# SSL/TLS Protocols

#### by Andon Gorchov (@thunderman913)

## 1 Fundamentals of Cryptography

Cryptography is a technique of securing information and communications through the use of codes so that only those persons for whom the information is intended can understand and process it. Thus preventing unauthorized access to information. The prefix “crypt” means “hidden” and the suffix “graphy” means “writing”. In Cryptography, the techniques that are used to protect information are obtained from mathematical concepts and a set of rule-based calculations known as algorithms to convert messages in ways that make it hard to decode them. These algorithms are used for cryptographic key generation, digital signing, and verification to protect data privacy, web browsing on the internet and to protect confidential transactions such as credit card and debit card transactions. [1]

It has the following features:
- Confidentiality: The communicated information can only be accessed by the person for whom it is intended and nobody else should be able to access it.
- Integrity: The received information must remain unaltered, accurate and exact.
- Non-repudiation: After sending the message/information, the sender cannot revert it later on. That provides evidence of the communication and is crucial for situations, where accountability and legal disputes arise.
- Authentication: This is a mechanism used to verify the identity of the user, system or entity.
- Interoperability: It allows for secure communication between different systems and platforms.
- Adaptability: Cryptography must continuously evolve and improve to stay ahead of any possible security threats, since one security breach could be fatal.

### 1.1 Encryption Types

- **Symmetric Encryption**
![image info](./pictures/image.png)

- **Asymmetric Encryption**
  - **Description, usage, and examples of algorithms**: Uses a pair of keys (public and private) for encryption and decryption. Common algorithms include RSA and ECC.
  - **Mathematical foundations**: Based on complex problems like modular arithmetic and discrete logarits.

### 1.2 Key Concepts in Cryptography

- **Key Exchange Mechanisms**
  - **Examples and Concepts**: Diffie-Hellman, ECDHE; these mechanisms are critical for secure communications and have specific security properties.

- **Cryptographic Hash Functions**
  - **Usage**: Essential for ensuring data integrity.
  - **Common algorithms**: Includes SHA-256, SHA-3, among others, known for their robustness and security.

- **Digital Signatures**
  - **Mechanisms for authentication and integrity**: Provides a means to verify the authenticity of digital messages or documents.
  - **Algorithm examples and their operational mechanisms**: Detailed look into how these algorithms function and are applied in rea3-world scenarios.

### 1.3 Principles of Secure Communications

### 1.3.1 Cryptographic Protocols and Their Uses

- **Overview**: Protocols such as TLS utilize the cryptographic tools described above to secure communications across networks.
- **Real-world applications**: Necessity for secure communications is paramount in applications such as web browsing, secure file transfers, and email.

### 1.3.2 Public Key Infrastructure (PKI)

- **Role and structure**: Manages digital certificates and encryption keys to provide secure communications.
- **Certificate Authorities (CA)**: Issues and manages security credentials and public keys for digital certificates.



# 2. SSL/TLS Protocol Analysis

## 2.1 Overview of the SSL/TLS Protocol

### 2.1.1 Protocol Structure and Layers

- **Breakdown**: Detailed overview of the SSL/TLS protocol stack.
- **Function and purpose of each layer**: Includes the Record Protocol, Handshake Protocol, among others.


### 2.1.2 The SSL/TLS Handshake

- **Detailed analysis of the handshake phases**:
  - **ClientHello, ServerHello**: Initial communication stages where parameters are negotiated.
  - **Server certificate and key exchange**: Server provides its certificate and optionally a key exchange method.
  - **Client key exchange**: Client responds with its key exchange data.
  - **Certificate verification**: Authentication of the server's certificate.
  - **Completion of the handshake**: Change Cipher Spec and Finished messages finalize the secure connection setup.

### 2.1.3 Session Establishment and Data Transmission

- **Establishing a secure connection**: Process of using negotiated keys for a secure communication session.
- **Symmetric key encryption for data transfer**: Mechanism to encrypt and decrypt messages using symmetric keys.

## 2.2 Certificate Authorities and Trust Models


### 2.2.1 Role of Certificate Authorities (CAs)
- **Contribution to security in SSL/TLS**: How CAs underpin the trust model by issuing and managing digital certificates.


### 2.2.2 Mathematical Models of Trust

- **Algorithms used for verifying certificate authenticity**: Examination of the algorithms that ensure a certificate is valid and trustworthy.
- **Analysis of trust models in digital communications**: Discuss how trust is established and maintained in cryptographic protocols.


# Bibliography


1. https://www.geeksforgeeks.org/cryptography-and-its-types/
2. https://en.wikipedia.org/wiki/Symmetric-key_algorithm