Understanding TLS v1.3: Enhancing Round-Trip Times and SSL Configuration

Slide Note
Embed
Share

Delve into the intricacies of TLS v1.3 updates, exploring the significance of round-trip times in pre-TLS v1.3, the integration of 0-RTT and 1-RTT in TLS v1.3. Discover key configurations like SSL_CTX_set_max_early_data and SSL_CTX_set_options, as well as the implementation nuances in SSL.

mohammed
mohammed Follow

Uploaded on Jul 29, 2024 | 0 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. Download presentation by click this link. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

E N D

Presentation Transcript

  1. TLS v1.3 0-RTT Support (and some other SSL stuff) Update Fei Deng

  2. Total Round Trip Times (Pre TLS v1.3) 4 phases when a browser access a site for the first time DNS lookup TCP handshake 1 round trip TLS handshake 2 round trips this is where the magic happens in TLS v1.3 0-RTT HTTP 1 round trip New Connection: 4 RTT + DNS Resumed Connection: 3 RTT + DNS

  3. TLS v1.3 1-RTT and 0-RTT 3 RTT + DNS 2 RTT + DNS

  4. Configs and Setup SSL_CTX_set_max_early_data Specifies the maximum amount of early data in bytes that is permitted to be sent on a single connection. Setting to 0 effectively disables 0-RTT. Value is provided by config options proxy.config.ssl.server.max_early_data (records.config). Default value of this setting is 0 (0-RTT is disabled by default). SSL_CTX_set_recv_max_early_data Specifies the maximum amount of received early data in bytes that is skipped. If a client sends more than this then the connection will abort. Removed the config option proxy.config.ssl.server.recv_max_early_data due to the confusions caused by it (setup automatically now). The value used here is set to be the same as proxy.config.ssl.server.max_early_data , if this value is greater than the default 16384. Otherwise the default value is used instead. Default value is 16384.

  5. Configs and Setup (cont.) SSL_CTX_set_options The built-in anti-replay must be disabled in order to use external session cache (per documentation by OpenSSL). Non-blocking ssl_accept() calls confuses built-in anti-replay mechanism, so now we disable the built-in anti-replay for both OpenSSL s internal session cache and ATS implementation of session cache. proxy.config.ssl.server.allow_early_data_params Part of the anti-replay protection mechanism. Set to 1 to allow HTTP parameters on early data requests, 0 to not allow. Default value of this setting is 0.

  6. Implementation (SSL Accept) // replace call to SSL_accept while (1) { ret = SSL_read_early_data(ssl, buf, size, &nread); if (ret == SSL_READ_EARLY_DATA_ERROR) { break; } else { if (nread > 0) { early_data_buf.append(buf); } if (ret == SSL_READ_EARLY_DATA_FINISH) { // ret will most likely be WANT_READ here, which is used // to go to the next stage of processing early data. ret = SSL_accept(ssl); early_data_finish = true; break; } } }

  7. Implementation (SSL Read) // add to ssl read if (early_data_buf.len() > 0) { buf = early_data_buf.copy(); return 0; } if (!early_data_finish) { // read early data // same logic as when we were doing ssl accept // directly read in to read buffer, and don t need to copy to early_data_buf }

  8. Implementation (SSL Write) // add to ssl write if (!SSL_is_init_finished(ssl)) { ret = SSL_write_early_data(ssl, buf, nbytes, &nwrite); } else { ret = SSL_write(ssl, buf, nbytes); }

  9. Replay Attack

  10. Anti Replay Allow tickets once. The call back function set by SSL_CTX_set_tlsext_ticket_key_cb returns 2. Only protects per server (i.e. replays to a different server still works). Ticket freshness check Built into openssl. Only protects per server (i.e. replays to a different server still works). Safe methods only. Only allows GET and HEAD method (requested by Leif). Does NOT allow any parameters in the request.

  11. SSL Session Reuse Plugin Used to be Yahoo proprietary, now open sourced. Shares session information using redis. Tested in production (deployed in a few locations).

  12. Discussion When do we want this? What other changes is needed? Requested: Use sni.yaml for configs. SSL session reuse plugin. Feedback?

Related


Understanding TLS/SSL: Security, Attacks, and TLS 1.3

Understanding TLS/SSL: Security, Attacks, and TLS 1.3

otts_oel
A New Approach to TLS Inspection

A New Approach to TLS Inspection

aviend
Understanding Transport Layer Security (TLS) and Secure Sockets Layer (SSL)

Understanding Transport Layer Security (TLS) and Secure Sockets Layer (SSL)

ambell
Automated Detection of SSL Vulnerabilities in Applications

Automated Detection of SSL Vulnerabilities in Applications

alve_ale
SSL for Local Development: Tools and Techniques

SSL for Local Development: Tools and Techniques

coral
Evolution of TLS Security Profiles and Best Practices

Evolution of TLS Security Profiles and Best Practices

antwine_m
Enhancing Security with Hardware Attestation in TLS

Enhancing Security with Hardware Attestation in TLS

alissa
Exploring DANE, DNSSEC, and TLS in Go6Lab

Exploring DANE, DNSSEC, and TLS in Go6Lab

kasz640
TLS Freight Forwarding Pvt Ltd: Your Business Partner for Complete Logistics & Supply Chain Solutions

TLS Freight Forwarding Pvt Ltd: Your Business Partner for Complete Logistics & Supply Chain Solutions

rayl_9
Enhancing Eduroam Security with New Standards and Practices

Enhancing Eduroam Security with New Standards and Practices

pippa
Self-Supervised Learning of Pretext-Invariant Representations

Self-Supervised Learning of Pretext-Invariant Representations

azami
8th Singapore Junior Biology Olympiad 2023 Pre-registration Briefing Information

8th Singapore Junior Biology Olympiad 2023 Pre-registration Briefing Information

harold
Optimal Round and Sample-Size Complexity for Parallel Sorting Partitioning

Optimal Round and Sample-Size Complexity for Parallel Sorting Partitioning

clay_tor
5G Use Case Proposal for Dublin Ericsson

5G Use Case Proposal for Dublin Ericsson

raina
Network Security Course Overview - INFSCI 1075 by Amir Masoumzadeh

Network Security Course Overview - INFSCI 1075 by Amir Masoumzadeh

caer131
Practical Aspects of Modern Cryptography: November 2016

Practical Aspects of Modern Cryptography: November 2016

stripling_d
Troubleshooting WSL Issues on Inria Windows PC

Troubleshooting WSL Issues on Inria Windows PC

neev_29
Understanding Transport Layer Security (TLS)

Understanding Transport Layer Security (TLS)

amabel
Understanding Urban Trip Distribution Modeling Methods

Understanding Urban Trip Distribution Modeling Methods

flin_sa
Tower Wood Residential Trip Information

Tower Wood Residential Trip Information

massimo
Junior Class Trip to Williamsburg, VA - Class of 2021 Parent Presentation Details

Junior Class Trip to Williamsburg, VA - Class of 2021 Parent Presentation Details

cnews
Modernizing Network Security with nQUIC Noise-Based Packet Protection

Modernizing Network Security with nQUIC Noise-Based Packet Protection

katarina
Enhancing EPS Authorization and Configuration Options in 5G Networks

Enhancing EPS Authorization and Configuration Options in 5G Networks

eliel
Factors Influencing Trip Generation and Analysis Methods

Factors Influencing Trip Generation and Analysis Methods

isaiah

More Related Content