Enhancement of TLS Implementation of BouncyCastle Guilherme - - PowerPoint PPT Presentation

enhancement of tls implementation of bouncycastle
SMART_READER_LITE
LIVE PREVIEW

Enhancement of TLS Implementation of BouncyCastle Guilherme - - PowerPoint PPT Presentation

Oct 26, 2023 369 likes •482 views

Enhancement of TLS Implementation of BouncyCastle Guilherme Francescon Cittolin Transport Layer Security General Cryptographic Protocol Successor of the SSL Works over TCP UDP version: DTLS (RFC 6347) Goals Provide

slide-1
SLIDE 1

Enhancement of TLS Implementation of BouncyCastle

Guilherme Francescon Cittolin

slide-2
SLIDE 2

Transport Layer Security

  • General Cryptographic Protocol
  • Successor of the SSL
  • Works over TCP

○ UDP version: DTLS (RFC 6347)

slide-3
SLIDE 3

Goals

  • Provide confidentiality and message integrity

○ Asymmetric cryptography for key exchange ○ Symmetric cryptography ○ MAC - Message Authentication Codes

slide-4
SLIDE 4

RFCs

  • TLS 1.0: RFC 2246
  • TLS 1.1: RFC 4346
  • TLS 1.2: RFC 5246
slide-5
SLIDE 5

OSI Model

slide-6
SLIDE 6
slide-7
SLIDE 7

Protocol layers

  • Record layer (Record Protocol)

○ Fragmentation ○ Compression ○ Authentication ○ Encryption

  • Handshake layer

○ Handshake Protocol ○ Change Cipher Spec Protocol ○ Alert Protocol ○ Application Protocol

slide-8
SLIDE 8

Implementations - Browsers

slide-9
SLIDE 9

Implementations - Libraries

  • OpenSSL
  • GnuTLS
  • Cryptlib
  • MatrixSSL
  • JSSE
slide-10
SLIDE 10

Differences from previous versions

  • Pseudorandom Functions

○ Before: MD5 / SHA-1 ○ Cipher-suite-specified (SHA - 256)

  • Advanced Encryption Standard Cipher-

suites added

  • Minor changes
slide-11
SLIDE 11

Differences from previous versions

  • RFC 6176

○ Support to SSL dropped