TLS 1.3とその周辺の標準化動向

5-4ͱͦͷपลͷඪ४Խಈ޲ Ԟ Ұึ ೥݄

• $%/اۀʮ'BTUMZʯͷϓϩάϥϚ • )551࣮૷ʮ)0ʯͷओ։ൃऀ – QJDPUMT 5-4 RVJDMZ 26*$
΋ • ࠷ۙॳΊͯͷ3'$͕ग़·ͨ͠ – 3'$ r &BSMZ)JOUTGPS)551 ࣗݾ঺հ

• 5-4 – 6TJOH&BSMZ%BUBJO)551 – 0TTJGJDBUJPO • %5-4
• &YQPSUFE"VUIFOUJDBUPST – 4FDPOEBSZ $FSUJGJDBUFTGPS)551 • $FSUJGJDBUF$PNQSFTTJPO • 4/*&ODSZQUJPO "HFOEB

5-4 &BSMZ%BUB 0TTJGJDBUJPO

• ࣮࣭ 5-4 • ESBGU • 4VCNJUUFEUP*&4(GPS1VCMJDBUJPO 5-4

• ϋϯυγΣΠΫͷ࠶ઃܭ – ʙ355Ͱͷ઀ଓཱ֬ – ҉߸Խ – 'PSXBSE4FDSFDZ લํൿಗੑ
• τϥοΩϯά཈ࢭ – 1FSWBTJWF.POJUPSJOHJTBO"UUBDL #$1 – ϫϯΦϑͷηογϣϯνέοτ – ূ໌ॻͷ҉߸Խ • "&"%લఏͷϨίʔυϨΠϠ 5-4ͷಛ௃

Copyright (C) 2016 DeNA Co.,Ltd. All Rights Reserved. 3,2 lu
3,2 T 133 O K ClientHello ServerHello Cer@ﬁcate Cer@ﬁcateVerify Finished Client Server Applica@on Data _ Session Ticket(s) Finished

3,2 T 133 O K ClientHello ServerHello EncryptedExtensions Cer@ﬁcate Cer@ﬁcateVerify Finished Finished Client Server (EC)DH + d (EC)DH d d d MAC MAC MAC Applica@on Data Session Ticket(s) (EC)DH _

ϋϯυγΣΠΫͷߟ͑ํ • 5-4 – ύϥϝʔλަ׵ͷޙʹެ։ݤɾূ໌ॻΛަ׵ • 5-4 –
͍͖ͳΓެ։ݤަ׵ • ಉ࣌ʹύϥϝʔλަ׵ • ެ։ݤͷํ͕ࣜҟͳΔ৔߹͸ϦτϥΠ – ݤަ׵͕ऴΘͬͨΒ҉߸Խ • ͦͷޙʹূ໌ॻަ׵

• ಛघͳ4FSWFS)FMMP – SBOEPNϑΟʔϧυͷϚδοΫφϯόʔͰࣝผ • $'"%&"#&%$&ʜ – $MJFOU)FMMPͷ࠶ૹ৴Λཁٻ )FMMP3FUSZ3FRVFTU

• $MJFOU)FMMP 4FSWFS)FMMP – ฏจͷύϥϝʔλ – ΫϥΠΞϯτ͕࠷ॳʹૹ৴ɺαʔό͕Ԡ౴ • &ODSZQUFE&YUFOTJPOT
– ҉߸Խ͞Εͨύϥϝʔλ – αʔό͕ૹ৴ ύϥϝʔλަ׵

• 5-4 – )FMMPͰ*%Λަ׵ • εςʔτϑϧ αʔόଆͰهԱ͢Δඞཁ – 4FTTJPO5JDLFU&YUFOTJPO
3'$ • εςʔτϨε ҉߸Խ͞ΕͨΫοΩʔΛ഑෍ – ͲͪΒ΋ϋϯυγΣΠΫதʹฏจͰૹ৴ • 5$1઀ଓΛ·͙ͨϢʔβτϥοΩϯά͕Մೳ • 5-4 – ϋϯυγΣΠΫ׬ྃޙʹUJDLFUΛ഑෍ – UJDLFU࢖༻͸̍ճͷΈ ηογϣϯ࠶։

• 5-4Ͱ҉߸Խ͢Δ୯Ґ • ྫ%&"%#&&' • UZQF – BMFSU –
IBOETIBLF – BQQMJDBUJPO@EBUB Ϩίʔυ (e.g., TCP) TLS type version length payload

%&"%#&&' • ͸"&"%҉߸ԽΛද͢UZQFʹมߋ • ຊ౰ͷUZQF͸҉߸จͷதʹ • ύσΟϯά͸೚ҙݸ਺ͷθϩ •
"&"%҉߸ "VUIFOUJDBUFE&ODSZQUJPO XJUI"EEJUJPOBM%BUB Ϩίʔυ opaque_type length payload type padding version AAD

H 133rd ep 3,2 T 133 O K ClientHello (ECDH + session @cket) Client Server @cket + (EC)DH _ 0-RTT Data (PSK ) ServerHello (ECDH) EncryptedExtensions Finished 0.5-RTT Data Finished Session Ticket

355 %BUB • 14,༝དྷͷݤͰ҉߸Խ • ऴ୺͸&OE0G&BSMZ%BUBϋϯυγΣΠΫ ϝοηʔδͰ఻ୡ • αʔό͸355ΛղಡͰ͖ͳ͍ͱ͖ɺͲ
͏͢Δ – USJBMEFDSZQUJPO – 355͕ղಡͰ͖ͳͯ͘΋ɺ&0&%͸ϋϯυ γΣΠΫϝοηʔδͳͷͰղಡՄೳ

• ϦϓϨΠՄೳ – ߈ܸྫۜߦৼࠐཁٻΛίϐʔͯ͠ϦϓϨΠ • ରࡦ – ϦϓϨΠՄೳͳ࣌ؒ෯Λݶఆ •
νέοτͷ ೉ಡԽ͞Εͨ BHFΛར༻ – αʔόଆͷCMPPNGJMUFSͰݕग़ • αʔό͕ෳ਺ڌ఺ʹ෼͔Ε͍ͯͨΒ – ΞϓϦέʔγϣϯϓϩτίϧͰ൑ఆ • ϦτϥΠ҆શ͡Όͳ͍৘ใͷॲཧ͸ɺϋϯυγΣ ΠΫ׬ྃ·Ͱ஗Ԇ 355ͷ໰୊

• ΂͖౳ੑ͕͋ΔϦΫΤετ͸໰୊ͳ͍ – ྫ ը૾ͷ(&5 • ΂͖౳ੑͷ༗ແ͸8FCαʔόͰ͸൑ఆෆೳ • 8FCΞϓϦʹɺ355ϦΫΤετͰ͋Δ
͜ͱΛ఻͑ɺ൑ఆͤ͞Δ࢓૊Έ͕ඞཁ )551WT355 HTTP Web CH+0RTT POST HTTPS FastCGI

• 'JOJTIFEҎલʹड৴ͨ͠ϦΫΤετΛసૹ ͢Δ৔߹͸ɺ&BSMZ%BUBϔομΛ͚ͭΔ • αʔόͷڍಈ – 355΋͘͠͸&%͖ͭϦΫΤετʹ͍ͭͯ ͸ɺ5PP&BSMZΛฦͯ͠΋ྑ͍ •
ΫϥΠΞϯτͷڍಈ – Λड৴ͨ͠Β'JOJTIFEૹ ৴ޙʹϦΫΤετ࠶ൃߦ 6TJOH&BSMZ%BUBJO)551 HTTP Web CH+0RTT Finished POST+E-D HTTPS FastCGI POST 425

• தܧऀͷڍಈ – 355ϦΫΤετసૹ࣌͸&%෇Ճ • &%͖ͭͷϦΫΤετ͸ͦͷ··సૹ – Λड৴ͨ͠Β •
ࣗ෼͕&%͚ͭͨ৔߹͸ɺ'JOJTIFEΛ଴ͬͯ࠶ൃ ߦͯ͠΋ྑ͍ • ͦΕҎ֎͸ΫϥΠΞϯτʹૹ৴ 6TJOH&BSMZ%BUBJO)551

• ࠷ऴہ໘ͰΤϥʔϨʔτ͕໰୊ʹ IUUQTEBUBUSBDLFSJFUGPSHNFFUJOHNBUFSJBMTTMJEFTUMTTFTTBUMT • ݪҼϢʔβଆͷϑΝΠΞ΢Υʔϧ – ྫ αʔόূ໌ॻΛݟͯݕӾ͢Δاۀ޲੡඼ •
·Ͱ͸Մೳ Ͱ͸ূ໌ॻ͕҉߸Խ͞Ε͍ͯΔ 0TTJGJDBUJPO TLS 1.2 TLS 1.3 Chrome (-18) 1.7% 7.7% Firefox (-23?) 2.2% 3.9%

• 5-4ͷηογϣϯ࠶։ͬΆ͘ݟͤΔ – ηογϣϯ࠶։Ͱ͸ূ໌ॻసૹ͠ͳ͍ͨΊ • ِͷ4FTTJPO*%Λ)FMMPʹೖΕΔ • Ͱ͸࢖ΘΕͳ͘ͳͬͨ$$4ϝοηʔδ Λɺͱಉ͡λΠϛϯάͰૹ৴
• )FMMP3FUSZ3FRVFTU͸4FSWFS)FMMPͬΆ͘ • SBOEPNϑΟʔϧυͷϚδοΫφϯόʔͰ൑ఆ ʮޓ׵Ϟʔυʯͷࡦఆ

• .15$1ࡦఆ࣌ͷॾ໰୊ • 5$1'BTU0QFOͷΤϥʔϨʔτ • ʮ5$1࠷దԽʯ૷ஔʹΑΔύϑΥʔϚϯ εྼԽ • 5-4ͷϨίʔυόʔδϣϯ
• (PPHMF26*$ͷzPDUFUz໰୊ ଞͷ0TTJGJDBUJPOࣄྫ

• 0TTJGZͯ͠ྑ͍ϑΟʔϧυΛ*OWBSJBOUTͱ ͯ͠ఆٛ – ྫ$POOFDUJPO*% • ͦΕҎ֎ͷϑΟʔϧυ͸શͯ҉߸Խɺ೉ ಡԽɺάϦʔγϯά 26*$WT0TTJGJDBUJPO

&YQPSUFE"VUIFOUJDBUPST

• )551 – Ұ౓ʹྲྀΕΔϦΫΤετ͸ͭ – 5-4ͷΫϥΠΞϯτೝূͰे෼ • )551 –
ෳ਺ͷϦΫΤετ͕ಉ࣌ʹྲྀΕΔ – ϦΫΤετ͝ͱʹҟͳΔΫϥΠΞϯτূ໌ॻ Λ࢖͍͍ͨ )551ͱΫϥΠΞϯτೝূ

• ҟͳΔυϝΠϯ΁ͷϦΫΤετͰ΋طଘ ͷ)551઀ଓΛ࢖͍·Θ͍ͨ͠ – ઀ଓཱ֬࣌ؒͷ୹ॖɺ*/*5$8/%ʹറΒΕͳ ͍ॳظసૹ଎౓ • ෳ਺ͷαʔόূ໌ॻΛΫϥΠΞϯτʹૹ Γ͍ͨ
)551ͱαʔόೝূ

• ෳ਺ͷূ໌ॻΛͲ͏΍ͬͯసૹ͢Δ͔ • ରԠ͢Δൿີݤͷอ༗ΛͲ͏΍ͬͯূ໌ ͢Δ͔ ڞ௨ͷ՝୊

• ূ໌ॻͱͦͷॴ༗ূ໌ͷ ཁٻͱ ૹ৴ – ૹड৴ํ๏͸ɺ5-4઀ଓ্Ͱಈ࡞͍ͯ͠ΔΞ ϓϦέʔγϣϯϓϩτίϧʹ͓·͔ͤ • ূ໌ॻͷૹ৴ํ๏
– 5-4ͷϋϯυγΣΠΫϝοηʔδΛ࠶ར༻ • $FSUJGJDBUF $FSUJGJDBUF7FSJGZ 'JOJTIFE • 5-4઀ଓ͔ΒΤΫεϙʔτͨ͠ൿີ৘ใΛॺ໊͢ Δ͜ͱͰೝূ • ূ໌ॻͷཁٻํ๏ – 5-4ͷ$FSUJGJDBUF3FRVFTUϝοηʔδΛ࠶ར༻ &YQPSUFE"VUIFOUJDBUPSTJO5-4

• )551͸5$1্ʹෳ਺ͷετϦʔϜΛॏ৞ – छྨͷετϦʔϜ੍ޚ༻ ϦΫΤετૹड৴༻ – ετϦʔϜ͸ෳ਺ͷϑϨʔϜ͔Βߏ੒ • ূ໌ॻͱϦΫΤετ͸OରԠ
• ূ໌ॻؔ࿈ͷ৘ใ͸ϑϨʔϜͰަ׵ 4FDPOEBSZ$FSUJGJDBUF"VUIJO)551 CERTIFICATE CERTIFICATE_REQUEST CertificateRequest CERTIFICATE_NEEDED ? USE_CERTIFICATE !

$FSUJGJDBUF$PNQSFTTJPO

• 26*$ – ઀ଓཱ֬ͱ5-4ϋϯυγΣΠΫ͕ฒߦಈ࡞ – ΞυϨεݕূࡁͰͳ͍ΫϥΠΞϯτʹαʔό ূ໌ॻΛૹΓ͍ͨ – ϦϑϨΫγϣϯ߈ܸʹ࢖͑ͳ͍େ͖͞ʹѹॖ͍ͨ͠
എܠ

• H[JQ·ͨ͸CSPUMJͰূ໌ॻνΣΠϯΛѹॖ • CSPUMJͷ৔߹ – தԝ஋ – ύʔηϯλΠϧ •
ύέοτʹೖΔ֬཰ – ύέοτ – ύέοτ • ʮഒʯ͸ڐ༰Մೳͳ૿෯཰͔ ͳ IUUQTEBUBUSBDLFSJFUGPSHNFFUJOHNBUFSJBMTTMJEFTUMTTFTTBDFSUJJDBUFDPNQSFTTJPO $FSUJGJDBUF$PNQSFTTJPO

4/*&ODSZQUJPO

• %/4҉߸Խ – %/4 PWFS 5-4 – %/4PWFS)5514
8(-BTU$BMM • ؔ࿈ϓϩτίϧ5-4355 )551 26*$ • 4/*҉߸Խ • ূ໌ॻ҉߸Խ 5-4 • ϢʔβτϥοΩϯάͷ཈ࢭ – ηογϣϯνέοτͷϫϯΦϑԽ5-4 – *1ΞυϨεɺϙʔτ൪߸ͷมߋ26*$ ϓϥΠόγʔอޢͷਐ௙ঢ়گ

• 4/*Λ҉߸Խ – ҉߸Խ͢ΔͨΊͷݤͷ഑෍ํ๏͕໰୊ • 5-4 PWFS 5-4 –
̎ॏ҉߸ԽͷΦʔόʔϔου • BMUTWD 4FDPOEBSZ$FSUJGJDBUFTGPS)551 – )551ઐ༻ ݕ౼͞Ε͍ͯΔղܾࡦ

• 5-4ͷϝδϟʔόʔδϣϯΞοϓ͸׬ྃ – ϝδϟʔͳ࣮૷΋ରԠࡁ – ࠓޙ͸पลͷ੔උ͕য఺ʹ • ϓϥΠόγʔอޢͱ0TTJGJDBUJPOରࡦ͸ॏ ཁͳςʔϚ
ॴײ

TLS 1.3とその周辺の標準化動向

TLS 1.3とその周辺の標準化動向

More Decks by kazuho

Other Decks in Technology

Featured

Transcript