Digital Certificate — TLS, TLS versions, handshakes, & cipher suites

Part 3 of four-part series about digital certificate
  1. IPsec intends to make changes in the network stack like TCP/IP and make applications transparent to these changes.
  2. SSL/TLS strives to make changes in the application to secure the data rather than changing the OS’s TCP/IP stack.
Security at various layers of TCP/IP stack ¹⁷
TLS operates at the session layer of the OSI model⁹
HTTP1/2 stack using TLS and TCP vs HTTP3 stack using QUICK over UDP ¹⁹
Wireshark capture showing QUIC over UDP²³
Side by side comparison using wireshark capture — left is QUIC over UDP, on the right is TLS over TCP²²
Comparison of TCP and TLS with QUIC by APNIC²⁰
Messages exchanged in a TLS 1.2 handshake¹⁵
TLS 1.2 handshake
  1. The client sends a Client Hello message to the server to set up a secure connection. The client shares the supported cipher suites, client-random required in key generation, SNI extensions, etc.
  2. The server replies with Server Hello containing the selected cipher suite, server certificate containing server public key, server random number, and server key exchange related parameters like key size, algorithm, etc.
  3. At this point, the client has enough information to calculate, Pre-Master, and Master Secret¹⁰.
  • Pre-Master = Client Key Exchange Algorithm parameters+ Server Key Exchange Algorithm parameters
  • Master Secret= PRF (Pre-Master, ClientHello.random, ServerHello.random)
example wireshark capture for TLS 1.2 showing various supported cipher suites
example of a cipher suite for TLS 1.2
  1. TLS is the protocol.
  2. ECDHE stands for Elliptic Curve Diffie Hellman Ephemeral and is the key exchange algorithm. The key exchange algorithm is an asymmetric algorithm. The other options are RSA, ECDH (elliptic curve DH without ephemeral), ECDHE, DH, DHE, PSK (Pre-shared key)
  3. ECDSA is the authentication algorithm. Other options are RSA and DSA.
  4. AES_256_GCM is the bulk encryption algorithm (symmetric key algorithm). It means AES is using Galois Counter Mode with a 128-bit key size.
  5. SHA-256 is the hashing algorithm for integrity check. 256 is the key size.
TLS 1.3 handshake
  • TLS 1.3 handshake takes 1 RTT (round trip time) to complete¹, compared to 2 RTT in TLS 1.2.
  • TLS 1.3 is more resistant to downgrade attacks as weaker cipher suites have been disabled. The cipher suites supported in TLS 1.3 are roughly five compared to thirty+ in TLS 1.2.
  • TLS 1.3 supports 0-RTT resumption, compared to a 1-RTT resumption in 1.2. In simpler words, if a TLS 1.3 client has connected to a TLS 1.3 server before, they can immediately start exchanging encrypted data (HTTP GET) without going through the full handshake again. It is the reason why TLS 1.3 resumption is called zero-overhead handshake.
0-RTT handshake in TLS 1.3
1-RTT handshake in TLS 1.2 ²
example of a cipher suite for TLS 1.3
  1. TLS is the protocol.
  2. Although not shown but ECDHE is the default asymmetric algorithm for key exchange. The keys are exchanged during the handshake via ephemeral Elliptic Curve Diffie Hellman (ECDHE).
  3. Although not shown here but ECDSA is the default authentication algorithm.
  4. AES_256_GCM is the bulk encryption algorithm (symmetric key algorithm). It means AES is using Galois Counter Mode with a 128-bit key size.
  5. SHA-384 is the hashing algorithm for integrity checks. 384 is the key size.

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Deepak Singh

Deepak Singh

Sales Eng., Consultant, Solutions Architect, Analyst, Hobbyist Coder. 2 Masters — MBA Georgia Tech, MS Analytics. Interested in technology, business & strategy