Do you understand TLS protocol?

1. Write it at the front

In the previous blog, we introduced some protocols of the corresponding network , for instance HTTP1 agreement , And that is WebSocket agreement , At the same time HTTP2 agreement , Today we will introduce the corresponding TLS/SSL agreement .

2.TLS/SSL How the protocol works

TLS Design purpose

• Authentication
• confidentiality
• integrity

TLS/SSL Development

TLS agreement

Record Record agreements

• Symmetric encryption

Handshake handshake protocol

• Verify the identity of both communicating parties
• Exchange encryption and decryption security suite
• Negotiate encryption parameters

TLS Security Password Suite interpretation

3. How symmetric encryption works ：XOR And filling

Symmetric encryption

AES The application of symmetric encryption in network

Symmetric encryption and XOR Exclusive or operation

fill padding

• Block cipher Group encryption ： Divide the plaintext into several equal length Block modular , Encrypt and decrypt each module separately
• Purpose ： When the last plaintext Block When the module is not full , It needs filling
• Filling method

  • Bitfill ： With bit Bits are filled in

  • 

  • Byte padding ： Fill in bytes

  • 

4. How symmetric encryption works ： Working mode

Group working mode block cipher mode of operation

• It is allowed to use the same block cipher key to encrypt more than one block of data , And ensure its safety .

ECB（Electronic codebook） Pattern

• Directly decompose the plaintext into multiple blocks , Encrypt each block independently
• problem ： Cannot hide data characteristics
• 

CBC（Cipher-block chaining） Pattern

• Each plaintext block is XOR with the previous ciphertext block first and then , Then encrypt
• problem ： The encryption process is serialized
• 

CTR（Counter） Pattern

• By incrementing an encryption counter to produce a continuous stream of keys
• problem ： Cannot provide ciphertext message integrity verification
• 

Verify integrity ：hash function

Verify integrity ：MAC（Message Authentication Code）

GCM

• Galois/Counter Mode
  • CTR + GMAC
  • 

5. Detailed explanation AES Symmetric encryption algorithm

AES（Advanced Encryption Standard） encryption algorithm

• For Belgian cryptologists Joan Daemen and Vincent Rijmen Designed by , also called Rijndael encryption algorithm
• Common filling algorithms ：PKCS7
• Common group working mode ：GCM

AES Three key lengths

• AES The group length is 128 position (16 byte )
• 

AES Encryption steps for

1. Put the plaintext according to 128bit（16 byte ） Split into several plaintext blocks , Each plaintext block is 4*4 matrix
2. Fill the last plaintext block according to the selected filling method
3. Each plaintext block uses AES Encryptor and key , Encrypted into ciphertext block
4. Put together all the ciphertext blocks , Become the final ciphertext result

AES Encryption process

• C=E（K,P）,E Algorithm for each round , Each round of keys is different
  • Initial round AddRoundKey Round keys plus
• Ordinary wheels
  • AddRoundKey Round keys plus
  • SubBytes Byte substitution
  • ShiftRows Line shift
  • MixColumns Column hybrid
• Final round
  • SubBytes Byte substitution
  • ShiftRows Line shift
  • AddRoundKey Round keys plus
  • 

AddRoundKey step

• Each byte in the matrix is associated with the next round key (round key) do XOR operation ; Each sub key is generated by the key generation scheme .
• 

The key to expand

• function g step
  • a. Word cycle ： Move left 1 Bytes
  • b. Use S Box byte substitution
  • c. Same round constant RC[j] To engage in exclusive or , among j It means the number of rounds
  • 

SubBytes step

• Through a nonlinear substitution function , Use look-up table to replace each byte with the corresponding byte
  • Provide non-linear transformation capability , Avoid attacks on simple algebraic properties
  • 

S box

ShiftRows step

Circularly shift each column in the matrix .

• The first line doesn't change
• The second line circulates to the left 1 Bytes
• The third line circulates to the left 2 Bytes
• The fourth line circulates to the left 3 Bytes
• 

MixColumns step

6. Asymmetric passwords and RSA Algorithm

Asymmetric code

• Each party has a pair of keys
  • Public key Open to the other party
  • Private key For your own use only
  • 

Asymmetric encryption and decryption process

• encryption Use the public key of the other party to encrypt the message
• Decrypt Decrypt the message with your own private key
• 

RSA Algorithm

• 1977 By Ronald Levitt （Ron Rivest） Adisamor （Adi Shamir） And Leonard Adelman （Leonard Adleman） Put forward together , So it's called RSA Algorithm

RSA The generation of public and private keys in the algorithm

1. Randomly choose two unequal prime numbers p and q

2. Calculation p and q The product of the n( Plaintext is less than n)

3. Calculation n The Euler function of v

4. Pick an integer at random k 1<k<v, And k And v Coprime

5. Calculation k about v The modulo inverse elements of d

6. Public key (k,n)

7. Private key (d,n)

RSA Algorithm encryption and decryption process

• encryption ：c=m^k(mod n) m It's plain text ,c It's ciphertext
• Decrypt ：m=c^d(mod n)
• give an example ： For plaintext numbers 123 encryption
  • Public key (3,319) encryption 123^mod319=140 Yes 140 Private key for ciphertext (187,319) Decrypt 140^187mod 319 =123
  • Private key (187,319) encryption 123^187mod=161 Public key (3,319) Decrypt 161^3mod319=123

7. be based on openssl Practical verification RSA

Use OpenSSL be based on RSA Algorithm generating public and private keys

• Generate private key openssl genrsa -out private.pem

  

• Extract the public key from the private key openssl rsa -in private.pem -pubout -out public.pem

  

• see ASN.1 Format of the private key openssl an1parse -i -in private.pem

  

• see ASN.1 Public key of format openssl asn1parse -i -in public.pem

  

• openssl asn1parse -i -in public.pem -strparse 19

  

Use RSA Public private key encryption and decryption

• Encrypt file openssl rsautl -encrypt -in hello.txt -inkey public.pem -pubin -out hello.en
• Decrypt files openssl rsautl -decrypt -in hello.en -inkey private.pem -out hello.de

8. Asymmetric password application ：PKI Certificate system

Asymmetric password application ： digital signature

• Private key based encryption , Only public key decryption can be used ： Play the role of identity authentication
• Public key management ：Public Key Infrastructure(PKI) Public key infrastructure
  • from Certificate Authority（CA） A digital certificate authority associates a user's personal identity with a public key
  • The public key digital certificate consists of
    • CA Information 、 Public key user information 、 Public key 、 Signature of authority 、 The period of validity
  • PKI user
    • towards CA The user who registers the public key
    • Users who want to use the registered public key

** Certificate issuance process **

** Signature and signature verification process **

** Certificate trust chain **

**PKI Public key infrastructure **

** Certificate type **

** Verify certificate chain **

9. Asymmetric password application ：DH Key exchange protocol

RSA key exchange

• The client generates a symmetric encrypted key

  

• problem ： No forward confidentiality

**DH key exchange **

• 1976 Year by year Bailey Whitfield Diffie and Martin Edward Hellman The first publication of the , So it is called Diffie–Hellman key exchange, abbreviation DH

• It allows both parties to create a key through an insecure channel without any prior information from each other

  

DH Key exchange protocol example 1

• g、p、A、B Open
• a,b A secret
• Generate a common key K
• 

DH Example 2 of key exchange protocol

• The agreement uses p=23 as well as base g=5.

• Alice chooses a secret integer a=6, Calculation A = ga mod p And send it to Bob .

  • A = 56 mod 23 = 8.

• Bob chooses a secret integer b=15, Calculation B = gb mod p And send it to Alice .

  • B = 515 mod 23 = 19.

• Alice calculated s = B a mod p

  • 196 mod 23 = 2.

• Bob calculation s = A b mod p

  • 815 mod 23 = 2.

  

DH Key exchange protocol

• Man in the middle forgery attack
  • towards Alice Pretend to be Bob, Do it once. DH key exchange
  • towards Bob Pretend to be Alice, Do it once. DH key exchange
• Solve man in the middle forgery attacks
  • Authentication

10.ECC The principle of elliptic curve

**ECC Definition of elliptic curve **

• The expression of elliptic curve ：
  $$y^2=x^3+ax+b,4a^3+27b^2!=0$$

• Always about X axial symmetry （y The existence of square ）

  

**ECC The characteristics of a curve ：+ operation **

• P+Q=R

  • + The geometric meaning of operation ：R by P、Q The intersection of continuity and curve is X Mirror image on axis

  • P+P=R

• + The operation satisfies the commutative law

  • a + b = b + a

• + The operation satisfies the associative law

  • (a + b) + c = a + (b + c)

  

**+ The algebraic method of operation **

• First calculate the slope m, Then work out R The coordinates of point

  

**ECC+ Examples of operations **

• Set curve ：y2=x3-7x+10
• set up P=(1,2),Q=(3,4), To calculate the R(-3,-2)
  • P On the curve , because 22=4=13-71+10
  • Q On the curve , because 42=16=33-37+10=27-21+10
  • R On the curve , because -22=4=-33-7*(-3)+10=-27+21+10
  • 

**ECC The key principle of **

• Q=K.P

  • It is known that K And P, Forward operation is fast

  • It is known that Q And P, Calculation K The reverse operation of is very difficult

    

11.DH Agreement upgrade ： Based on the elliptic curve ECDH agreement

**ECDH Key exchange protocol **

• DH The key exchange protocol uses the variant of elliptic curve , be called Elliptic Curve Diffie–Hellman key Exchange, Abbreviation for ECDH, The advantage is that it is better than DH Fast calculation 、 The key is shorter under the same security conditions
• ECC（Elliptic Curve Cryptography）： Elliptic curve cryptography
• Weierstrass elliptic function （Weierstrass‘s elliptic functions）：y2=x3+ax+b
• 

**ECC The key principle of **

• Q=K.P

  • It is known that K And P, Forward operation is fast

  • It is known that Q And P, Calculation K The reverse operation of is very difficult

    

**ECDH Steps for **

1. Alice Select a large integer Ka As the private key

2. Based on the selected curve and the sharing on the curve P spot ,Alice To calculate the Qa=Ka.P

3. Alice take Qa、 Selected curve 、 share P Point to point Bob

4. Bob Select a large integer Kb As the private key , Will calculate Qb=Kb.P, And will Qb Pass to Alice

5. Alice Generate the key Qb.Ka = (X, Y), among X Key for symmetric encryption

6. Bob Generate the key Qa.Kb = (X, Y), among X Key for symmetric encryption

   Qb.Ka = Ka.(Kb.P) = Ka.Kb.P = Kb.(Ka.P) = Qa.Kb

**X25519 curve **

• Variant of elliptic curve ：Montgomery curve Montgomery curve

  • By2 = x3 + Ax2 + x
  • A=7,B=3
  • 

• X25519：y2 = x3 + 486662x2 + x

  • p be equal to 2255 – 19, basic point G=9
  • order N

12.TLS1.2 And TLS1.3 Medium ECDH agreement

**TLS1.2 Communication process **

**FREAK attack **

**openssl 1.1.1 Version pair TLS1.3 Support for **

• Ciphersuites Security Suites
  • TLS13-AES-256-GCM-SHA384
  • TLS13-CHACHA20-POLY1305-SHA256
  • TLS13-AES-128-GCM-SHA256
  • TLS13-AES-128-CCM-8-SHA256
  • TLS13-AES-128-CCM-SHA256

**TLS1.3 Key exchange in **

13. Handshake optimization ：session cache 、ticket Notes and TLS1.3 Of 0-RTT

**session cache ： Server generated session ID On the basis of **

**session ticket **

**TLS1.3 Of 0RTT handshake **

**0-RTT Facing replay attacks **

14.TLS And the principle of quantum communication

TLS A review of cryptography

• Both sides of the communication are based on authentication , Negotiate a one-time 、 Random key
  • PKI Public key infrastructure
  • TLS The middleware generates a one-time 、 Random key parameters
  • DH A series of protocols negotiate the key based on asymmetric encryption technology
• Using block symmetric encryption algorithm , Encrypted transmission of plaintext of any length based on a finite length key
  • Number of key digits
  • Group working mode

** Claude · elwood · Shannon ： Information theory **

• prove one-time-pad（OTP） Absolute security of
  • The key is randomly generated
  • The length of the key is greater than or equal to the length of the plaintext
  • The same key can only be used once

**QKD And the principle of light polarization **

• Quantum key distribution quantum key distribution, abbreviation QKD
  • quantum mechanics ： Any measurement of a quantum system will interfere with the system
  • QKD： If a third party tries to eavesdrop on the password , The dual convenience of communication will be noticed
  • 

15. Quantum communication BB84 Implementation process of the agreement

**BB84 agreement **

**BB84 Schematic diagram of the agreement **

**QKD Key correction and privacy enhancement **

16. At the end

This blog mainly introduces tls agreement , We'll continue later TCP、IP agreement