跳到内容
折叠侧栏
WHY42
搜索
登录
个人工具
登录
规范/协议
协议
算法
JVM
多线程/并发
存储
AI
深度学习
工具箱
最近更改
文章分类
全部文章
工具
链入页面
相关更改
特殊页面
页面信息
欢迎来到Riguz的小站!这是一个私人wiki,用来记录一些我的笔记。
查看“TLS”的源代码
页面
讨论
大陆简体
阅读
查看源代码
查看历史
更多
阅读
查看源代码
查看历史
←
TLS
因为以下原因,您没有权限编辑本页:
您请求的操作仅限属于该用户组的用户执行:
用户
您可以查看和复制此页面的源代码。
Transport Layer Security (TLS) is a cryptographic protocol designed to provide communications security over a computer network. The protocol is widely used in applications such as email, instant messaging, and voice over IP, but its use in securing HTTPS remains the most publicly visible. * SSL 3.0 1996 Deprecated in 2015 (RFC 7568) * TLS 1.2 2008 In use since 2008 * TLS 1.3 2018 In use since 2018 = TLS 1.3 = TLS 1.3 is the latest version of the TLS protocol. TLS, which is used by HTTPS and other network protocols for encryption, is the modern version of SSL. TLS 1.3 dropped support for older, less secure cryptographic features, and it sped up TLS handshakes, among other improvements. TLS 1.3 was defined in RFC 8446 in August 2018. It is based on the earlier TLS 1.2 specification. Major differences from TLS 1.2 include: In a nutshell, TLS 1.3 is faster and more secure than TLS 1.2. One of the changes that makes TLS 1.3 faster is an update to the way a TLS handshake works: TLS handshakes in TLS 1.3 only require one round trip (or back-and-forth communication) instead of two, shortening the process by a few milliseconds. And in cases when the client has connected to a website before, the TLS handshake will have zero round trips. This makes HTTPS connections faster, cutting down latency and improving the overall user experience<ref>https://www.cloudflare.com/learning/ssl/why-use-tls-1.3/</ref>. Many of the major vulnerabilities in TLS 1.2 had to do with older cryptographic algorithms that were still supported. TLS 1.3 drops support for these vulnerable cryptographic algorithms, and as a result it is less vulnerable to cyber attacks. = Overview= Internally, TLS is a layered protocol: <syntaxhighlight lang="bash"> +-------------+------------+--------------+---------+ Content | | | Application | | Layer | Handshake | Alerts | Data | ... | | | | | | +-------------+------------+--------------+---------+ Record | | Layer | Records | | | +---------------------------------------------------+ </syntaxhighlight> Each content-layer message (e.g., handshake, alerts, and application data) is carried as a series of typed TLS records by the record layer. Records are individually cryptographically protected and then transmitted over a reliable transport (typically TCP), which provides sequencing and guaranteed delivery. TLS supports both pre-shared key (PSK) and Diffie-Hellman over either finite fields or elliptic curves ((EC)DHE) key exchanges. PSK is the basis for Early Data (0-RTT); the latter provides forward secrecy (FS) when the (EC)DHE keys are destroyed. TLS provides two basic handshake modes of interest to QUIC: * A full <syntaxhighlight lang="bash" inline>1-RTT</syntaxhighlight> handshake, in which the client is able to send application data after one round trip and the server immediately responds after receiving the first handshake message from the client. * A <syntaxhighlight lang="bash" inline>0-RTT</syntaxhighlight> handshake, in which the client uses information it has previously learned about the server to send application data immediately. This application data can be replayed by an attacker, so 0-RTT is not suitable for carrying instructions that might initiate any action that could cause unwanted effects if replayed. == 1-RTT == == 0-RTT == <syntaxhighlight lang="bash"> Client Server ClientHello (0-RTT Application Data) --------> ServerHello {EncryptedExtensions} {Finished} <-------- [Application Data] {Finished} --------> [Application Data] <-------> [Application Data] () Indicates messages protected by Early Data (0-RTT) Keys {} Indicates messages protected using Handshake Keys [] Indicates messages protected using Application Data (1-RTT) Keys </syntaxhighlight> == Handshake == [[Image:tls1.3-handshake.webp|600px]]<ref>https://www.a10networks.com/glossary/key-differences-between-tls-1-2-and-tls-1-3/</ref> == Key exchange == It recommends support for [[X25519]], Ed25519, X448, and Ed448 algorithms.<ref>[https://datatracker.ietf.org/doc/html/rfc8446 RFC8446 - The Transport Layer Security (TLS) Protocol Version 1.3]</ref> [[Category:Network]] [[Category:Protocol]] [[Category:RFC]] [[Category:TCP/IP]]
返回
TLS
。