tls 1 3 what developers should know about the apis
play

TLS 1.3: What developers should know about the APIs Daiki Ueno - PowerPoint PPT Presentation

Feb 14, 2024 •397 likes •800 views

TLS 1.3: What developers should know about the APIs Daiki Ueno Red Hat Crypto team TLS 1.3: RFC 8446 Published in August 2018 Low latency More security Cleaner protocol Low latency: 1-RTT handshake TLS 1.2: 2-RTT TLS 1.3: 1-RTT

  1. TLS 1.3: What developers should know about the APIs Daiki Ueno Red Hat Crypto team

  2. TLS 1.3: RFC 8446 Published in August 2018 – Low latency – More security – Cleaner protocol

  3. Low latency: 1-RTT handshake TLS 1.2: 2-RTT TLS 1.3: 1-RTT key exchange & authentjcatjon authentjcatjon* + client Finished applicatjon traffjc

  4. More security ● No RSA / statjc DH key exchange ● Legacy algorithms were removed ● All symmetric ciphers are AEAD

  5. Protocol refactoring ● Ciphersuites ● Session resumptjon

  6. Ciphersuites TLS 1.2 > 100 Key Cipher MAC Hash Exchange Algorithm Algorithm Algorithm TLS 1.3 = 5 k e y _ s h a r e extension Cipher Hash Algorithm Algorithm (AEAD)

  7. Session resumptjon 1 st connectjon TLS 1.2 Client and server share the secret Server stores the state in 2 nd connectjon Client keeps the secret the session cache Client sends the previous session ID

  8. Session resumptjon 1 st connectjon TLS 1.3 Client and server share the secret Session tjcket Server doesn’t need to 2 nd connectjon Client keeps the secret keep the secret Client sends back the tjcket Forward secure if DHE key exchange is used

  9. How can I use TLS 1.3? ● Enabled in major libraries – OpenSSL, GnuTLS, NSS ● No Litule code changes are needed – for typical use-cases ● New features need new API

  10. New features ● Post-handshake authentjcatjon ● Key update ● Length hiding ● 0-RTT mode

  11. What is a good API? ● Usability ● Flexibility

  12. Usability ● Easy to use, hard to misuse ● “Hufgman coding” by usage patuern – Less code for common use-cases – More code for uncommon use-cases ● Default to be safe

  13. Flexibility ● Scale from embedded to servers – Decouple resource access from the code – Provide callbacks ● Future proof – There will probably be TLS 1.4 – Don’t assume parameters are fjxed

  14. What is a good API? Usability Flexibility Christoph Strässler (CC-BY-SA 2.0)

  15. Existjng design choices ● I/O abstractjon – Generic I/O used for both TLS and non-TLS ● Handshake – Explicitly triggered or implicitly during I/O ● Resumptjon data – Manually or automatjcally tracked

  16. Existjng design choices I/O abstractjon Handshake Resumptjon data Yes Automatjc OpenSSL Implicit / explicit (BIO) (cached per-ctx) GnuTLS No Explicit Manual Yes Automatjc NSS Implicit / explicit (NSPR) (cached per-process)

  17. New features, new API ● Post-handshake authentjcatjon ● Key update ● Length hiding ● 0-RTT mode

  18. Post-handshake auth ● The server can request client-auth at any tjme with a CertjfjcateRequest message ● Re-associate client’s identjty with a difgerent certjfjcate ● Can delay client authentjcatjon untjl a CertjfjcateRequest resource is actually Certjfjcate requested CertjfjcateVerify

  19. Post-handshake auth / * c l i e n t : i n d i c a t e p o s t h a n d s h a k e a u t h * / S S L _ s e t _ p o s t _ h a n d s h a k e _ a u t h ( c l i e n t , 1 ) ; / * s e r v e r : r e q u e s t p o s t h a n d s h a k e a u t h * / S S L _ v e r i f y _ c l i e n t _ p o s t _ h a n d s h a k e ( s e r v e r ) ; / * c l i e n t : i n d i c a t e p o s t h a n d s h a k e a u t h * / g n u t l s _ i n i t ( & c l i e n t , . . . | G N U T L S _ P O S T _ H A N D S H A K E _ A U T H ) ; / * s e r v e r : r e q u e s t p o s t h a n d s h a k e a u t h * / g n u t l s _ r e a u t h ( s e r v e r , 0 ) ; Not implemented

  20. Key update ● Peers can update traffjc keys with a KeyUpdate message ● There is a limit of data that can be safely encrypted with a single key – GnuTLS and NSS KeyUpdate implement automatjc KeyUpdate key updates

  21. Key update / * s c h e d u l e k e y u p d a t e , a n d r e q u e s t t h e p e e r t o * u p d a t e t h e i r k e y * / S S L _ k e y _ u p d a t e ( s , S S L _ K E Y _ U P D A T E _ R E Q U E S T E D ) ; / * s c h e d u l e k e y u p d a t e , a n d r e q u e s t t h e p e e r t o * u p d a t e t h e i r k e y * / g n u t l s _ s e s s i o n _ k e y _ u p d a t e ( s , G N U T L S _ K U _ P E E R ) ; / * s c h e d u l e k e y u p d a t e , a n d r e q u e s t t h e p e e r t o * u p d a t e t h e i r k e y * / S S L _ K e y U p d a t e ( s , P R _ T R U E ) ;

  22. Length hiding e n c r y p t e d _ r e c o r d 2 3 0 x 0 3 0 3 l e n g t h c o n t e n t c o n t e n t p a d d i n g t y p e P r e v e n t a t t a c k e r s b e i n g a b l e t o g u e s s t h e a c t u a l c o n t e n t l e n g t h

  23. Length hiding / * d e f a u l t t o p a d m u l t i p l e o f 4 0 9 6 * / S S L _ s e t _ b l o c k _ p a d d i n g ( s , 4 0 9 6 ) ; / * o v e r r i d e t h e p a d d i n g w i t h a c a l l b a c k p e r m e s s a g e * / S S L _ s e t _ r e c o r d _ p a d d i n g _ c a l l b a c k ( s , p a d d i n g _ c b ) ; / * s e n d a p p l i c a t i o n d a t a * / S S L _ w r i t e ( s , d a t a , s i z e ) ; s t a t i c s i z e _ t p a d d i n g _ c b ( S S L * s , i n t t y p e , s i z e _ t l e n , v o i d * a r g ) { / * r e t u r n n e w p a d d i n g * / }

  24. Length hiding / * s e n d a p p l i c a t i o n d a t a w i t h o u t p a d d i n g * / g n u t l s _ r e c o r d _ s e n d ( s , d a t a , s i z e , 0 ) ; / * s e n d a p p l i c a t i o n d a t a w i t h a r b i t r a r y p a d d i n g * / g n u t l s _ r e c o r d _ s e n d 2 ( s , d a t a , s i z e , p a d , 0 ) ; Not implemented

  25. 0-RTT mode TLS 1.3: 1-RTT TLS 1.3: 0-RTT key exchange & resuming handshake authentjcatjon early applicatjon data Even lower latency authentjcatjon* + client Finished

  26. 0-RTT: Sending 1. Check the maximum amount of data the server would accept 2. Send early data 3. Check if the server has accepted it; otherwise re-send the data as 1-RTT

  27. 0-RTT: Sending ❶ / * c h e c k t h e m a x i m u m d a t a t h e s e r v e r w o u l d a c c e p t * / m a x s i z e = S S L _ S E S S I O N _ g e t _ m a x _ e a r l y _ d a t a ( S S L _ g e t 0 _ s e s s i o n ( c l i e n t ) ) ; i f ( s i z e > m a x s i z e ) r e t u r n - 1 ; / * s e n d e a r l y d a t a b e f o r e h a n d s h a k e * / ❷ S S L _ w r i t e _ e a r l y _ d a t a ( c l i e n t , d a t a , s i z e , & w r i t t e n ) ; / * d o h a n d s h a k e , e i t h e r e x p l i c i t l y o r i m p l i c i t l y * / ❸ / * c h e c k i f t h e e a r l y d a t a w a s a c c e p t e d * / s t a t u s = S S L _ g e t _ e a r l y _ d a t a _ s t a t u s ( c l i e n t ) ; i f ( s t a t u s ! = S S L _ E A R L Y _ D A T A _ A C C E P T E D ) { / * e a r l y d a t a w a s r e j e c t e d ; r e s e n d i t a s 1 - R T T * / S S L _ w r i t e ( c l i e n t , d a t a , s i z e ) ; }

  28. 0-RTT: Sending ❶ / * c h e c k t h e m a x i m u m d a t a t h e s e r v e r w o u l d a c c e p t * / m a x s i z e = g n u t l s _ r e c o r d _ g e t _ m a x _ e a r l y _ d a t a _ s i z e ( c l i e n t ) ; i f ( s i z e > m a x s i z e ) r e t u r n - 1 ; / * s e n d e a r l y d a t a b e f o r e h a n d s h a k e * / ❷ g n u t l s _ r e c o r d _ s e n d _ e a r l y _ d a t a ( c l i e n t , d a t a , s i z e ) ; g n u t l s _ h a n d s h a k e ( c l i e n t ) ; ❸ / * c h e c k i f t h e e a r l y d a t a w a s a c c e p t e d * / f l a g s = g n u t l s _ s e s s i o n _ g e t _ f l a g s ( c l i e n t ) ; i f ( ! ( f l a g s & G N U T L S _ S F L A G S _ E A R L Y _ D A T A ) ) { / * e a r l y d a t a w a s r e j e c t e d ; r e s e n d i t a s 1 - R T T * / g n u t l s _ r e c o r d _ s e n d ( c l i e n t , d a t a , s i z e ) ; }

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

1 Web APIs that Developers Love Kai Spichale @kspichale 2 Communication Decoupling from

1 Web APIs that Developers Love Kai Spichale @kspichale 2 Communication Decoupling from

1 Web APIs that Developers Love Kai Spichale @kspichale 2 Communication Decoupling from among developers implementation Client API Implementation Integration & reuse Operations with input and output 3 Developer Perspective ?

726 views • 54 slides
Should I Protect You? Understanding Developers Behavior to Privacy-Preserving APIs Shubham

Should I Protect You? Understanding Developers Behavior to Privacy-Preserving APIs Shubham

Should I Protect You? Understanding Developers Behavior to Privacy-Preserving APIs Shubham Jain and Janne Lindqvist Department of Electrical and Computer Engineering Rutgers University Workshop on Usable Security (USEC14) February 23,

230 views • 21 slides
Developers Developers Developers (what about creatives?) Ryan Gorley Designer + Marketer + Art

Developers Developers Developers (what about creatives?) Ryan Gorley Designer + Marketer + Art

Developers Developers Developers (what about creatives?) Ryan Gorley Designer + Marketer + Art Director FOSS: A Developers World? Creatives have abilities to ofer Challenge Ignorance & Bias Feature Gaps Inertia Introduce FOSS

514 views • 34 slides
Beautiful REST + JSON APIs Les Hazlewood, @lhazlewood Founder & CTO, Stormpath About

Beautiful REST + JSON APIs Les Hazlewood, @lhazlewood Founder & CTO, Stormpath About

Beautiful REST + JSON APIs Les Hazlewood, @lhazlewood Founder & CTO, Stormpath About Stormpath User Management API for Developers Registration and Login User Profiles Role Based Access Control (RBAC) Permissions

1.26k views • 86 slides
Semi-Automa+cally Modeling Web APIs to Create Linked APIs

Semi-Automa+cally Modeling Web APIs to Create Linked APIs

Semi-Automa+cally Modeling Web APIs to Create Linked APIs Mohsen Taheriyan, Craig A. Knoblock, Pedro Szekely, and Jose Luis Ambite USC Information

321 views • 28 slides
AM-2 NIE API Gateway in NIE Who uses the APIs now and how is the adoption rate? The APIs are used

AM-2 NIE API Gateway in NIE Who uses the APIs now and how is the adoption rate? The APIs are used

AM-2 NIE API Gateway in NIE Who uses the APIs now and how is the adoption rate? The APIs are used by our faculty, our corporate mobile app users, corporate systems and students, the adoption rate is growing healthy at a steady rate. We are moving

452 views • 17 slides
APIs: Overdue or Overhyped? The Promise of APIs to Drive Interoperability Todays Speakers 2

APIs: Overdue or Overhyped? The Promise of APIs to Drive Interoperability Todays Speakers 2

1 APIs: Overdue or Overhyped? The Promise of APIs to Drive Interoperability Todays Speakers 2 Micky Tripathi Ryan Howells Kristen Valdes President & CEO Principal Founder & CEO Massachusetts eHealth Collaborative Leavitt

276 views • 8 slides
The current state of banking APIs Open APIs are high priority for financial institutions What are

The current state of banking APIs Open APIs are high priority for financial institutions What are

The current state of banking APIs Open APIs are high priority for financial institutions What are banks doing about it? How important are Open APIs to banks? 2 http://www.briansolis.com/2016/12/top-10-retail-banking-trends-predictions-2017/

449 views • 20 slides
+ CiviCRM for Drupal Developers Coleman Watts CiviCRM user since 2010 Found Civi

+ CiviCRM for Drupal Developers Coleman Watts CiviCRM user since 2010 Found Civi

+ CiviCRM for Drupal Developers Coleman Watts CiviCRM user since 2010 Found Civi through Drupal Implemented Civi for Woolman School Author of Webform Integration, and a few other CiviCRM modules and APIs Matt Chapman

369 views • 20 slides
STOR 390: APIs Marshall Markham Overview Intro to APIs Concept Steps to URI API Usage

STOR 390: APIs Marshall Markham Overview Intro to APIs Concept Steps to URI API Usage

STOR 390: APIs Marshall Markham Overview Intro to APIs Concept Steps to URI API Usage Google Maps Exercise What is an API API stands for Application Programming Interface Any body of code meant to be used by outside

476 views • 15 slides
www.pdl.cmu.edu/posix/ December 14, 2005 APIs for HPC IO POSIX IO APIs (open, close, read,

www.pdl.cmu.edu/posix/ December 14, 2005 APIs for HPC IO POSIX IO APIs (open, close, read,

POSIX I/O High Performance Computing Extensions Brent Welch (Speaker) Panasas www.pdl.cmu.edu/posix/ December 14, 2005 APIs for HPC IO POSIX IO APIs (open, close, read, write, stat) have semantics that can make it hard to achieve high

674 views • 24 slides
2 Hello Quantum Developers World Yet Another Frontier for JavaScript Hello Quantum Developers

2 Hello Quantum Developers World Yet Another Frontier for JavaScript Hello Quantum Developers

2 Hello Quantum Developers World Yet Another Frontier for JavaScript Hello Quantum Developers World QCon London 2020 Miguel Ramalho Quantum Spectrum Software Physicists Scientists Developers Engineers Engineers Theorise Empirically

710 views • 51 slides
Web APIs Web APIs Programming for Statistical Programming for Statistical Science Science

Web APIs Web APIs Programming for Statistical Programming for Statistical Science Science

Web APIs Web APIs Programming for Statistical Programming for Statistical Science Science Shawn Santo Shawn Santo 1 / 24 1 / 24 Supplementary materials Full video lecture available in Zoom Cloud Recordings Additional resources HTTP

609 views • 24 slides
API SHAPAVAL RAMAN 03.05.2017 What is the difference between traditional graphics APIs and new

API SHAPAVAL RAMAN 03.05.2017 What is the difference between traditional graphics APIs and new

API SHAPAVAL RAMAN 03.05.2017 What is the difference between traditional graphics APIs and new low-level APIs? High-level APIs like OpenGL are quite easy to use, because the developer declares what they want to do and how they want to do

634 views • 36 slides
Network impact of Web access to device APIs W3C Workshop on Security for Access to Device APIs

Network impact of Web access to device APIs W3C Workshop on Security for Access to Device APIs

Network impact of Web access to device APIs W3C Workshop on Security for Access to Device APIs from the Web December 10-11, 2008 Mat Ford http://www.isoc.org Background ISOC is focused on continued operation of the global Internet

512 views • 12 slides
or: Why Alg lgebraic May Be Better Than Pre/Post Intro Focus on abstract APIs, rather than

or: Why Alg lgebraic May Be Better Than Pre/Post Intro Focus on abstract APIs, rather than

Specification of of Generic APIs Is, or: Why Alg lgebraic May Be Better Than Pre/Post Intro Focus on abstract APIs, rather than dealing directly with concrete data structures. Semantics are more easily specied by relating the

654 views • 7 slides
SNIA -Storage Developer Conference India May 2017 Agile | Digital | Enterprise Applications |

SNIA -Storage Developer Conference India May 2017 Agile | Digital | Enterprise Applications |

Virtual Desktop Infrastructure (VDI) on Premise Storage and Beyond SNIA -Storage Developer Conference India May 2017 Agile | Digital | Enterprise Applications | Managed Services Agenda What is VDI and why it is required Aspects

551 views • 42 slides
King : Estimating latency between arbitrary Internet end hosts Krishna Gummadi, Stefan Saroiu

King : Estimating latency between arbitrary Internet end hosts Krishna Gummadi, Stefan Saroiu

King : Estimating latency between arbitrary Internet end hosts Krishna Gummadi, Stefan Saroiu Steven D. Gribble University of Washington A Question: What can we do with a tool that could estimate latency between any two arbitrary hosts

621 views • 27 slides
A Survey of Oblivious RAMs David Cash IBM Securely Outsourcing Memory Server Goal : Store,

A Survey of Oblivious RAMs David Cash IBM Securely Outsourcing Memory Server Goal : Store,

A Survey of Oblivious RAMs David Cash IBM Securely Outsourcing Memory Server Goal : Store, access, and update data on an untrusted server. Mem[0] a Mem[1] b Mem[2] c Write(i,x) Read(j) Mem[i] d Client Mem[j] e Untrusted

908 views • 70 slides
Vembu BDR360 Centralized Monitoring And Management Portal www.vembu.com About Vembu Technologies

Vembu BDR360 Centralized Monitoring And Management Portal www.vembu.com About Vembu Technologies

Vembu BDR360 Centralized Monitoring And Management Portal www.vembu.com About Vembu Technologies 4000+ Channel Partners Founded in 200 2 Private Company Reached more than 60,000 businesses Profitable since 2006 HQ in Chennai, India 70 % of

355 views • 13 slides
CS6200 Information Retrieval David Smith College of Computer and Information Science

CS6200 Information Retrieval David Smith College of Computer and Information Science

CS6200 Information Retrieval David Smith College of Computer and Information Science Northeastern University Indexing Process Web Crawler Finds and downloads web pages automatically provides the collection for searching Web is

972 views • 56 slides
IMPACT OF DATA PLACEMENT ON RESILIENCE IN LARGE-SCALE OBJECT STORAGE SYSTEMS KEVIN HARMS

IMPACT OF DATA PLACEMENT ON RESILIENCE IN LARGE-SCALE OBJECT STORAGE SYSTEMS KEVIN HARMS

32ND INTERNATIONAL CONFERENCE ON MASSIVE STORAGE SYSTEMS AND TECHNOLOGY (MSST 2016) IMPACT OF DATA PLACEMENT ON RESILIENCE IN LARGE-SCALE OBJECT STORAGE SYSTEMS KEVIN HARMS PHILIP CARNS CHRISTOPHER CAROTHERS JOHN JENKINS Argonne National

198 views • 19 slides
The Crossfire Attack Min Suk Kang Soo Bum Lee Virgil D. Gligor ECE Department and CyLab,

The Crossfire Attack Min Suk Kang Soo Bum Lee Virgil D. Gligor ECE Department and CyLab,

The Crossfire Attack Min Suk Kang Soo Bum Lee Virgil D. Gligor ECE Department and CyLab, Carnegie Mellon University May 20 2013 Old: DDoS Attacks against Single Servers typical attack : floods server with HTTP, UDP, SYN, ICMP packets

613 views • 28 slides
SMB3 Multichannel Update Gnther Deschner <gd@samba.org> Sachin Prabhu

SMB3 Multichannel Update Gnther Deschner <gd@samba.org> Sachin Prabhu

SMB3 Multichannel Update Gnther Deschner <gd@samba.org> Sachin Prabhu <sprabhu@redhat.com> A g e n d a S a mb a / C T D B C l u s t e r i n g w i t h G l u s t e r F S S M B 3 M u

862 views • 33 slides

More recommend