HTTPS and beyond

http://en.wikipedia.org
https://en.wikipedia.org

Alice

Mallory

Bob

S S
S(“Hi, Bob”) “Hi, Bob”
ciphertext S(ciphertext)
Symmetric encryption

Carol

PAlice, RAlice

 

PCarol, RCarol

PCarol(“Hi Carol, it's Alice”) “Hi Carol, it's Alice”
ciphertext RCarol(ciphertext)
Asymmetric encryption

Alice

Mallory

Carol

RAlice ⨉ PCarol RCarol ⨉ PAlice
S S
timetable.pdf S(timetable.pdf)
Key agreement

R(P(x)) = x

P(R(x)) = x

RBob(“Alice is PAlice) → certificate

PBob(certificate) → “Alice is PAlice

 

Certification
 
HTTP
TCP
IP
The HTTP stack
HTTP
TLS/SSL
TCP
IP
The HTTPS stack

Client

 

Server

PC, RC PC
PS PS, RS
RC ⨉ PS = S RS ⨉ PC = S
C S(C)
  • RIdenTrust(“PLet's Encrypt is an authority”)
  • RLet's Encrypt(“Pserver.com is server.com”)
  • Rserver.com(PS)
TLS v1.3 handshake

Problems

No client authentication
Certificate authorities
ECDHE-RSA-AES256-GCM-SHA384 ECDHE-ECDSA-AES256-GCM-SHA384 ECDHE-RSA-AES256-SHA384 ECDHE-ECDSA-AES256-SHA384 ECDHE-RSA-AES256-SHA ECDHE-ECDSA-AES256-SHA DHE-RSA-AES256-GCM-SHA384 DHE-RSA-AES256-SHA256 DHE-RSA-AES256-SHA ECDHE-ECDSA-CHACHA20-POLY1305 ECDHE-RSA-CHACHA20-POLY1305 DHE-RSA-CHACHA20-POLY1305 GOST2012256-GOST89-GOST89 DHE-RSA-CAMELLIA256-SHA256 DHE-RSA-CAMELLIA256-SHA GOST2001-GOST89-GOST89 AES256-GCM-SHA384 AES256-SHA256 AES256-SHA CAMELLIA256-SHA256 CAMELLIA256-SHA ECDHE-RSA-AES128-GCM-SHA256 ECDHE-ECDSA-AES128-GCM-SHA256 ECDHE-RSA-AES128-SHA256 ECDHE-ECDSA-AES128-SHA256 ECDHE-RSA-AES128-SHA ECDHE-ECDSA-AES128-SHA DHE-RSA-AES128-GCM-SHA256 DHE-RSA-AES128-SHA256 DHE-RSA-AES128-SHA DHE-RSA-CAMELLIA128-SHA256 DHE-RSA-CAMELLIA128-SHA AES128-GCM-SHA256 AES128-SHA256 AES128-SHA CAMELLIA128-SHA256 CAMELLIA128-SHA ECDHE-RSA-RC4-SHA ECDHE-ECDSA-RC4-SHA RC4-SHA RC4-MD5 ECDHE-RSA-DES-CBC3-SHA ECDHE-ECDSA-DES-CBC3-SHA EDH-RSA-DES-CBC3-SHA DES-CBC3-SHA
Available ciphers in TLS v1.2
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;

 

Configuring a web server to support TLS v1.2
Browser support for TLS v1.3, by usage
ssl_protocols TLSv1.3;

 

A safer configuration

Beyond

The Seif Protocol

Aashish Sheshadri, Rohit Harchandani and Douglas Crockford
PayPal 2016

{
    action: "store_image",
    filename: "cute_puppy.png",
    contents: <Blob 0010101110101...>
}
A Seif message
            
PUT /images/cute_puppy.png HTTP/1.1
Accept: text/html,application/xhtml+xml,application/
    xml;q=0.9,image/avif,image/webp,image/apng,*/*;q
    =0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-AU,en;q=0.9,en-NZ;q=0.8,la;q=0.7
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/naww
Cookie: server=2022-08-05T09:35:20.537Z;
    secret=LEGIT; sid=Fe26.2**X90efJ4G*9Hfd5R6c9b8aX
    lq08kefyKa5c8b60d1l5Ip4228IjTj3485Q8bE84wQ6D2IkN
    CY2of*045HNKMA5iaVofJFddY-K4ya13SgZdgSaLSj700vdE
    OrUw*Gd0pUgaDuEJoceXDbEF0Ihh9HZIF0E-j2vAwrL4AVEl
    qbJ51g0Bgk1HQLe64PLoic_6vb5vEtgnBu_cxyC5e6fuMnzj
    1_-9UR3U0s5NvZ9D2248Y7GIW4Pw-73bvw3fF-5v1Fc3edJd
    oFpP541zg*TM8O99FD5c1JL16F72f8hg7eaWnWRej6EWuGJD
    6ys0G-9-bP3cddzr716uJ7cervlU1y38e*afS2rfEOufwdb1
    F7p92bYfr32Vc0adp1072e2btUIbK37H78z8qb7Pee2XBX9v
    eB4Oa9VuOGF00o4FUhm7PU4F609reQ9b18JA94D3g8kc097w
Host: imagebucket.com
Pragma: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 1
    0_15_7) AppleWebKit/537.36 (KHTML, like Gecko) C
    hrome/106.0.0.0 Safari/537.36
            
        
HTTP headers
WebSockets
HTTP
TLS
TCP
IP
 
 
Seif
TCP
IP
HTTPS vs. Seif

ECC-521 and AES-256-GCM

No negotiation

PAlice, RAlice

 

PBob, RBob

H
PBob(H), H(PAlice) H, PAlice
S
S H(PAlice(S))
The Seif handshake

WebSeif

Email me at james@diacono.com.au
My website is https://james.diacono.com.au
Creations at github.com/jamesdiacono