tls

페이지 정보

profile_image
작성자파워블로거냥 조회 11회 작성일 2021-08-11 15:13:33 댓글 0

본문

Transport Layer Security (TLS) - Computerphile

It's absolutely everywhere, but what is TLS and where did it come from? Dr Mike Pound explains the background behind this ubiquitous Internet security protocol.

Heartbleed, Running the Code: https://www.youtube.com/watch?v=1dOCHwf8zVQ
Secure Web Browsing: https://www.youtube.com/watch?v=E_wX40fQwEA
Network Stacks \u0026 The Internet: https://www.youtube.com/watch?v=PG9oKZdFb7w\u0026t=2s

https://www.facebook.com/computerphile\r
https://twitter.com/computer_phile\r
\r
This video was filmed and edited by Sean Riley.\r
\r
Computer Science at the University of Nottingham: https://bit.ly/nottscomputer\r
\r
Computerphile is a sister project to Brady Haran's Numberphile. More at http://www.bradyharan.com

SSL, TLS, HTTP, HTTPS Explained

HTTPS vs HTTP vs SSL / TLS. This video explains the difference between these protocols. It also explains how SSL works and what is an SSL certificate.
#SSL #HTTPS

SSL certificates, domain names, or build a website and save up to 30%
►►http://Trygodaddy.com/powercert
(affiliate)

Transport Layer Security, TLS 1.2 and 1.3 (Explained by Example)

TLS which stands for transport layer security is a protocol for securing communication between client and server. Specifically for HTTPS. Thats what the S is stands for.

In this video, we will learnq how insecure vanilla HTTP works, HTTPS, then we will learn how HTTPS is possible via the transport layer security and finally we will talk about the improvements in 1.3 that was published August 2018.


Chapters
0:00 Intro
1:30 Vanilla HTTP
5:00 HTTPS
8:35 TLS 1.2
14:30 Diffie–Hellman
17:55 TLS 1.3


Vanilla HTTP
HTTPS
TLS 1.2 handshake
TLS 1.3 enhancements


Vanilla HTTP
Before we discuss TLS, HTTPS or anything else lets go through how HTTP request work. You can type in the browser www.husseinnasser.com , the OSI magic kicks in, client figures out the IP address of husseinnasser.com by calling the DNS which uses UDP. Then HTTP application layer makes a GET / request passes in the IP address and port 80 (default for insecure http). This creates an underlying TCP connection. GET / string among other stuff into the packet and send it over. TCP does its thing server receives GET / calls the appropriate process at the backend which could be just return index.html sets content type text/html and sends back big response for client. All of this obviously is plain text no encryption any kind and if you watched the OSI video we made you can tell that people can sniff/snoop packets and get packets they aren’t supposed to get


HTTPS
Works by negotiating a symmetric key so they can both secure messages. Watch the video we did on encryption. Before we jump to GET request there must be a handshake that must occur between the client and server. The tricky part is exchanging that key. Same thing as above except port is 443 instead of 80. Remember once we lose the TCP connection we will have to renegotiate the key. But beauty of this is HTTP is stateless so it remains working just fine.


Tls handshake
The original TLS handshake involves 4 roundtrips. A client hello which the client includes which encryption algorithms it supports (Both symmteric and asymmetric). The server receives the request then replies back with the server certificate which includes the server public key and also the encryptions that they will change to. The client receives the server hello, generates the premaster key, encrypts it with the server’s public key then send it over. The Server decrypts the message, gets the premaster generates the symmetric key finally tells the client that we are good to go.


Tls 1.3
TLS 1.3 involves much shorter and much secure communication using only deffie hellman as key exchange and just two round trips.


More Resources
https://www.cloudflare.com/learning-resources/tls-1-3/
https://blog.cloudflare.com/rfc-8446-aka-tls-1-3/


Software Architecture Videos
https://www.youtube.com/playlist?list=PLQnljOFTspQXNP6mQchJVP3S-3oKGEuw9

Database Engineering Videos
https://www.youtube.com/playlist?list=PLQnljOFTspQXjD0HOzN7P2tgzu7scWpl2

Network Engineering Videos
https://www.youtube.com/playlist?list=PLQnljOFTspQUBSgBXilKhRMJ1ACqr7pTr

Load Balancing and Proxies Videos
https://www.youtube.com/playlist?list=PLQnljOFTspQVMeBmWI2AhxULWEeo7AaMC

Postgres Videos
https://www.youtube.com/playlist?list=PLQnljOFTspQWGrOqslniFlRcwxyY94cjj

Programming Pattern Videos
https://www.youtube.com/playlist?list=PLQnljOFTspQV1emqxKbcP5esAf4zpqWpe

Web Security Videos
https://www.youtube.com/playlist?list=PLQnljOFTspQU3YDMRSMvzflh_qXoz9zfv

HTTP Videos
https://www.youtube.com/playlist?list=PLQnljOFTspQU6zO0drAYHFtkkyfNJw1IO


Python Videos
https://www.youtube.com/playlist?list=PLQnljOFTspQU_M83ARz8mDdr4LThzkBKX

Javascript Videos
https://www.youtube.com/playlist?list=PLQnljOFTspQWab0g3W6ZaDM6_Buh20EWM


Stay Awesome!
Hussein

... 

댓글목록

등록된 댓글이 없습니다.

전체 1,619건 4 페이지
게시물 검색
Copyright © www.victorianbelvidere.com. All rights reserved.  Contact : help@oxmail.xyz