Cryptography

Introduction to the TLS/SSL cryptography protocol

SSL stands for Secure Socket Layer. First version of SSL was developed by Netscape in 1995. SSL is the industry standard to establish secure internet connection when any data is being transmitted between two or more computers.Thus, SSL prevents attackers from intercepting/reading and modifying any data which is being sent over the internet.

SSL basically makes use of encryption to ensure the data being transmitted is safe and cannot be accessed by an attacker, thus preventing attackers from reading and changing the data.

Learn Applied Cryptography

Build your applied cryptography and cryptanalysis skills with 13 courses covering hashing, PKI, SSL/TLS, full disk encryption and more.

Start Learning

SSL versions

Following versions of SSL have been released along with the year as mentioned below:

SSL 1.0 - This was not released because of inherent security issues.

SSL 2.0 - Released in 1995. It had many security flaws present in it. Deprecated in 2011.
SSL 3.0 - Latest version of SSL. Released in 1996 to address security issues in SSL 2.0, deprecated in 2015. SSL 3.0 had the ability to roll back to SSL 2.0 when a client supporting 2.0 was encountered.

TLS

TLS stands for Transport Layer Security. First version of TLS was developed by the Internet Engineering Task Force (IETF) in 1999. In simple words, TLS is an updated and more secure version of SSL.

TLS versions

Following versions of TLS have been released along with the year as mentioned -

TLS 1.0 - Defined in RFC 2246 and was released in January 1999. It is an upgrade from SSL 3.0 and there isn't much difference between SSL 3.0 & TLS 1.0,but they don`t interoperate with each other.

TLS 1.1 - TLS 1.1 has been defined in RFC 4346 and was released in April 2006. TLS 1.1 is an update to TLS 1.0

TLS 1.2 - TLS 1.2 has been defined in RFC 5246 and was released in Aug 2008. TLS 1.2 is an update to TLS 1.1
TLS 1.3 - TLS 1.3 has been defined in RFC 8446 and was released in Aug 2018. TLS 1.3 is an update to TLS 1.2

Primary use case of both SSL and TLS is encrypting the data being sent between the web applications and servers. SSL/TLS can also be used for encrypting other communications such as messaging, email and voice over IP (VoIP)

Many times when you connect to a website from a browser, the browser displays a small padlock to the left of the web address. This padlock notifies that the website is using SSL/TLS to encrypt the data being sent between the website and the server. This is one of the ways to identify whether the communication is happening over HTTP or HTTPS.

SSL and TLS differences

Below table highlights major difference between SSL and TLS

SSL TLS

Stands for Secure Socket Layer. Stands for Transport Layer Security.

First version was developed by Netscape in 1995. First version was developed by the Internet Engineering Task Force (IETF) in 1999.

SSL supports the Fortezza algorithm. TLS doesn’t support the Fortezza algorithm.

Latest version - 3.0 Latest version - `1.3

Message digest is used for creating master secrets. Pseudo-random function is used for creating master secrets.

Message Authentication Code protocol is used. Hashed Message Authentication Code protocol is used.

SSL is more complex than TLS TLS is simple.

SSL is less secure as compared to TLS TLS provides high security.

All versions of SSL have vulnerabilities, thus all have been deprecated. TLS 1.0 & 1.1 have been “broken” and have been deprecated as of March 2020. TLS 1.2 is the most widely deployed protocol version in use.

Cipher suites

SSL/TLS Cipher suites are lists of algorithms which help secure a network by encrypting the data between two systems. It is of the form:

PROTOCOL_KEY EXCHANGE ALGORITHM_DIGITAL SIGNATURE ALGORITHM_BULK ENCRYPTION ALGORITHM_HASHING ALGORITHM

Example - TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256

SSL/TLS make use of various cipher suites. Some of the ciphers are vulnerable while some are safe to use. List of ciphers which are safe to use have been listed below -

TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
TLS_DHE_RSA_WITH_AES_128_CBC_SHA
TLS_DHE_RSA_WITH_AES_256_CBC_SHA
TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305
TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305

TLS certificate cipher check

Many times during penetration testing there arises a scenario where we have to check whether the TLS certificate does not run any vulnerable ciphers. It is not feasible to check this manually, thus we need some automation or tool to get this done. There are many tools to get this done.

An alternative to this is to use a website called ssllabs by Qualys. The URL is https://www.ssllabs.com/ssltest/ . One just has to pass the HTTPS URL to the website and it automatically does all the job of verifying the ciphers and other details which need to be done in a certificate.

Learn Applied Cryptography

Build your applied cryptography and cryptanalysis skills with 13 courses covering hashing, PKI, SSL/TLS, full disk encryption and more.

Start Learning

Sources

Posted: February 4, 2021

Nitesh Malviya

View Profile

Nitesh Malviya is a Security Consultant. He has prior experience in Web Appsec, Mobile Appsec and VAPT. At present he works on IoT, Radio and Cloud Security and open to explore various domains of CyberSecurity. He can be reached on his personal blog - https://nitmalviya03.wordpress.com/ and Linkedin - https://www.linkedin.com/in/nitmalviya03/.