HTTPS and Beyond
Most of our communication over the Web is secured by HTTPS. But how does HTTPS actually work? James explores the underlying cryptography of HTTPS, as well as its strengths and weaknesses. He briefly describes an experimental alternative to HTTPS, just to show that we have options.
James Diacono is an application programmer with an amateur interest in cryptography.
# Intro
Imposter (correct me)
# HTTP
Internet cafe http://en.wikipedia.org
Vandalism?
Reputation
High stakes
credit card numbers
passport
impersonation (edit wikipedia on my behalf)
Encryption, integrity and authentication
# HTTPS
How does it work?
Symmetric encryption
K(plaintext) = ciphertext
K(ciphertext) = plaintext
Asymmetric encryption
P(plaintext) = ciphertext
R(ciphertext) = plaintext
R(P(x)) = x
Signing
R(plaintext) = signature
P(signature) = plaintext
P(R(x)) = x
Key agreement
Pa * Rb = S
Ra * Pb = S
Handshake
TLS v1.3
https://caniuse.com/tls1-3
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
ssl_protocols TLSv1.3;
Problems
cert authorities
negotiation (downgrade MITM attacks)
no client authentication (hence passwords and cookies)
HTTP request/response model, verbs and status codes
self-signing certificates for development
Heartbleed etc
round trips (fixed in TLS v1.3)
regnegotiation (fixed in TLS v1.3)
# Seif
The Seif protocol
Messaging
Networking stacks
No negotiation (ECC is secure, for example Bitcoin)
Handshake
# WebSeif
WebCrypto