An overview of secure usage of TLS

Here is a brief overview which describes how TLS can be used for establishing a secure TLS connection. First, we briefly discuss what SSL/TLS protocols are. Next, we’ll talk about secure TLS protocol versions and parameters. Finally, we’ll describe how TLS can be parametrized securely.

What is SSL/TLS?

SSL stands for Secure Sockets Layer, and TLS stands for Transport Layer Security.

  • Authentication of server (and client if required) by using using public-key cryptography
  • Data integrity by using MAC (message authentication code)
  • authenticate both server and client if necessary
  • securely exchange cryptographic keys

What SSL/TLS versions do we have?

At the moment of writing this post, there are several main SSL/TLS versions:

  • TLS 1.0
  • TLS 1.1
  • TLS 1.2
  • Draft of TLS 1.3 which is proposed as the next version of TLS protocol

Which TLS versions should be used for a secure connection?

At the moment of writing this post, only TLS 1.2 protocol is considered secure. TLS 1.3 is the next TLS version, and should be considered secure once the protocol specification is approved (unless someone finds a critical vulnerability in the protocol right away after publishing :) Other SSL/TLS versions are considered less secure due to various vulnerabilities and weaknesses in the protocols. For example, discovering the POODLE attack resulted to prohibiting SSL 3.0.

  • Lower protocol versions should be disabled to prevent protocol downgrade attacks
  • Insecure modes and features such as renegotiation and compression should be disabled
  • Server and client should use latest version of TLS libraries which contain security patches for discovered vulnerabilities in TLS implementations like Heartbleed

What parameters should be used for a secure TLS connection?

Client and server can use different parameters to establish a TLS connection such as cipher suites, keys lengths, initial parameters for Diffie-Hellman key exchange algorithm.

  • uses an AEAD cipher such as AES in GCM mode
  • uses strong hash functions such as SHA-256
  • provides forward secrecy by using ephemeral Diffie-Hellman key exchange (EDH and ECDHE) with strong initial parameters
  1. ECDHE-RSA-AES128-GCM-SHA256
  2. DHE-RSA-AES256-GCM-SHA384
  3. DHE-RSA-AES128-GCM-SHA256
  • hostname validation
  • certificate expiration
  • revocation status
  • the chain ends with a trusted certificate

I write about Java, security, electronics and DIY

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store