TLS v1.3
•Download as PPTX, PDF•
3 likes•476 views
TLS 1.3 right from basics of what and why to technicalities oh handshake, improvements and caveats.
Recommended
More Related Content
What's hot
What's hot (20)
Similar to TLS v1.3
Similar to TLS v1.3 (20)
Recently uploaded
Recently uploaded (20)
TLS v1.3
- 1. RAJAN SINGH SIDDHARTHA RAO SANKET KAMATH GAURAV SHINDE Transport Layer Security (TLS) 1.3
- 3. • Authentication • Confidentiality • Integrity
- 4. Solution: - • Secure Connection • SSL Protocol • Different Versions
- 5. Agenda: • What is SSL? • Evolution from SSL to TLS • TLS in a nutshell • TLS 1.2 vs 1.3 • Handshake • Resumption • Forward secrecy • 2 caveats in TLS 1.3
- 7. What is SSL ? ➢Secure Socket Layer is a method to secure and encrypt sensitive information. ➢ HTTPS ➢ SSL v1.0, V2.0, V3.0
- 8. Vulnerabilities • BEAST - 2011 • POODLE - 2014 Impact • By exploiting this vulnerability, an attacker can gain access to things like passwords and cookies, enabling him to access a user’s private account data on a website.
- 9. Evolution from SSL to TLS • Browsers and websites need to turn off SSLv3 and use more modern security protocols as soon as possible, in order to avoid compromising users’ private information.
- 10. TLS in a Nutshell • Developed by IETF in 1999 • Revised to TLS v1.1 in 2006 • Again, revised Tls v1.2 in 2008 • SSL v3.0 served as a basis for TLS 1.0 and closely related to SSL 3.0, and is sometimes referred to as "SSL 3.1" • Algorithms used: • Key Exchange: ECDHE-RSA, PSK etc • Cipher: AES CBC • Hashing: HMAC - MD5, SHA1
- 11. TLS in a Nutshell • 3 properties offered by TLS connection: • Private connection due to symmetric key encryption • Authentication due to public key encryption • Ensures integrity due to message integrity check
- 12. TLS in a Nutshell TLS handshake
- 13. What is TLS 1.3
- 17. 0-RTT Resumption
- 20. TLS 1.3 Caveats
- 21. Counter measures against Replay attacks
- 22. Thank you!