Week 6 - TLS

Question 1

Where does TLS run?

Answer 1

Between the application and transport layer of the internet protocol stack

Question 2

What does TLS make transparent to the application layer and what does this mean?

Answer 2

Makes encryption transparent to the application layer. This means the code we write can have the transport layer do the encryption for us.

Question 3

How does TLS work?

Answer 3

C > S: client nonce
S > C: server nonce, certificate
C > S: Encrypted with server’s public key from certificate(Generated seed), {Hash1}Key-cs
S > C: {Hash2}Key-cs

Hashes are made up from all previous messages then encrypted for integrity
Key-cs is a session key based on the client’s nonce, server’s nonce and the generated seed

Question 4

What is TLS-DHE? And what is the different between TLS and TLS-DHE?

Answer 4

A variant of TLS that uses diffe-hellman for forward-secrecy. Instead of the client generating a seed, diffe-hellman is used. So the session key is based on the client’s nonce, server’s nonce and the generated key.

Question 5

What is foward-secrecy?

Answer 5

If someone gets a server’s private key later, they can’t go back and break a recording of the traffic.