Chapter 16 Secure Sockets SSL and TLS

16.1 Background

In this section we discuss the TLS security protocol in detail. We will go through the protocol in detail we also use wireshark to look at sample TLS session. For additonal details on TLS you can read the TLS formal specification https://tools.ietf.org/html/rfc5246#section-8.1.2.

16.1.1 Key Exchange.

16.1.2 How are keys derived from the Pre-Master Secret.

The length of the pre-master secret varies depending on type of key exchange algorithm that is used. However, to ensure that the message is both authentic and confidential a fix length messsage autheication code key and fix length messsage encryption key. We need these keys for both the client and server. TLS solves issue by deriving the fix length master secret from a variable lenght pre-master secret.


master_secret = PRF(pre_master_secret, "master secret",
                    ClientHello.random + ServerHello.random)
                    [0..47];
                    

The code below shows a sample python program that implements the PRF function above:

This master_secret key is the cutup into 4 keys:

client_write_MAC_key[SecurityParameters.mac_key_length] server_write_MAC_key[SecurityParameters.mac_key_length] client_write_key[SecurityParameters.enc_key_length] server_write_key[SecurityParameters.enc_key_length]


PRF(secret, label, seed) = P_<hash>(secret, label + seed)


P_hash(secret, seed) = HMAC_hash(secret, A(1) + seed) +
                             HMAC_hash(secret, A(2) + seed) +
                             HMAC_hash(secret, A(3) + seed) + ...

   where + indicates concatenation.
A() is defined as:

      A(0) = seed
      A(i) = HMAC_hash(secret, A(i-1))

HMAC = Hash-based Message Authentication Code.


def PRF(secret, label, seed)
  requireLength = 48
  masterkey = ''
  secSeed = label + seed
  while(len(masterkey) <- 48):
    secSeed = hmac.new(secret,secSeed).hexdigest()
    masterkey += secSeed

  return masterkey

16.2 Writing a SSL Client

import socket 
import ssl 

hostname = 'www.python.org'
context = ssl.create_default_context() 
sock = socket.create_connection((hostname, 443))  
secureSocket = context.wrap_socket(sock, server_hostname=hostname) 
print(secureSocket.recvfrom(1024))

16.3 Writing an SSL server


context = ssl.SSLContext(ssl.PROTOCOL_TLS_SERVER)
context.load_cert_chain('/path/to/certchain.pem', '/path/to/private.key') 
sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM, 0) 
sock.bind(('127.0.0.1', 8443)) 
sock.listen(1) 
secureSocket= context.wrap_socket(sock, server_side=True)
conn, addr = ssock.accept()

16.4 Challenge

Now that you have we discussed TLS you can try running SMTP spoof over a TLS connection.