusting only the ones you absolutely need
●
Ideally, use your own trust store
– Using the trust store from the platform allows other applications, which you may not control, to impact your trust list
– Do use Certifcate Pinning [79], if possible
●
Explicitly defne the acceptable certifcates or CA for your deployment and “pin” them so that they’re the only certifcates accepted
– e.g. if you have a client that only connects to your infrastructure it only needs to trust the certifcates from your servers
– Be aware that this requires some planning and maintenance to ensure that you update your pins before any expirations
– Do protect the Private Keys
●
Remember to protect Private keys as their compromise allows an attacker to impersonate you or your service
●
Hardware Security Modules (HSMs) [67] are one approach to securing keys
42. M. Hooper [April 2018, v1.0]
42
Recommendation 5 – Certifcates and PKI
●
DO NOT
– Do not ship or hard code private keys
●
They’re called private for a reason!
– Do not use short keys
●
e.g. RSA < 2048bit
– Do not use weak signature schemes
●
e.g. MD5 or SHA-1
– Do not share private keys
●
It may be tempting to share a certifcate around your servers
●
Increases exposure as there are more places the private key can be stolen
– Do not use long lived certifcates
●
Longer life certifcates mean longer exposure window if compromised
●
Not everybody checks revocation information, sadly
43. M. Hooper [April 2018, v1.0]
43
Recommendation 5 – Certifcates and PKI
●
DO NOT
– Do not use wild card certifcates
●
Increases exposure as the same certifcate can be used to impersonate many systems – more damaging if compromised
●
Makes the certifcate more valuable to an attacker
– Do not assume ASCII
●
Certifcates can be UTF-8 and include NULL characters
– Rremember this when parsing!
– Do not use the “needle in haystack” approach when parsing SAN/CN entries
●
Leaves you open to attack so match on the whole string
– e.g. Consider receiving this CN when connecting to example.com: example.com.attacker.org
44. M. Hooper [April 2018, v1.0]
44
Recommendation 6 – Implementation
●
Lots of third-party code and libraries already implement TLS
– They may not have the default behaviour you expect
– They may have APIs or confguration that encourages mistakes
– It’s up to you to use them securely
45. M. Hooper [April 2018, v1.0]
45
Recommendation 6 – Implementation
●
DO
– Do read the documentation for the package/library/OS
– Do keep the package/library/OS up to date but watch the change logs for things that will impact you
– Do explicitly specify permitted protocol versions and cipher suites
●
The defaults may not be what you require
– Do compile out what you don’t want
●
You can’t accidentally use something by mistake if it’s not present
●
e.g. if you compile out SSL support then you can’t accidentally negotiate a SSLv3 connection
●
DO NOT
– Do not assume
●
Default behaviour is often not what you want or expect
●
Many libraries default to an “allow all” approach where client code ofers everything supported and server code accepts anything
46. M. Hooper [April 2018, v1.0]
46
Recommendation 7 – Entropy
●
Encryption relies upon entropy
– i.e. randomness
●
Good sources of entropy (random data) are important
– Without high entropy you can generate some really bad keys
●
Gaining entropy can be difcult
– Embedded, IoT and Virtualised devices can have difculty gaining entropy
– Consider entropy source when designing systems
47. M. Hooper [April 2018, v1.0]
47
Recommendation 7 – Entropy
●
DO
– Do use a good source of entropy
– Do consider adding hardware random number generators to your architecture
●
Some CPUs include this capability
●
DO NOT
– Do not generate keys whilst your entropy pool is low / empty
●
Predictable encryption keys and initialisation data are not good!
Image: https://imgs.xkcd.com/comics/random_number.png
49. M. Hooper [April 2018, v1.0]
49
Tools and Testing
●
OpenSSL [63]
– The OpenSSL command line is a useful resource for testing and verifcation of connection parameters
– cipher
●
Displays information on supported ciphers and the meaning of cipher strings on the platform
●
Note that the behaviour is dependent upon version, compile options and other factors so results will vary between systems
●
e.g. openssl cipher -V ‘ALL’
– s_client
●
Confgurable TLS client
●
Useful for testing connections to a TLS server
●
e.g. openssl s_client -connect address:port -cipher ‘AES’ -tls1_2
– s_server
●
Confgurable TLS server
●
Useful for testing connections from a TLS client
●
e.g. openssl s_server -port 8443 -cert cert.pem -key privkey.pem -no_ssl3 -no_tls1 -cipher 'EECDH'
Image: https://www.openssl.org/
50. M. Hooper [April 2018, v1.0]
50
Tools and Testing
●
SSLyze [60]
– “SSLyze is a Python library and a CLI tool that can analyze the SSL confguration of a server by connecting to it. It is designed to be
fast and comprehensive, and should help organizations and testers identify mis-confgurations afecting their SSL/TLS servers.”
– Good CLI tool that’s also a handy Python library for building your own test tools
– Supports testing for vulnerabilities, protocol support and cipher suite support
●
Nmap [71]
– Nmap is much more than just a port scanner, particularly when its scripting engine is enabled
– Scripts exist for retrieving certifcate information, enumerating and evaluating support protocol versions and cipher suites
– e.g. nmap -vvvv -sS --script ssl-cert,ssl-enum-ciphers google.com
51. M. Hooper [April 2018, v1.0]
51
Tools and Testing
●
Qualys SSL Labs Client Test [51]
– Tool for testing web clients capabilities
– Provides data on the
●
protocols supported
●
cipher suites supported
●
susceptibility to known vulnerabilities
52. M. Hooper [April 2018, v1.0]
52
Tools and Testing
●
Qualys SSL Labs Server Test [51]
– Tool for testing web servers capabilities
– Provides data on the
●
protocols supported
●
cipher suites supported
●
susceptibility to known vulnerabilities
●
certifcate chain
●
supported extensions
– Simulates diferent common clients to help
determine interoperability
– Provides overall score and details on how the
score is calculated with advice on how to
improve
53. M. Hooper [April 2018, v1.0]
53
Tools and Testing
●
BadSSL [68]
– Tool for testing client capabilities
– Provides testing for
●
certifcate parsing
●
key exchange
●
protocol versions
●
HTTP Extensions
●
cipher suites
– Can be downloaded from GitHub and used ofine
●
Useful for building into your test pipelines
Image: https://letsencrypt.org/
54. M. Hooper [April 2018, v1.0]
54
Tools and Testing
●
LetsEncrypt [61]
– “Let’s Encrypt is a free, automated, and open Certifcate Authority.”
– CA providing free server certifcates to all
– Tooling provided for automated deployment and renewal
– Trusted by major OS and Browser versions
– Trusted by the Electronic Frontier Foundation [62]
Image: https://letsencrypt.org/
55. M. Hooper [April 2018, v1.0]
55
Closing
●
Thanks for spending the time looking at these slides, hopefully they proved informative
●
If you have any comments, questions or spot a mistake please leave a comment
56. M. Hooper [April 2018, v1.0]
56
Appendix
●
128bit Symmetric encryption security comparison
– Diferent organisations have calculated comparative strengths; remember that the connection is as strong as the weakest link
https://www.keylength.com/en/compare/
57. M. Hooper [April 2018, v1.0]
57
Appendix
●
256bit Symmetric encryption security comparison
– Diferent organisations have calculated comparative strengths; remember that the connection is as strong as the weakest link
https://www.keylength.com/en/compare/
58. M. Hooper [April 2018, v1.0]
58
Appendix
●
U.S. Commercial Top Secret Recommendations
– If you are building products / services for the U.S. Government then FIPS140 [53] and these standards are worth knowing
https://www.iad.gov/iad/library/ia-guidance/ia-solutions-for-classifed/algorithm-guidance/commercial-national-security-algorithm-suite-factsheet.cfm
59. M. Hooper [April 2018, v1.0]
59
References
[1] Wikipedia – Symmetric encryption
https://en.wikipedia.org/wiki/Symmetric-key_algorithm
[2] Wikipedia – Stream ciphers
https://en.wikipedia.org/wiki/Stream_cipher
[3] Wikipedia – Block ciphers
https://en.wikipedia.org/wiki/Block_cipher
[4] Wikipedia – Cipher Block Chaining Mode
https://en.wikipedia.org/wiki/Block_cipher_mode_of_operation#Cipher_Block_Chaining_(CBC)
[5] Wikipedia – Counter Mode
https://en.wikipedia.org/wiki/Block_cipher_mode_of_operation#Counter_(CTR)
[6] Wikipedia – Counter Mode with CBC-MAC
https://en.wikipedia.org/wiki/CCM_mode
[7] Wikipedia – Galois-Counter Mode
https://en.wikipedia.org/wiki/Galois/Counter_Mode
[8] Wikipedia - Authenticated Encryption with Associated Data
https://en.wikipedia.org/wiki/Authenticated_encryption
60. M. Hooper [April 2018, v1.0]
60
References
[9] Wikipedia – Asymmetric encryption
https://en.wikipedia.org/wiki/Public-key_cryptography
[10] NIST Special Publication 800-57: Recommendation for Key Management
http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-57pt1r4.pdf
[11] Wikipedia – Message Digest
https://en.wikipedia.org/wiki/Cryptographic_hash_function
[12] Wikipedia – Digital Signature
https://en.wikipedia.org/wiki/Digital_signature
[13] Wikipedia – Elliptic-Curve Cryptography
https://en.wikipedia.org/wiki/Elliptic-curve_cryptography
[14] Bulletproof SSL and TLS
https://www.feistyduck.com/books/bulletproof-ssl-and-tls/
[15] Wikipedia – Transport Layer Security
https://en.wikipedia.org/wiki/Transport_Layer_Security
[16] RFC6101 - The Secure Sockets Layer (SSL) Protocol Version 3.0
https://datatracker.ietf.org/doc/rfc6101/
61. M. Hooper [April 2018, v1.0]
61
References
[17] RFC6176 - Prohibiting Secure Sockets Layer (SSL) Version 2.0
https://datatracker.ietf.org/doc/rfc6176/
[18] RFC7568 - Deprecating Secure Sockets Layer Version 3.0
https://datatracker.ietf.org/doc/rfc7568/
[19] RFC2246 - The TLS Protocol Version 1.0
https://datatracker.ietf.org/doc/rfc2246/
[20] RFC4346 - The Transport Layer Security (TLS) Protocol Version 1.1
https://datatracker.ietf.org/doc/rfc4346/
[21] RFC5246 - The Transport Layer Security (TLS) Protocol Version 1.2
https://datatracker.ietf.org/doc/rfc5246/
[22] Qualys - SSL 3 is dead, killed by the POODLE attack
https://blog.qualys.com/ssllabs/2014/10/15/ssl-3-is-dead-killed-by-the-poodle-attack
[23] US-CERT - SSL 3.0 Protocol Vulnerability and POODLE Attack
https://www.us-cert.gov/ncas/alerts/TA14-290A
[24] Wikipedia – RC4 cipher
https://en.wikipedia.org/wiki/RC4
62. M. Hooper [April 2018, v1.0]
62
References
[25] Salsa20
https://cr.yp.to/snufe.html
[26] Wikipedia – IDEA cipher
https://en.wikipedia.org/wiki/International_Data_Encryption_Algorithm
[27] Schneier on Security – The Blowfsh Encryption Algorith
https://www.schneier.com/academic/blowfsh/
[28] NIST FIPS197 – Advanced Encryption Standard (AES)
https://csrc.nist.gov/csrc/media/publications/fps/197/fnal/documents/fps-197.pdf
[29] NIST FIPS180-4 – Secure Hash Standard
https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.180-4.pdf
[30] NIST FIPS186-4 – Digital Signature Standard
https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-4.pdf
[31] Wikipedia – Elliptic-Curve Dife-Hellman
https://en.wikipedia.org/wiki/Elliptic-curve_Dife%E2%80%93Hellman
[32] Microsoft – Threat Modelling
https://msdn.microsoft.com/en-us/library/f648644.aspx
63. M. Hooper [April 2018, v1.0]
63
References
[33] OWASP – Application Threat Modelling
https://www.owasp.org/index.php/Application_Threat_Modeling
[34] Draft-ietf-tls-tls13 - The Transport Layer Security (TLS) Protocol Version 1.3
https://datatracker.ietf.org/doc/draft-ietf-tls-tls13/
[35] OWASP – Man in the Middle Attack
https://www.owasp.org/index.php/Man-in-the-middle_attack
[36] DROWN Attack
https://drownattack.com/
[37] BEAST Attack
http://blog.zoller.lu/2011/09/beast-summary-tls-cbc-countermeasures.html
[38] RFC7457 - Summarizing Known Attacks on Transport Layer Security (TLS) and Datagram TLS (DTLS)
https://datatracker.ietf.org/doc/rfc7457/
[39] RFC5116 - An Interface and Algorithms for Authenticated Encryption
https://datatracker.ietf.org/doc/rfc5116/
[40] TLS and Perfect Forward Secrecy
https://vincent.bernat.im/en/blog/2011-ssl-perfect-forward-secrecy
64. M. Hooper [April 2018, v1.0]
64
References
[41] Cryptographic Key Length Comparison
https://www.keylength.com/en/compare/
[42] Cisco - Next Generation Encryption
https://www.cisco.com/c/en/us/about/security-center/next-generation-cryptography.html
[43] Wikipedia – Dife-Hellman
https://en.wikipedia.org/wiki/Dife%E2%80%93Hellman_key_exchange
[44] Applied Crypto Hardening
https://bettercrypto.org/static/applied-crypto-hardening.pdf
[45] The Heartbleed Bug
http://heartbleed.com/
[46] Weak Dife-Hellman and the Logjam Attack
https://weakdh.org/
[47] Imperfect Forward Secrecy: How Dife-Hellman Fails in Practice
https://weakdh.org/imperfect-forward-secrecy-ccs15.pdf
[48] Internet X.509 Public Key Infrastructure Certifcate and Certifcate Revocation List (CRL) Profle
https://datatracker.ietf.org/doc/rfc5280/
65. M. Hooper [April 2018, v1.0]
65
References
[49] U.K. Government Deparment Digital, Culture, Media and Sport - Secure by Design: Improving the cyber security of consumer Internet of Things Report
https://assets.publishing.service.gov.uk/government/uploads/system/uploads/attachment_data/fle/686089/Secure_by_Design_Report_.pdf
[50] What Is Data Encryption?
https://digitalguardian.com/blog/what-data-encryption
[51] Qualys SSL Labs Projects
https://www.ssllabs.com/projects/index.html
[52] InfoSec Institute – CIA Triad
http://resources.infosecinstitute.com/cia-triad/
[53] NIST FIPS140-2
https://csrc.nist.gov/publications/detail/fps/140/2/fnal
[54] OpenSSL Ciphers
https://www.openssl.org/docs/man1.0.2/apps/ciphers.html
[55] ROBOT attack
https://robotattack.org/
[56] Attack of the week: RC4 is kind of broken in TLS
https://blog.cryptographyengineering.com/2013/03/12/attack-of-week-rc4-is-kind-of-broken-in/
66. M. Hooper [April 2018, v1.0]
66
References
[57] Google - Announcing the frst SHA1 collision
https://security.googleblog.com/2017/02/announcing-frst-sha1-collision.html
[58] Portcullis Labs - SSL and Export Ciphers: Logjam and FREAK
https://labs.portcullis.co.uk/blog/ssl-and-export-ciphers-logjam-and-freak/
[59] Future of SSL in doubt? Researcher Marlinspike unveils alternative to certifcate authorities
https://www.infosecurity-magazine.com/news/future-of-ssl-in-doubt-researcher-marlinspike/
[60] SSLyze
https://github.com/nabla-c0d3/sslyze
[61] LetsEncrypt
https://letsencrypt.org/
[62] Electronic Frontier Foundation
https://www.ef.org/
[63] OpenSSL
https://www.openssl.org/
[64] Decrypting TLS Browser Trafc With Wireshark – The Easy Way! (Windows)
https://jimshaver.net/2015/02/11/decrypting-tls-browser-trafc-with-wireshark-the-easy-way/
67. M. Hooper [April 2018, v1.0]
67
References
[65] OWASP Threat Dragon
https://www.owasp.org/index.php/OWASP_Threat_Dragon
[66] Oracle - Certifcate-based Authentication
https://docs.oracle.com/cd/E19316-01/820-2765/gdzeb/index.html
[67] Wikipedia - Hardware security module
https://en.wikipedia.org/wiki/Hardware_security_module
[68] BadSSL
https://badssl.com/
[69] On the (provable) security of TLS: Part 1
https://blog.cryptographyengineering.com/2012/09/06/on-provable-security-of-tls-part-1/
[70] Attack of the week: RC4 is kind of broken in TLS
https://blog.cryptographyengineering.com/2013/03/12/attack-of-week-rc4-is-kind-of-broken-in/
[71] Nmap
https://nmap.org/
[72] RFC5280 - Internet X.509 Public Key Infrastructure Certifcate and Certifcate Revocation List (CRL) Profle
https://datatracker.ietf.org/doc/rfc5280/
68. M. Hooper [April 2018, v1.0]
68
References
[73] RFC6960 - X.509 Internet Public Key Infrastructure Online Certifcate Status Protocol – OCSP
https://datatracker.ietf.org/doc/rfc6960/
[74] Transport Layer Security (TLS) Extensions: Extension Defnitions
https://datatracker.ietf.org/doc/rfc6066/
[75] OCSP Stapling: How CloudFlare Just Made SSL 30% Faster
https://blog.cloudfare.com/ocsp-stapling-how-cloudfare-just-made-ssl-30/
[76] How to choose an Authenticated Encryption mode
https://blog.cryptographyengineering.com/2012/05/19/how-to-choose-authenticated-encryption/
[77] RFC6749 - The OAuth 2.0 Authorization Framework
https://datatracker.ietf.org/doc/rfc6749/
[78] Wikipedia - Public key infrastructure
https://en.wikipedia.org/wiki/Public_key_infrastructure
[79] OWASP - Certifcate and Public Key Pinning
https://www.owasp.org/index.php/Certifcate_and_Public_Key_Pinning