Perfect Forward Secrecy is a property of an encryption system that prevents an attacker from decrypting past recorded sessions even after the private key of the server is leaked.
Problem TLS1.2
Say after few months later server had a buffer overflow problem. This allows attacker to ask for more data to sever. As private key is cached and while returning data to attacker, it might contain private key as well.
Problem TLS1.2
Attacker is listening to the conversation and he records all the encrypted GET request messages and saves it though he don't have private key to decrypt.
Say after few months later server had a buffer overflow problem. This allows attacker to ask for more data to sever. As private key is cached and while returning data to attacker, it might contain private key as well.
Now attacker has private key and he can decrypt and will have symmetric key. With symmetric key he can decrypt all the messages and read the contents.
To solve this problem we use PFS. Diffie Hellman is always PFS. This is used just for key exchange not for encryption.
In case of TLS1.3 symmetric key will be ephemeral. It will be used only for that particular session.
In this case even if private key is leaked nobody can read the message.
Note: In case of TLS1.2 there is 2 round of message exchange but in case of TLS1.3 there is single round of message exchange that is advantage of TLS1.3
Ciphers:
###Weak and insecure ciphers:
TLS_RSA_WITH_RC4_128_SHA
RSA: key exchange algorithm
RC4: symmetric key algorithm
SHA: digital signature algorithm used to sign digital cert.
TLS_DHE_RSA_WITH_AES_256_CBC_SHA
DHE: Deffe hellmen ephemeral
DH used with RSA is weak. Anything with RSA is not PFS
TLS_RSA_WITH_AES_128_CBC_SHA
##Strong ciphers:
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
ECDHE: ellliptic curve Deffe Hellmen Ephemeral
Anything with ECDHE is strong
TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256
TLS_DHE_RSA_WITH_ARIA_128_GCM_SHA256
TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
To check what all ciphers are used/supported by particular web server use:
No comments:
Post a Comment