SlideShare a Scribd company logo

Introduction to TLS 1.3

n|u - The Open Security Community
n|u - The Open Security Community

Introduction to TLS 1.3

Education
1 of 11
Download to read offline
INTRODUCTION TO TLS 1.3 Presented by Vedant Jain NULL BHOPAL MONTHLY MEET JANUARY 2020
SUMMARY OF CONTENTS OUR MAIN TOPICS TODAY What is Transport Layer Security Whats New in TLS 1.3 How TLS Achieves This Key Goals of TLS 1.3 Security Benefits Privacy Benefits Difference between Handshake in TLS 1.2 & 1.3
WHAT IS TLS THE BEGINNING OF TRANSPORT LAYER SECURITY Probably the Internet’s most important security protocol Designed over 20 years ago by Netscape for Web transactions But used for just about everything you can think of Maintained by the Internet Engineering Task Force – Back then, called Secure Sockets Layer – HTTP – SSL-VPNs – E-mail – Voice/video – IoT – We’re now at version 1.2
WHATS NEW IN TLS 1.3 TLS 1.3 offers some great improvements over TLS 1.2. Vulnerable optional parts of the protocol have been removed, there’s support for stronger ciphers required to implement perfect forward secrecy (PFS), and the handshake process has been significantly shortened. In addition, implementing TLS 1.3 should be relatively simple. You can use the same keys you used for TLS 1.2. Clients and servers will automatically negotiate a TLS 1.3 handshake when they both support it, and Google Chrome and Mozilla Firefox already do it by default.
TLS ACHIEVES THIS USING VARIOUS TECHNIQUES… – Symmetric key encryption for application data. – Typically Advanced Encryption Standard (AES). PRIVACY – Authenticated Encryption with Additional Data (AEAD). – Usually AES-GCM (Galois/Counter Mode) cipher mode. INTEGRITY – X509 certificates signed by a mutually trusted third party. – Typically server authenticated only. AUTHENTICATION
KEY GOALS OF TLS 1.3 Clean up - Remove unsafe or Unused features Security - Improve security w/modern techniques Privacy - Encrypt more of the protocol. Performance -1-RTT and 0-RTT handshakes Continuity - Backwards compatibility
SECURITY BENEFITS Although TLS 1.2 can still be deployed securely, several high-profile vulnerabilities have exploited optional parts of the protocol and outdated ciphers. TLS 1.3 removes many of these problematic options and only includes support for algorithms with no known vulnerabilities (at this time). The IETF chose to remove all ciphers that do not support PFS from TLS connections. These include DES, AESCBC, RC4, and other ciphers less commonly used.
PRIVACY BENEFITS TLS 1.3 also enables PFS(Perfect Forward Secrecy) by default. This cryptographic technique adds another layer of confidentiality to an encrypted session, ensuring that only the two endpoints can decrypt the traffic. With PFS, even if a third party were to record an encrypted session, and later gain access to the server private key, they could not use that key to decrypt the session.
HANDSHAKE TLS1.2 HANDSHAKE TLS1.3
REFERENCES WOULD I PREFERRED… http://web.stanford.edu/class/ee380/Abstracts/151118-slides.pdf https://www.owasp.org/images/9/91/OWASPLondon20180125_TLSv1.3_ Andy_Brodie.pdf https://www.cloudflare.com/learning-resources/tls-1-3/ https://www.f5.com/pdf/products/tls1-3_are-you-ready.pdf
QUESTIONS? COMMENTS? LET US KNOW! @Vedant__Jain TWITTER jainvedant786@gmail.com EMAIL

Recommended

SSL TLS Protocol
SSL TLS ProtocolSSL TLS Protocol
SSL TLS ProtocolDevang Badrakiya
 
Ssl and tls
Ssl and tlsSsl and tls
Ssl and tlsRana assad ali
 
Ssl (Secure Sockets Layer)
Ssl (Secure Sockets Layer)Ssl (Secure Sockets Layer)
Ssl (Secure Sockets Layer)Asad Ali
 
What is SSL ? The Secure Sockets Layer (SSL) Protocol
What is SSL ? The Secure Sockets Layer (SSL) ProtocolWhat is SSL ? The Secure Sockets Layer (SSL) Protocol
What is SSL ? The Secure Sockets Layer (SSL) ProtocolMohammed Adam
 
Transport layer security (tls)
Transport layer security (tls)Transport layer security (tls)
Transport layer security (tls)Kalpesh Kalekar
 
6. cryptography
6. cryptography6. cryptography
6. cryptography7wounders
 
SSL
SSLSSL
SSLtheekuchi
 
Cryptography
CryptographyCryptography
Cryptographygueste4c97e
 

Recommended

SSL TLS Protocol
SSL TLS ProtocolSSL TLS Protocol
SSL TLS ProtocolDevang Badrakiya
 
Ssl and tls
Ssl and tlsSsl and tls
Ssl and tlsRana assad ali
 
Ssl (Secure Sockets Layer)
Ssl (Secure Sockets Layer)Ssl (Secure Sockets Layer)
Ssl (Secure Sockets Layer)Asad Ali
 
What is SSL ? The Secure Sockets Layer (SSL) Protocol
What is SSL ? The Secure Sockets Layer (SSL) ProtocolWhat is SSL ? The Secure Sockets Layer (SSL) Protocol
What is SSL ? The Secure Sockets Layer (SSL) ProtocolMohammed Adam
 
Transport layer security (tls)
Transport layer security (tls)Transport layer security (tls)
Transport layer security (tls)Kalpesh Kalekar
 
6. cryptography
6. cryptography6. cryptography
6. cryptography7wounders
 
SSL
SSLSSL
SSLtheekuchi
 
Cryptography
CryptographyCryptography
Cryptographygueste4c97e
 
Secure Socket Layer (SSL)
Secure Socket Layer (SSL)Secure Socket Layer (SSL)
Secure Socket Layer (SSL)amanchaurasia
 
Kriptoloji kriptolama teknikleri
Kriptoloji kriptolama teknikleriKriptoloji kriptolama teknikleri
Kriptoloji kriptolama teknikleriselimcihan
 
SSL/TLS
SSL/TLSSSL/TLS
SSL/TLSSirish Kumar
 
Secure Socket Layer
Secure Socket LayerSecure Socket Layer
Secure Socket LayerPina Parmar
 
Information Security Cryptography ( L02- Types Cryptography)
Information Security Cryptography ( L02- Types Cryptography)Information Security Cryptography ( L02- Types Cryptography)
Information Security Cryptography ( L02- Types Cryptography)Anas Rock
 
Cryptography
CryptographyCryptography
CryptographySagar Janagonda
 
Encryption and Key Distribution Methods
Encryption and Key Distribution MethodsEncryption and Key Distribution Methods
Encryption and Key Distribution MethodsGulcin Yildirim Jelinek
 
TLS/SSL Internet Security Talk
TLS/SSL Internet Security TalkTLS/SSL Internet Security Talk
TLS/SSL Internet Security TalkNisheed KM
 
Ch11 Basic Cryptography
Ch11 Basic CryptographyCh11 Basic Cryptography
Ch11 Basic CryptographyInformation Technology
 
SSL intro
SSL introSSL intro
SSL introThree Lee
 
IP Security
IP SecurityIP Security
IP SecurityAmbo University
 
X.509 Certificates
X.509 CertificatesX.509 Certificates
X.509 CertificatesSou Jana
 
SSH - Secure Shell
SSH - Secure ShellSSH - Secure Shell
SSH - Secure ShellPeter R. Egli
 
SSL/TLS 101
SSL/TLS 101SSL/TLS 101
SSL/TLS 101Chul-Woong Yang
 
5 Cryptography Part1
5 Cryptography Part15 Cryptography Part1
5 Cryptography Part1Alfred Ouyang
 
End to End Encryption in 10 minutes -
End to End Encryption in 10 minutes - End to End Encryption in 10 minutes -
End to End Encryption in 10 minutes - Thomas Seropian
 
Introduction To PKI Technology
Introduction To PKI TechnologyIntroduction To PKI Technology
Introduction To PKI TechnologySylvain Maret
 
SHA- Secure hashing algorithm
SHA- Secure hashing algorithmSHA- Secure hashing algorithm
SHA- Secure hashing algorithmRuchi Maurya
 
Ssh (The Secure Shell)
Ssh (The Secure Shell)Ssh (The Secure Shell)
Ssh (The Secure Shell)Mehedi Farazi
 
HTTP vs HTTPS Difference
HTTP vs HTTPS Difference HTTP vs HTTPS Difference
HTTP vs HTTPS Difference Real Estate
 
Difference between TLS 1.2 vs TLS 1.3 and tutorial of TLS2 and TLS2 version c...
Difference between TLS 1.2 vs TLS 1.3 and tutorial of TLS2 and TLS2 version c...Difference between TLS 1.2 vs TLS 1.3 and tutorial of TLS2 and TLS2 version c...
Difference between TLS 1.2 vs TLS 1.3 and tutorial of TLS2 and TLS2 version c...jeetendra mandal
 
Transport Layer Security
Transport Layer Security Transport Layer Security
Transport Layer Security Ibrahiem Mohammed
 

More Related Content

What's hot

Secure Socket Layer (SSL)
Secure Socket Layer (SSL)Secure Socket Layer (SSL)
Secure Socket Layer (SSL)amanchaurasia
 
Kriptoloji kriptolama teknikleri
Kriptoloji kriptolama teknikleriKriptoloji kriptolama teknikleri
Kriptoloji kriptolama teknikleriselimcihan
 
Secure Socket Layer
Secure Socket LayerSecure Socket Layer
Secure Socket LayerPina Parmar
 
Information Security Cryptography ( L02- Types Cryptography)
Information Security Cryptography ( L02- Types Cryptography)Information Security Cryptography ( L02- Types Cryptography)
Information Security Cryptography ( L02- Types Cryptography)Anas Rock
 
TLS/SSL Internet Security Talk
TLS/SSL Internet Security TalkTLS/SSL Internet Security Talk
TLS/SSL Internet Security TalkNisheed KM
 
X.509 Certificates
X.509 CertificatesX.509 Certificates
X.509 CertificatesSou Jana
 
5 Cryptography Part1
5 Cryptography Part15 Cryptography Part1
5 Cryptography Part1Alfred Ouyang
 
End to End Encryption in 10 minutes -
End to End Encryption in 10 minutes - End to End Encryption in 10 minutes -
End to End Encryption in 10 minutes - Thomas Seropian
 
Introduction To PKI Technology
Introduction To PKI TechnologyIntroduction To PKI Technology
Introduction To PKI TechnologySylvain Maret
 
SHA- Secure hashing algorithm
SHA- Secure hashing algorithmSHA- Secure hashing algorithm
SHA- Secure hashing algorithmRuchi Maurya
 
Ssh (The Secure Shell)
Ssh (The Secure Shell)Ssh (The Secure Shell)
Ssh (The Secure Shell)Mehedi Farazi
 
HTTP vs HTTPS Difference
HTTP vs HTTPS Difference HTTP vs HTTPS Difference
HTTP vs HTTPS Difference Real Estate
 

What's hot (20)

Secure Socket Layer (SSL)
Secure Socket Layer (SSL)Secure Socket Layer (SSL)
Secure Socket Layer (SSL)
 
Kriptoloji kriptolama teknikleri
Kriptoloji kriptolama teknikleriKriptoloji kriptolama teknikleri
Kriptoloji kriptolama teknikleri
 
SSL/TLS
SSL/TLSSSL/TLS
SSL/TLS
 
Secure Socket Layer
Secure Socket LayerSecure Socket Layer
Secure Socket Layer
 
Information Security Cryptography ( L02- Types Cryptography)
Information Security Cryptography ( L02- Types Cryptography)Information Security Cryptography ( L02- Types Cryptography)
Information Security Cryptography ( L02- Types Cryptography)
 
Cryptography
CryptographyCryptography
Cryptography
 
Encryption and Key Distribution Methods
Encryption and Key Distribution MethodsEncryption and Key Distribution Methods
Encryption and Key Distribution Methods
 
TLS/SSL Internet Security Talk
TLS/SSL Internet Security TalkTLS/SSL Internet Security Talk
TLS/SSL Internet Security Talk
 
Ch11 Basic Cryptography
Ch11 Basic CryptographyCh11 Basic Cryptography
Ch11 Basic Cryptography
 
SSL intro
SSL introSSL intro
SSL intro
 
IP Security
IP SecurityIP Security
IP Security
 
X.509 Certificates
X.509 CertificatesX.509 Certificates
X.509 Certificates
 
SSH - Secure Shell
SSH - Secure ShellSSH - Secure Shell
SSH - Secure Shell
 
SSL/TLS 101
SSL/TLS 101SSL/TLS 101
SSL/TLS 101
 
5 Cryptography Part1
5 Cryptography Part15 Cryptography Part1
5 Cryptography Part1
 
End to End Encryption in 10 minutes -
End to End Encryption in 10 minutes - End to End Encryption in 10 minutes -
End to End Encryption in 10 minutes -
 
Introduction To PKI Technology
Introduction To PKI TechnologyIntroduction To PKI Technology
Introduction To PKI Technology
 
SHA- Secure hashing algorithm
SHA- Secure hashing algorithmSHA- Secure hashing algorithm
SHA- Secure hashing algorithm
 
Ssh (The Secure Shell)
Ssh (The Secure Shell)Ssh (The Secure Shell)
Ssh (The Secure Shell)
 
HTTP vs HTTPS Difference
HTTP vs HTTPS Difference HTTP vs HTTPS Difference
HTTP vs HTTPS Difference
 

Similar to Introduction to TLS 1.3

Difference between TLS 1.2 vs TLS 1.3 and tutorial of TLS2 and TLS2 version c...
Difference between TLS 1.2 vs TLS 1.3 and tutorial of TLS2 and TLS2 version c...Difference between TLS 1.2 vs TLS 1.3 and tutorial of TLS2 and TLS2 version c...
Difference between TLS 1.2 vs TLS 1.3 and tutorial of TLS2 and TLS2 version c...jeetendra mandal
 
TLS 1.3: Everything You Need to Know - CheapSSLsecurity
TLS 1.3: Everything You Need to Know - CheapSSLsecurityTLS 1.3: Everything You Need to Know - CheapSSLsecurity
TLS 1.3: Everything You Need to Know - CheapSSLsecurityCheapSSLsecurity
 
Comparative Analysis of Open-SSL Vulnerabilities & Heartbleed Exploit Detection
Comparative Analysis of Open-SSL Vulnerabilities & Heartbleed Exploit DetectionComparative Analysis of Open-SSL Vulnerabilities & Heartbleed Exploit Detection
Comparative Analysis of Open-SSL Vulnerabilities & Heartbleed Exploit DetectionCSCJournals
 
Study and analysis of some known attacks on transport layer security
Study and analysis of some known attacks on transport layer securityStudy and analysis of some known attacks on transport layer security
Study and analysis of some known attacks on transport layer securityNazmul Hossain Rakib
 
Vulnerability-tolerant Transport Layer Security
Vulnerability-tolerant Transport Layer SecurityVulnerability-tolerant Transport Layer Security
Vulnerability-tolerant Transport Layer SecurityMiguel Pardal
 
BSET_Lecture_Crypto and SSL_Overview_FINAL
BSET_Lecture_Crypto and SSL_Overview_FINALBSET_Lecture_Crypto and SSL_Overview_FINAL
BSET_Lecture_Crypto and SSL_Overview_FINALGlenn Haley
 
Why Many Websites are still Insecure (and How to Fix Them)
Why Many Websites are still Insecure (and How to Fix Them)Why Many Websites are still Insecure (and How to Fix Them)
Why Many Websites are still Insecure (and How to Fix Them)Cloudflare
 
OSDC 2018 | Hitchhiker’s guide to TLS 1.3 and GnuTLS by Ander Juaristi Alamos
OSDC 2018 | Hitchhiker’s guide to TLS 1.3 and GnuTLS by Ander Juaristi AlamosOSDC 2018 | Hitchhiker’s guide to TLS 1.3 and GnuTLS by Ander Juaristi Alamos
OSDC 2018 | Hitchhiker’s guide to TLS 1.3 and GnuTLS by Ander Juaristi AlamosNETWAYS
 
Secure Sockets Layer(SSL)Certificate
Secure Sockets Layer(SSL)CertificateSecure Sockets Layer(SSL)Certificate
Secure Sockets Layer(SSL)CertificateCheapSSLUSA
 
Egor Podmokov - TLS from security point of view
Egor Podmokov - TLS from security point of viewEgor Podmokov - TLS from security point of view
Egor Podmokov - TLS from security point of viewSergey Arkhipov
 
BlueHat v17 || TLS 1.3 - Full speed ahead... mind the warnings - the great, t...
BlueHat v17 || TLS 1.3 - Full speed ahead... mind the warnings - the great, t...BlueHat v17 || TLS 1.3 - Full speed ahead... mind the warnings - the great, t...
BlueHat v17 || TLS 1.3 - Full speed ahead... mind the warnings - the great, t...BlueHat Security Conference
 
Ten new topics on security+ 2011 (sy0 301) (domain 1.0 network security)
Ten new topics on security+ 2011 (sy0 301) (domain 1.0 network security)Ten new topics on security+ 2011 (sy0 301) (domain 1.0 network security)
Ten new topics on security+ 2011 (sy0 301) (domain 1.0 network security)chhoup
 
ssl-tls-ipsec-vpn.pptx
ssl-tls-ipsec-vpn.pptxssl-tls-ipsec-vpn.pptx
ssl-tls-ipsec-vpn.pptxjithu26327
 

Similar to Introduction to TLS 1.3 (20)

Difference between TLS 1.2 vs TLS 1.3 and tutorial of TLS2 and TLS2 version c...
Difference between TLS 1.2 vs TLS 1.3 and tutorial of TLS2 and TLS2 version c...Difference between TLS 1.2 vs TLS 1.3 and tutorial of TLS2 and TLS2 version c...
Difference between TLS 1.2 vs TLS 1.3 and tutorial of TLS2 and TLS2 version c...
 
Transport Layer Security
Transport Layer Security Transport Layer Security
Transport Layer Security
 
TLS 1.3: Everything You Need to Know - CheapSSLsecurity
TLS 1.3: Everything You Need to Know - CheapSSLsecurityTLS 1.3: Everything You Need to Know - CheapSSLsecurity
TLS 1.3: Everything You Need to Know - CheapSSLsecurity
 
Comparative Analysis of Open-SSL Vulnerabilities & Heartbleed Exploit Detection
Comparative Analysis of Open-SSL Vulnerabilities & Heartbleed Exploit DetectionComparative Analysis of Open-SSL Vulnerabilities & Heartbleed Exploit Detection
Comparative Analysis of Open-SSL Vulnerabilities & Heartbleed Exploit Detection
 
Rootconf2019
Rootconf2019Rootconf2019
Rootconf2019
 
Study and analysis of some known attacks on transport layer security
Study and analysis of some known attacks on transport layer securityStudy and analysis of some known attacks on transport layer security
Study and analysis of some known attacks on transport layer security
 
Vulnerability-tolerant Transport Layer Security
Vulnerability-tolerant Transport Layer SecurityVulnerability-tolerant Transport Layer Security
Vulnerability-tolerant Transport Layer Security
 
Sequere socket Layer
Sequere socket LayerSequere socket Layer
Sequere socket Layer
 
Cours4.pptx
Cours4.pptxCours4.pptx
Cours4.pptx
 
BSET_Lecture_Crypto and SSL_Overview_FINAL
BSET_Lecture_Crypto and SSL_Overview_FINALBSET_Lecture_Crypto and SSL_Overview_FINAL
BSET_Lecture_Crypto and SSL_Overview_FINAL
 
Why Many Websites are still Insecure (and How to Fix Them)
Why Many Websites are still Insecure (and How to Fix Them)Why Many Websites are still Insecure (and How to Fix Them)
Why Many Websites are still Insecure (and How to Fix Them)
 
OSDC 2018 | Hitchhiker’s guide to TLS 1.3 and GnuTLS by Ander Juaristi Alamos
OSDC 2018 | Hitchhiker’s guide to TLS 1.3 and GnuTLS by Ander Juaristi AlamosOSDC 2018 | Hitchhiker’s guide to TLS 1.3 and GnuTLS by Ander Juaristi Alamos
OSDC 2018 | Hitchhiker’s guide to TLS 1.3 and GnuTLS by Ander Juaristi Alamos
 
Tls 1.3
Tls 1.3Tls 1.3
Tls 1.3
 
Secure Sockets Layer(SSL)Certificate
Secure Sockets Layer(SSL)CertificateSecure Sockets Layer(SSL)Certificate
Secure Sockets Layer(SSL)Certificate
 
Egor Podmokov - TLS from security point of view
Egor Podmokov - TLS from security point of viewEgor Podmokov - TLS from security point of view
Egor Podmokov - TLS from security point of view
 
BlueHat v17 || TLS 1.3 - Full speed ahead... mind the warnings - the great, t...
BlueHat v17 || TLS 1.3 - Full speed ahead... mind the warnings - the great, t...BlueHat v17 || TLS 1.3 - Full speed ahead... mind the warnings - the great, t...
BlueHat v17 || TLS 1.3 - Full speed ahead... mind the warnings - the great, t...
 
Ten new topics on security+ 2011 (sy0 301) (domain 1.0 network security)
Ten new topics on security+ 2011 (sy0 301) (domain 1.0 network security)Ten new topics on security+ 2011 (sy0 301) (domain 1.0 network security)
Ten new topics on security+ 2011 (sy0 301) (domain 1.0 network security)
 
SSL VS TLS.pptx
SSL VS TLS.pptxSSL VS TLS.pptx
SSL VS TLS.pptx
 
Telnet presentation
Telnet presentationTelnet presentation
Telnet presentation
 
ssl-tls-ipsec-vpn.pptx
ssl-tls-ipsec-vpn.pptxssl-tls-ipsec-vpn.pptx
ssl-tls-ipsec-vpn.pptx
 

More from n|u - The Open Security Community

Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...
Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...
Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...n|u - The Open Security Community
 

More from n|u - The Open Security Community (20)

Hardware security testing 101 (Null - Delhi Chapter)
Hardware security testing 101 (Null - Delhi Chapter)Hardware security testing 101 (Null - Delhi Chapter)
Hardware security testing 101 (Null - Delhi Chapter)
 
Osint primer
Osint primerOsint primer
Osint primer
 
SSRF exploit the trust relationship
SSRF exploit the trust relationshipSSRF exploit the trust relationship
SSRF exploit the trust relationship
 
Nmap basics
Nmap basicsNmap basics
Nmap basics
 
Metasploit primary
Metasploit primaryMetasploit primary
Metasploit primary
 
Api security-testing
Api security-testingApi security-testing
Api security-testing
 
Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...
Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...
Gibson 101 -quick_introduction_to_hacking_mainframes_in_2020_null_infosec_gir...
 
Talking About SSRF,CRLF
Talking About SSRF,CRLFTalking About SSRF,CRLF
Talking About SSRF,CRLF
 
Building active directory lab for red teaming
Building active directory lab for red teamingBuilding active directory lab for red teaming
Building active directory lab for red teaming
 
Owning a company through their logs
Owning a company through their logsOwning a company through their logs
Owning a company through their logs
 
Introduction to shodan
Introduction to shodanIntroduction to shodan
Introduction to shodan
 
Cloud security
Cloud security Cloud security
Cloud security
 
Detecting persistence in windows
Detecting persistence in windowsDetecting persistence in windows
Detecting persistence in windows
 
Frida - Objection Tool Usage
Frida - Objection Tool UsageFrida - Objection Tool Usage
Frida - Objection Tool Usage
 
OSQuery - Monitoring System Process
OSQuery - Monitoring System ProcessOSQuery - Monitoring System Process
OSQuery - Monitoring System Process
 
DevSecOps Jenkins Pipeline -Security
DevSecOps Jenkins Pipeline -SecurityDevSecOps Jenkins Pipeline -Security
DevSecOps Jenkins Pipeline -Security
 
Extensible markup language attacks
Extensible markup language attacksExtensible markup language attacks
Extensible markup language attacks
 
Linux for hackers
Linux for hackersLinux for hackers
Linux for hackers
 
Android Pentesting
Android PentestingAndroid Pentesting
Android Pentesting
 
News bytes null 200314121904
News bytes null 200314121904News bytes null 200314121904
News bytes null 200314121904
 

Recently uploaded

Beyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactBeyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactPECB
 
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...christianmathematics
 
Unit-V; Pricing (Pharma Marketing Management).pptx
Unit-V; Pricing (Pharma Marketing Management).pptxUnit-V; Pricing (Pharma Marketing Management).pptx
Unit-V; Pricing (Pharma Marketing Management).pptxVishalSingh1417
 
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in DelhiRussian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhikauryashika82
 
Making and Justifying Mathematical Decisions.pdf
Making and Justifying Mathematical Decisions.pdfMaking and Justifying Mathematical Decisions.pdf
Making and Justifying Mathematical Decisions.pdfChris Hunter
 
Z Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphZ Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphThiyagu K
 
Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Celine George
 
ICT Role in 21st Century Education & its Challenges.pptx
ICT Role in 21st Century Education & its Challenges.pptxICT Role in 21st Century Education & its Challenges.pptx
ICT Role in 21st Century Education & its Challenges.pptxAreebaZafar22
 
Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptxBasic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptxDenish Jangid
 
Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104misteraugie
 
How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17Celine George
 
SECOND SEMESTER TOPIC COVERAGE SY 2023-2024 Trends, Networks, and Critical Th...
SECOND SEMESTER TOPIC COVERAGE SY 2023-2024 Trends, Networks, and Critical Th...SECOND SEMESTER TOPIC COVERAGE SY 2023-2024 Trends, Networks, and Critical Th...
SECOND SEMESTER TOPIC COVERAGE SY 2023-2024 Trends, Networks, and Critical Th...KokoStevan
 
Web & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfWeb & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfJayanti Pande
 
Mixin Classes in Odoo 17 How to Extend Models Using Mixin Classes
Mixin Classes in Odoo 17 How to Extend Models Using Mixin ClassesMixin Classes in Odoo 17 How to Extend Models Using Mixin Classes
Mixin Classes in Odoo 17 How to Extend Models Using Mixin ClassesCeline George
 
Seal of Good Local Governance (SGLG) 2024Final.pptx
Seal of Good Local Governance (SGLG) 2024Final.pptxSeal of Good Local Governance (SGLG) 2024Final.pptx
Seal of Good Local Governance (SGLG) 2024Final.pptxnegromaestrong
 
Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactAccessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactdawncurless
 
Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...
Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...
Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...Shubhangi Sonawane
 
Introduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsIntroduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsTechSoup
 

Recently uploaded (20)

Beyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactBeyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global Impact
 
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
 
Unit-V; Pricing (Pharma Marketing Management).pptx
Unit-V; Pricing (Pharma Marketing Management).pptxUnit-V; Pricing (Pharma Marketing Management).pptx
Unit-V; Pricing (Pharma Marketing Management).pptx
 
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in DelhiRussian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
Russian Escort Service in Delhi 11k Hotel Foreigner Russian Call Girls in Delhi
 
Making and Justifying Mathematical Decisions.pdf
Making and Justifying Mathematical Decisions.pdfMaking and Justifying Mathematical Decisions.pdf
Making and Justifying Mathematical Decisions.pdf
 
Z Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot GraphZ Score,T Score, Percential Rank and Box Plot Graph
Z Score,T Score, Percential Rank and Box Plot Graph
 
Mattingly "AI & Prompt Design: The Basics of Prompt Design"
Mattingly "AI & Prompt Design: The Basics of Prompt Design"Mattingly "AI & Prompt Design: The Basics of Prompt Design"
Mattingly "AI & Prompt Design: The Basics of Prompt Design"
 
Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17
 
ICT Role in 21st Century Education & its Challenges.pptx
ICT Role in 21st Century Education & its Challenges.pptxICT Role in 21st Century Education & its Challenges.pptx
ICT Role in 21st Century Education & its Challenges.pptx
 
Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptxBasic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
 
Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104Nutritional Needs Presentation - HLTH 104
Nutritional Needs Presentation - HLTH 104
 
How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17How to Give a Domain for a Field in Odoo 17
How to Give a Domain for a Field in Odoo 17
 
SECOND SEMESTER TOPIC COVERAGE SY 2023-2024 Trends, Networks, and Critical Th...
SECOND SEMESTER TOPIC COVERAGE SY 2023-2024 Trends, Networks, and Critical Th...SECOND SEMESTER TOPIC COVERAGE SY 2023-2024 Trends, Networks, and Critical Th...
SECOND SEMESTER TOPIC COVERAGE SY 2023-2024 Trends, Networks, and Critical Th...
 
Web & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdfWeb & Social Media Analytics Previous Year Question Paper.pdf
Web & Social Media Analytics Previous Year Question Paper.pdf
 
Advance Mobile Application Development class 07
Advance Mobile Application Development class 07Advance Mobile Application Development class 07
Advance Mobile Application Development class 07
 
Mixin Classes in Odoo 17 How to Extend Models Using Mixin Classes
Mixin Classes in Odoo 17 How to Extend Models Using Mixin ClassesMixin Classes in Odoo 17 How to Extend Models Using Mixin Classes
Mixin Classes in Odoo 17 How to Extend Models Using Mixin Classes
 
Seal of Good Local Governance (SGLG) 2024Final.pptx
Seal of Good Local Governance (SGLG) 2024Final.pptxSeal of Good Local Governance (SGLG) 2024Final.pptx
Seal of Good Local Governance (SGLG) 2024Final.pptx
 
Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactAccessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impact
 
Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...
Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...
Ecological Succession. ( ECOSYSTEM, B. Pharmacy, 1st Year, Sem-II, Environmen...
 
Introduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsIntroduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The Basics
 

Introduction to TLS 1.3

  • 1. INTRODUCTION TO TLS 1.3 Presented by Vedant Jain NULL BHOPAL MONTHLY MEET JANUARY 2020
  • 2. SUMMARY OF CONTENTS OUR MAIN TOPICS TODAY What is Transport Layer Security Whats New in TLS 1.3 How TLS Achieves This Key Goals of TLS 1.3 Security Benefits Privacy Benefits Difference between Handshake in TLS 1.2 & 1.3
  • 3. WHAT IS TLS THE BEGINNING OF TRANSPORT LAYER SECURITY Probably the Internet’s most important security protocol Designed over 20 years ago by Netscape for Web transactions But used for just about everything you can think of Maintained by the Internet Engineering Task Force – Back then, called Secure Sockets Layer – HTTP – SSL-VPNs – E-mail – Voice/video – IoT – We’re now at version 1.2
  • 4. WHATS NEW IN TLS 1.3 TLS 1.3 offers some great improvements over TLS 1.2. Vulnerable optional parts of the protocol have been removed, there’s support for stronger ciphers required to implement perfect forward secrecy (PFS), and the handshake process has been significantly shortened. In addition, implementing TLS 1.3 should be relatively simple. You can use the same keys you used for TLS 1.2. Clients and servers will automatically negotiate a TLS 1.3 handshake when they both support it, and Google Chrome and Mozilla Firefox already do it by default.
  • 5. TLS ACHIEVES THIS USING VARIOUS TECHNIQUES… – Symmetric key encryption for application data. – Typically Advanced Encryption Standard (AES). PRIVACY – Authenticated Encryption with Additional Data (AEAD). – Usually AES-GCM (Galois/Counter Mode) cipher mode. INTEGRITY – X509 certificates signed by a mutually trusted third party. – Typically server authenticated only. AUTHENTICATION
  • 6. KEY GOALS OF TLS 1.3 Clean up - Remove unsafe or Unused features Security - Improve security w/modern techniques Privacy - Encrypt more of the protocol. Performance -1-RTT and 0-RTT handshakes Continuity - Backwards compatibility
  • 7. SECURITY BENEFITS Although TLS 1.2 can still be deployed securely, several high-profile vulnerabilities have exploited optional parts of the protocol and outdated ciphers. TLS 1.3 removes many of these problematic options and only includes support for algorithms with no known vulnerabilities (at this time). The IETF chose to remove all ciphers that do not support PFS from TLS connections. These include DES, AESCBC, RC4, and other ciphers less commonly used.
  • 8. PRIVACY BENEFITS TLS 1.3 also enables PFS(Perfect Forward Secrecy) by default. This cryptographic technique adds another layer of confidentiality to an encrypted session, ensuring that only the two endpoints can decrypt the traffic. With PFS, even if a third party were to record an encrypted session, and later gain access to the server private key, they could not use that key to decrypt the session.
  • 10. REFERENCES WOULD I PREFERRED… http://web.stanford.edu/class/ee380/Abstracts/151118-slides.pdf https://www.owasp.org/images/9/91/OWASPLondon20180125_TLSv1.3_ Andy_Brodie.pdf https://www.cloudflare.com/learning-resources/tls-1-3/ https://www.f5.com/pdf/products/tls1-3_are-you-ready.pdf
  • 11. QUESTIONS? COMMENTS? LET US KNOW! @Vedant__Jain TWITTER jainvedant786@gmail.com EMAIL