Overview of SSL & TLS client-sever interactions and perfect forward security with Diffie-Hellman exchange.
Originally created for the dc562 2016 Cryptoparty.
6. i. greetings!
client hello
server hello
server certificate
server hello done
cert w/
public key
private key
server has:
(both generate & share
random numbers.
we’ll call them: a & b)
7. ii. validation
star trek: https://datacenteroverlords.coam/2011/09/25/ssl-who-do-you-trust/
trusted root
CA
?
?
intermediate
CA 2
?
intermediate
CA 1
?
?
8. what is checked
does privately signed test align
with public fingerprint?
does signing CA validate
certificate & intermediate CAs
are active? (not revoked)
9. iii. session key
client key exchange
client change cipher spec
client finished
client generates
symmetric key
with random numbers
server decrypts with private key
encrypts with server public key
10. iii. session key
client key exchange
client change cipher spec
client finished
client generates
symmetric key
server decrypts with private key
encrypts with server public key
wait...
12. asymmetric
separate public & private keys
○ public key can be given freely
○ client encrypts with public key
○ only server can decrypt with private key
13. symmetric
one key (same “public” & “private” key)
○ once a secure channel is established,
can send a new (& simpler) key
○ much faster to communicate with
14. iii. session key
client key exchange
client change cipher spec
client finished
client generates
symmetric key
server decrypts with private key
encrypts with server public key
circling
back...
15. iii. session key
client key exchange
client change cipher spec
client finished
client generates
pre-master secret
server decrypts with private key
encrypts with server public key
16. iv. secure
server change cipher spec
server finished
secure session
+ Shared Random Numbers =
(a & b)
22. (in)secure
what if the server private key is lost?
attacker can:
○ monitor public/private key
communications
○ reconstruct symmetric key
○ decrypt previous & current
communications
secure channel is lost
24. (gb
mod p)a
mod p= gba
mod p =(ga
mod p)b
mod p
ga
mod p
gb
mod p b
a
g, p
gb
mod p a ga
mod p b
pre-master secret
25. secure
a, b, & session key:
○ never “spoken”
○ never recorded
○ forgotten after exchange
○ cannot be reconstructed to decrypt traffic
“perfect forward secrecy (PFS) with
ephemeral keys exchanged thru diffie-hellman”