2018-021-TLS 1.3 discussion, Area41 report, wireshark goodness
Published June 20, 2018
|
42 min
    Download
    Add to queue
    Copy URL
    Show notes

    Area41 Zurich report

    Book Club - 4th Tuesday of the month

    https://www.owasp.org/images/d/d3/TLS_v1.3_Overview_OWASP_Final.pdf

     

    https://www.owasp.org/index.php/TLS_Cipher_String_Cheat_Sheet

    TLS_DHE_RSA_AES_256_GCM_SHA256

     

    TLS = Protocol

    DHE = Diffie-Hellman ephemeral (provides Perfect Forward Secrecy)

        Perfect Forward Secrecy = session keys won’t be compromised, even if server private keys are

    Past messages and data cannot be retrieved or decrypted (https://en.wikipedia.org/wiki/Forward_secrecy)

     

    RSA = Digital Signature (authentication)

        There are only 2 (RSA, or ECDSA)

     

    AES_256_GCM - HMAC (hashed message authentication code)

     

    https://www.owasp.org/index.php/TLS_Cipher_String_Cheat_Sheet

    https://en.wikipedia.org/wiki/HMAC#Definition_.28from_RFC_2104.29

     

    https://en.wikipedia.org/wiki/Funicular

     

    https://mozilla.github.io/server-side-tls/ssl-config-generator/?hsts=no

     

    Join our #Slack Channel! Email us at bds.podcast@gmail.com

    or DM us on Twitter @brakesec

    #Spotifyhttps://brakesec.com/spotifyBDS

    #RSShttps://brakesec.com/BrakesecRSS

    #Youtube Channel:  http://www.youtube.com/c/BDSPodcast

    #iTunes Store Link: https://brakesec.com/BDSiTunes

    #Google Play Store: https://brakesec.com/BDS-GooglePlay

    Our main site:  https://brakesec.com/bdswebsite

    #iHeartRadio App:  https://brakesec.com/iHeartBrakesec

    #SoundCloudhttps://brakesec.com/SoundcloudBrakesec

    Comments, Questions, Feedback: bds.podcast@gmail.com

    Support Brakeing Down Security Podcast by using our #Paypalhttps://brakesec.com/PaypalBDS OR our #Patreon

    https://brakesec.com/BDSPatreon

    #Twitter@brakesec @boettcherpwned @bryanbrake @infosystir

    #Player.FM : https://brakesec.com/BDS-PlayerFM

    #Stitcher Network: https://brakesec.com/BrakeSecStitcher

    #TuneIn Radio App: https://brakesec.com/TuneInBrakesec

      15
      15
        0:00:00 / 0:00:00