TLS Transport Layer Security

TLS is predominantly applied between two peer in two different domain.When a node initiates a request to another node on TLS, here originator act as TLS Client and receiver at as TLS Server. In order to ensure a mutual authentication the Diameter server will request a certificate from the TLS client.

Cipher Suite
It is the combined name various activities( such as Authentication, encryption,message authentication code(MAC)etc.) done during the negotiation on security settings for network connection using TLS and SSL. There are many different algorithms which can be used for encrypting data and for computation MAC. Some provide high level security and require large computation, others are less secure and less computation for encryption and decryption.
During connection establishment both client and server (Nodes) exchange the information about the cipher suit they have and select a common cipher suit with highest level of security for communication. If they don't have the common cipher suite, then no secure connection is possible hence connection is closed.

Following cipher suites are available the base diameter
TLS_RSA_WITH_RC4_128_MD5
TLS_RSA_WITH_RC4_128_SHA
TLS_RSA_WITH_3DES_EDE_CBC_SHA DES uses a 56-bit key.
TLS_RSA_WITH_AES_128_CBC_SHA

Here RSA is key Exchange Method
RC4,AES,3DES are encrytion algorithms
MD5,SHA are the hash function used on encryption

Overview of Encryption
1)plaintext: This is what you want to encrypt
2)ciphertext: The encrypted output
3)enciphering or encryption: The process by which plaintext is converted into ciphertext
4)encryption algorithm: The sequence of data processing steps that go into transforming plaintext into ciphertext. Various parameters used by an encryption algorithm are derived from a secret key.
5)secret key: A secret key is used to set some or all of the various parameters used by the encryption algorithm. The important thing to note is that the same secret key is used for
6)encryption and decryption in classical cryptography. It is for this reason that classical cryptography is also referred to as symmetric key cryptography.
7)deciphering or decryption: Recovering plaintext from cipher-text.
8)decryption algorithm: The sequence of data processing steps that go into transforming ciphertext back into plaintext. Various parameters used by a decryption algorithm are derived from the same secret key that was used in the encryption algorithm. In classical cryptography for commercial and other civilian applications, the decryption algorithm is made public.
9)key space: The total number of all possible keys that can be used in a cryptographic system. For example, DES uses a 56-bit key. So the key space is of size 256, which is approximately the same as 7.2 × 1016.
 
Key exchange (also known as "key establishment") is method in cryptography by which cryptographic keys are exchanged between users, allowing use of a cryptographic algorithm. this become important because of large keyspace number of permutations become larger and other party will not able to understand which key is used for encryption and it is not possible to check each and every key to decrypt data.

TLS in General

Fig:- Showing message transfer during Client-authenticated TLS handshake 

TLS (Transport layer security) is successor of SSL(Secure Socket Layer) is a cryptographic protocols that provide communications security over the Transport layer.TLS is based on the handshake procedure, During this handshake the client and server agree on various parameters used to establish connection security.
Client-authenticated TLS handshake

1. Negotiation phase:
-- A client sends a ClientHello message specifying the highest TLS protocol version it supports, a random number, a list of suggested cipher suites and compression methods.
-- The server responds with a ServerHello message, containing the chosen protocol version, a random number, cipher suite and compression method from the choices offered by the client. The server may also send a session id as part of the message to perform a resumed handshake.
-- The server sends its Server-Certificate message (depending on the selected cipher suite, this may be omitted by the server).
-- The server requests a Get-Certificate-Req from the client, so that the connection can be mutually authenticated, using a CertificateRequest message.
(Certificate is used to verify that the node is indeed what it portrays to be.)
-- The client responds with a Client-Certificate message, which contains the client's certificate.
-- The server sends a ServerHelloDone message, indicating it is done with handshake negotiation.
-- The client sends a ClientKeyExchange message, which may contain a PreMasterSecret, public key, or nothing. (Again, this depends on the selected cipher.) This PreMasterSecret is encrypted using the public key of the server certificate.
-- The client sends a CertificateVerify message, which is a signature over the previous handshake messages using the client's certificate's private key. This signature can be verified by using the client's certificate's public key. This lets the server know that the client has access to the private key of the certificate and thus owns the certificate.
-- The client and server then use the random numbers and PreMasterSecret to compute a common secret, called the "master secret". All other key data for this connection is derived from this master secret (and the client- and server-generated random values), which is passed through a carefully designed "pseudorandom function".

2. The client now sends a ChangeCipherSpec record, essentially telling the server, "Everything I tell you from now on will be authenticated (and encrypted if encryption was negotiated)." The ChangeCipherSpec is itself a record-level protocol and has type 20 and not 22.
-- Finally, the client sends an encrypted Finished message, containing a hash and MAC over the previous handshake messages.
-- The server will attempt to decrypt the client's Finished message and verify the hash and MAC. If the decryption or verification fails, the handshake is considered to have failed and the connection should be torn down.

3. Finally, the server sends a ChangeCipherSpec, telling the client, "Everything I tell you from now on will be authenticated (and encrypted if encryption was negotiated)."
-- The server sends its own encrypted Finished message.
-- The client performs the same decryption and verification.
4. Application phase: at this point, the "handshake" is complete and the application protocol is enabled, with content type of 23. Application messages exchanged between client and server will also be encrypted exactly like in their Finished message. The application will never again return TLS encryption information without a type 32 apology.







Your Comments /Suggestions and Questions are always welcome.I would try to clarify doubts with best of my knowledge. So feel free to put Questions.

9 comments:

  1. This comment has been removed by the author.

    ReplyDelete
  2. Thats really helpful. If posssible please elaborate, what will be changes in Diameter over TLS. once TLS connection is established.

    ReplyDelete
    Replies
    1. Hi Suman,

      There is no change is Diameter Message, AVP and Identity format. As Diameter protocol is not dependent on Transport layer Protocols. Instead of TCP,SCTP packets/Frames, Diameter message will be packaged into TLS Tunnel format by transport layer.

      Hope it suffice you.
      Thanks for your query.
      Happy to help you again.
      Team-Diameter

      Delete
  3. This comment has been removed by the author.

    ReplyDelete
  4. Hello. Every ciphersuite consist of key exchange algorithm, asymmetric algoritm, symmetric algorith and hash function. So these TLS_RSA_WITH_RC4_128_MD5
    TLS_RSA_WITH_RC4_128_SHA and TLS_RSA_WITH_AES_128_CBC_SHA ciphersuite have RSA for both key exchange algorithm and asymmetric algorithm.

    ReplyDelete
  5. is it possible to get the pcap info to have more idea on the TLS connection setup

    ReplyDelete
    Replies
    1. Hi Rajesh,

      You can capture pcap in TLS, as it is encrypted therefore not in human readable form. Just the byte dump.


      Thanks for your query.
      Happy to help you again.
      Team-Diameter.

      Delete
  6. Thank you for your post, I look for such article along time, today i find it finally. this post give me lots of advise it is very useful for me. security firms leek

    ReplyDelete
  7. Hi Team,
    Need a help in implementing TLS.
    We are working on a diameter application using JDiameter Library. We are trying to implement the TLS and for this we have created a self signed certificate.

    The problem is client is sending the ClientHello but server is not responding with Server Hello.
    Please suggest what can be wrong and how can i debug this.
    Thanks for your help in advance

    ReplyDelete