TLS

Question 1

High level goals of TLS

Answer 1

entity authentication, integrity, confidentiality

Question 2

Secondary goals of TLS

Answer 2

Efficiency, flexbility, self-negotiation, protection of negotiation

Question 3

When is it best to rekey

Answer 3

After 2^(24.5) records

Question 4

How did TLS facilitate 1-RTT

Answer 4

Feature reduction, it always does ECDHE in a shortlist of groups

Question 5

What were the goals of TLS 1.3?

Answer 5

Clean up, improve latency, improve privacy (hide as much as possible from the handshake), continuity, security assurance

Question 6

How does TLS protect against replay attacks?

Answer 6

Per record seq number

Question 7

How does TLS1.3 provide confodentiality and integrity

Answer 7

Encryption and MAC via AEAD scheme.

Question 8

Does TLS 1.3 prevent reflection attacks?

Answer 8

Yes, there is key seperation

Question 9

List the 5 ciphers in TLS 1.3

Answer 9

AES 128 GCM
256 GCM
128 CCM
256 CCM
ChachaPoly130..
All with sha256, except 256Gcm with sha384

Question 10

What are possible attacks on TLS 1.3

Answer 10

Application layer confusion: record end is not APDU end
Truncation attack
Timing attacks on padding scheme

Question 11

TLS PROTOCOL

Question 12

How can attacker snoop on all traffic in TLS 1.3

Answer 12

If cliwnt uses predictable PRNG, can predict private DH values and snoop.

Question 13

How can you encrypt the client hello in TLS 1.3

Answer 13

Provide a public cert using DNS.

Question 14

Is a Nonce leak bad in TLS?

Answer 14

As long as the nonce is not reused with the same key, it is fine. Keys are newly generated, so should not happen.