Add figure for TLS-handshake and reference in text
This commit is contained in:
parent
2516694883
commit
63e04bbaac
58
methods.tex
58
methods.tex
@ -859,23 +859,47 @@ for example.
|
||||
\label{subsec:tls session resumption}
|
||||
|
||||
\gls{TLS} \cite{rescorlaTransportLayerSecurity2018} is widely used today to
|
||||
securely encapsulate communication across the web. For bandwidth savings and
|
||||
better performance, it is possible to cache a \gls{TLS} session to allow reusing
|
||||
an already established secure connection at a later point in time. Versions
|
||||
prior to \gls{TLS} 1.3 used two mechanisms to accomplish this: \gls{TLS} session
|
||||
identifiers and session tickets. Session identifiers are sent by the server
|
||||
along with the initial handshake with the user agent. The identifier is randomly
|
||||
generated and saved by the server so that the current session can be found
|
||||
later. To resume a session, the user agent sends the identifier with the
|
||||
ClientHello message to the server. The server can then match the identifier to
|
||||
the previously initiated session and responds with the same session identifier
|
||||
to signal to the user agent that the session can be resumed. Session tickets are
|
||||
only issued by the server when the client has expressed support for them. They
|
||||
are encrypted and provided by the server after a successful handshake via an
|
||||
out-of-band message. The ticket contains all the necessary information to
|
||||
reestablish a secure connection. When the user agent wishes to resume a
|
||||
connection, the session ticket is sent along with the first ClientHello message
|
||||
and the server can decrypt the ticket and resume the session.
|
||||
securely encapsulate communication across the web. For the secured communication
|
||||
to work, client and server first have to authenticate themselves and then agree
|
||||
on protocol version, cipher suite and compression method. The exchange of this
|
||||
information at the beginning of a connection is called a \emph{handshake}.
|
||||
Figure~\ref{fig:tls-handshake} shows how the initial handshake is performed
|
||||
after which both the client and the server are ready for sending and receiving
|
||||
application data. For bandwidth savings and better performance, it is possible
|
||||
to cache a \gls{TLS} session to allow reusing an already established secure
|
||||
connection at a later point in time. Versions prior to \gls{TLS} 1.3 used two
|
||||
mechanisms to accomplish this: \gls{TLS} session identifiers and session
|
||||
tickets. Session identifiers are sent by the server along with the initial
|
||||
handshake with the user agent. The identifier is randomly generated and saved by
|
||||
the server so that the current session can be found later. To resume a session,
|
||||
the user agent sends the identifier with the \emph{ClientHello} message to the
|
||||
server. The server can then match the identifier to the previously initiated
|
||||
session and responds with the same session identifier to signal to the user
|
||||
agent that the session can be resumed. Session tickets are only issued by the
|
||||
server when the client has expressed support for them. They are encrypted and
|
||||
provided by the server after a successful handshake via an out-of-band message.
|
||||
The ticket contains all the necessary information to reestablish a secure
|
||||
connection. When the user agent wishes to resume a connection, the session
|
||||
ticket is sent along with the first \emph{ClientHello} message and the server
|
||||
can decrypt the ticket and resume the session.
|
||||
|
||||
\begin{figure}
|
||||
\begin{center}
|
||||
\includegraphics[width=0.75\textwidth]{figures/tls-handshake.png}
|
||||
\caption{A \gls{TLS}-handshake between a client and a server. First, the
|
||||
client sends a \emph{ClientHello} message to the server which the
|
||||
server has to answer with a \emph{ServerHello} message or else the
|
||||
connection fails. These two initial messages establish protocol
|
||||
version, session ID, cipher suite and compression method
|
||||
\cite[p.~44]{rescorlaTransportLayerSecurity2008}. The server also
|
||||
checks for a session resumption. If the client sends a session ID
|
||||
with the \emph{ClientHello} message, the server knows that it should
|
||||
resume a previously established connection. The next three messages
|
||||
are used for the key exchange which allows client and server to
|
||||
authenticate themselves.}
|
||||
\label{fig:tls-handshake}
|
||||
\end{center}
|
||||
\end{figure}
|
||||
|
||||
In \gls{TLS} version 1.3 \cite{rescorlaTransportLayerSecurity2018} the session
|
||||
identifiers and tickets have been replaced with a \gls{PSK}. Instead of sending
|
||||
|
||||
@ -1180,9 +1180,19 @@ Impact of CSS-based history detection},
|
||||
note = {Accessed 2020-02-08}
|
||||
}
|
||||
|
||||
@misc{rescorlaTransportLayerSecurity2008,
|
||||
title = {The {{Transport Layer Security}} ({{TLS}}) {{Protocol Version}} 1.2},
|
||||
author = {Rescorla, Eric},
|
||||
year = {2008},
|
||||
month = aug,
|
||||
url = {https://tools.ietf.org/html/rfc5246},
|
||||
urldate = {2020-08-26},
|
||||
note = {Accessed 2020-08-26}
|
||||
}
|
||||
|
||||
@misc{rescorlaTransportLayerSecurity2018,
|
||||
title = {The {{Transport Layer Security}} ({{TLS}}) {{Protocol Version}} 1.3},
|
||||
author = {Rescorla {$<$}ekr@rtfm.com{$>$}, Eric},
|
||||
author = {Rescorla, Eric},
|
||||
year = {2018},
|
||||
month = aug,
|
||||
url = {https://tools.ietf.org/html/rfc8446},
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user