$30 off During Our Annual Pro Sale. View Details »

TLS 1.3自作入門 / tls13

Mako
August 09, 2021
Technology
0
220

TLS 1.3自作入門 / tls13

seccamp2019 LT大会での発表内容

Mako

August 09, 2021
Tweet

More Decks by Mako

See All by Mako
マイナンバーカードの暗号技術とセキュリティ
tex2e
0
130
SELinuxで堅牢化する / selinux
tex2e
3
370
プロトコルの形式的安全性検証ツールProVerif / proverif
tex2e
0
380
マイナンバーカードで署名する / mynumbercard
tex2e
1
1.5k

Other Decks in Technology

See All in Technology
【Python東海#44】Pydroid3で画像処理
kazuhitotakahashi
0
210
visionOSについてGlobeeが取り組んでいること
toshi0383
0
230
uGUI の自動操作の考え方と操作方法
orgachem
PRO
0
220
pmconf 2023 プロダクトと事業を無限にスケールするための最強のロードマップの作り方 / The Greatest Roadmap for Unlimited Scaling your Business and Products
yamamuteki
14
7.3k
dbt Coreとdbt-athenaによるAWS上のdbt環境構築ナレッジ
nayuts
0
110
DMMオンラインサロン エンジニア採用資料/ for-software-engineers
onlinesalon
0
3.6k
RealSense T265とD415とUFACTORY Lite 6で模倣学習の実験
hygradme
0
330
3つの⽴場で考える技術的負債への組織的アプローチ
sansantech
PRO
16
4.8k
新卒エンジニアでも技術的負債に向き合いたい!
smasato
1
1.8k
LLMエンジニアリングを加速させるソフトウェアアーキテクチャ
tkikuchi1002
0
380
2023-12-01 吉祥寺.pm ベストプラクティスと組織とIaC
masasuzu
0
110
Making your Kubernetes-based log collection reliable & durable with Vector
palark
0
320

Featured

See All Featured
Adopting Sorbet at Scale
ufuk
66
8.2k
Bootstrapping a Software Product
garrettdimon
PRO
299
110k
Fight the Zombie Pattern Library - RWD Summit 2016
marcelosomers
226
16k
The Invisible Side of Design
smashingmag
291
49k
Gamification - CAS2011
davidbonilla
75
4.4k
Done Done
chrislema
178
15k
How to Create Impact in a Changing Tech Landscape [PerfNow 2023]
tammyeverts
0
270
Designing for Performance
lara
601
66k
The Brand Is Dead. Long Live the Brand.
mthomps
48
6.2k
We Have a Design System, Now What?
morganepeng
41
6.4k
Fantastic passwords and where to find them - at NoRuKo
philnash
34
2.2k
Embracing the Ebb and Flow
colly
77
3.8k

Transcript













































  1. ༧උ஌ࣝ ࣮૷ ࠷৽ಈ޲ ·ͱΊ
    N೔ͰͰ͖Δ! TLS 1.3ࣗ࡞ೖ໳
    @tex2e
    ηΩϡϦςΟɾΩϟϯϓશࠃେձ 2019 LT େձ

    View Slide













































  2. ༧උ஌ࣝ ࣮૷ ࠷৽ಈ޲ ·ͱΊ
    ࠓ೔ͷ͓࿩
    TLS 1.3

    View Slide













































  3. ༧උ஌ࣝ ࣮૷ ࠷৽ಈ޲ ·ͱΊ
    TLSͱ͸
    ௨৴͢Δ 2 ਓ͸͜Ε·Ͱʹձͬͨ͜ͱ͕ͳ͘ɺ
    ҆શͰ͸ͳ͍௨৴࿏Λ࢖ͬͨͱͯ͠΋ɺ
    ҆શʹ΍ΓͱΓ͕Ͱ͖Δ

    View Slide













































  4. ༧උ஌ࣝ ࣮૷ ࠷৽ಈ޲ ·ͱΊ
    ҆શͳ௨৴࿏ͱ͸...
    • ਅਖ਼ੑ
    • ௨৴૬ख͕ຊ෺Ͱ͋Δ͜ͱΛ֬ೝͰ͖Δ
    • (αʔόূ໌ॻʹΑΔೝূ ... X.509 Cert, PKI)
    • ػີੑ
    • ݖݶΛ࣋ͭਓ͚͕ͩΞΫηεͰ͖Δ
    • (௨৴಺༰ͷ҉߸Խ ... AES, ChaCha20)
    • ׬શੑ
    • վ͟Μ͞Εͳ͍
    • (ೝূ෇͖҉߸ʹΑΔվ͟Μݕ஌ ... AEAD)

    View Slide













































  5. ༧උ஌ࣝ ࣮૷ ࠷৽ಈ޲ ·ͱΊ
    TLSͷϋϯυγΣΠΫ
    • Handshake
    • Ͳͷ҉߸εΠʔτΛ࢖͏͔ܾΊΔ
    • ެ։ݤ҉߸Λ༻͍ͯݤڞ༗͢Δ
    • ূ໌ॻΛ࢖ͬͯೝূ͢Δ
    • Application Data
    • ڞ௨ݤ҉߸Λ༻͍ͯ҉߸Խ͢Δ
    • HTTP Λ҉߸Խͨ͠σʔλͳͲ
    Open Socket
    Handshake
    Application Data
    Close Socket

    View Slide













































  6. ༧උ஌ࣝ ࣮૷ ࠷৽ಈ޲ ·ͱΊ
    TLS 1.3ͷ΍ΓͱΓ
    Client Server
    Client Hello
    Server Hello
    Application Data

    View Slide













































  7. ༧උ஌ࣝ ࣮૷ ࠷৽ಈ޲ ·ͱΊ
    ϓϩάϥϚͷ3େʮᅂΈʯ
    • ࣗ࡞ OS
    • ࣗ࡞ίϯύΠϥ (ϓϩάϥϛϯάݴޠ)
    • ࣗ࡞ϓϩτίϧελοΫ (TCP/IP, TLS)
    ˞ॾઆ͋Γ

    View Slide













































  8. ༧උ஌ࣝ ࣮૷ ࠷৽ಈ޲ ·ͱΊ
    TLSͲ͏΍ͬͯ࡞Δͷ?
    RFCΛಡΉ

    View Slide













































  9. ༧උ஌ࣝ ࣮૷ ࠷৽ಈ޲ ·ͱΊ
    TLS 1.3 (RFC 8446)

    View Slide













































  10. ༧උ஌ࣝ ࣮૷ ࠷৽ಈ޲ ·ͱΊ
    ߏ଄ମͱόΠτྻͷ૬ޓม׵
    ม׵
    ෮ݩ

    View Slide













































  11. ༧උ஌ࣝ ࣮૷ ࠷৽ಈ޲ ·ͱΊ
    ࣮૷ͷྲྀΕ
    TLS ͷ΍ΓͱΓͷ࣮૷ɿ
    1. ιέοτ௨৴
    2. ϝοηʔδͷߏ଄ମͱόΠτྻͷ૬ޓม׵
    TLS ͷ΍ΓͱΓͷத਎ͷ࣮૷ɿ
    1. ପԁۂઢ Diffie-Hellman ݤڞ༗
    2. HKDF ʹΑΔݤεέδϡʔϦϯά
    3. ೝূ෇͖҉߸ (AEAD)
    4. X.509 ূ໌ॻ

    View Slide













































  12. ༧උ஌ࣝ ࣮૷ ࠷৽ಈ޲ ·ͱΊ
    TLS 1.3ͷ࠷৽ಈ޲ (Server/Client)

    View Slide













































  13. ༧උ஌ࣝ ࣮૷ ࠷৽ಈ޲ ·ͱΊ
    TLS 1.3ͷ࠷৽ಈ޲ (QUIC)
    UDP ͰίωΫγϣϯཱ֬ͱ TLS 1.3 ཱ֬Λಉ࣌ʹߦ͏
    TCP + TLS 1.3
    Client Server
    SYN
    SYN + ACK
    ACK
    Client Hello
    Server Hello
    Application Data
    QUIC (HTTP/3)
    Client Server
    QUIC
    QUIC
    QUIC
    Application Data

    View Slide













































  14. ༧උ஌ࣝ ࣮૷ ࠷৽ಈ޲ ·ͱΊ
    TLS 1.3ࣗ࡞͸ָ͍͚͠Ͳ೉͍͠
    • จॻ͸΄ͱΜͲӳޠ
    • ҉߸ٕज़ͷج൫ͱͳΔ਺ֶͷ஌ࣝ
    • ωοτϫʔΫٕज़ͷ஌ࣝ
    • RFC ͸ೖ໳ॻͰ͸ͳ͍ͷͰॳֶऀʹ͸ݫ͍͠

    View Slide













































  15. ༧උ஌ࣝ ࣮૷ ࠷৽ಈ޲ ·ͱΊ
    30೔Ͱ TLS 1.3 ͸
    ࡞Εͳ͍Α

    View Slide













































  16. ༧උ஌ࣝ ࣮૷ ࠷৽ಈ޲ ·ͱΊ
    ͓ΘΓ

    View Slide













































  17. ࢀߟจݙ I
    RFC 8446: The Transport Layer Security (TLS) Protocol
    Version 1.3. IETF, August 2018.
    Andy Brodie: Overview of TLS v1.3. OWASP, 2017. URL
    https://www.owasp.org/images/d/d3/TLS_v1.3_
    Overview_OWASP_Final.pdf
    SSL Labs: SSL Pulse. Qualys, Inc, June 2019. URL
    https://www.ssllabs.com/ssl-pulse/
    @Fyrd, @Lensco: Can I use... URL
    https://caniuse.com/
    IETF Draft: “QUIC: A UDP-Based Multiplexed and
    Secure Transport”. URL https://tools.ietf.org/
    html/draft-ietf-quic-transport-22

    View Slide













































  18. ࢀߟจݙ II
    Alessandro Ghedini: The Road to QUIC. Cloudflare, Inc,
    2018. URL
    https://blog.cloudflare.com/the-road-to-quic/
    խ໵ ࢁຊ: TCP/IP ϓϩτίϧελοΫࣗ࡞ೖ໳. KLab
    Inc, 2018. URL https://www.slideshare.net/
    pandax381/tcpip-105857327
    Ivan Risti´
    c ஶ, ᜊ౻޹ಓ ؂༁: ϓϩϑΣογϣφϧ
    SSL/TLS. ϥϜμϊʔτ, 2018.

    View Slide