Secure Channel
19 min readOct 7, 2021
1. Lessons Learned From History
2. Knowns And Unknowns
3. Caveats On Protocols
4. Who Goes There?
5. When You Have A Trusted 3rd Party
Lessons Learned From History
Article on Cryptographic Flaws Exploited has covered several attacks on the secure channels.
Protocol Version:Difference with previous version
[SSL v3.0]:
"""
1. Separation of the transport of data from the message layer. submitted by Netscape as an Internet Draft to the IEFT in 1996
2. converted to TLS v1.0
3. Skipjack (a U.S. government–classified symmetric algorithm that was declassified in 1998), SHA that would be replaced by SHA1, DH for key agreement, and the Key Exchange Algorithm (KEA, another classified algorithm).
4. Use of a full 128 bits of keying material even when using the Export cipher
5. Ability of the client and server to send chains of certificates, thus allowing organizations to use certificate hierarchy which is > 2 certificates deep.
6. Implementing a generalized key exchange protocol, allowing DH and Fortezza key exchanges as well as non-RSA certificates.
7. Allowing for record compression and decompression
8. Ability to fall back to SSL 2.0 when a 2.0 client is encountered
"""[TLS 1.0]:
"""
1. Specify a PRF based on the standard HMAC…