Video and Notes on Transport Layer Security
Technical preventative control
TLS is just one of those things that is going to be on the exam, there is no way to avoid it. Mainly because TLS is heavily emphasized in all your books. Especially when they mention encrypting web traffic.
Involves a TLS handshake AFTER the TCP Handshake.
TLS puts the "S" in HTTPS.
Transport Layer Security is a tough concept to understand if you don’t work directly in the network security domain.
TLS really can be a true test of your understanding and application of everything you studied in cryptography for real life, and for the CISSP exam.
TLS uses a suite of cipher protocols which you will read all about in your studies, particularly in Domain 3: Security Engineering, which comes a chapter before Transport Layer Security, which is introduced in Chapter 4: Network Security in the Shon Harris 7th Edition.
Members get access to this and other CISSP videos:
Some common terms to know before learning about TLS:
Asymmetric and Symmetric Encryption
TLS replaces it’s predecessor SSL, Secure Sockets Layer.
Why did TLS replace SSL? The same reason anything replaces anything in information security…it became insecure, or there was some hack that exploited some vulnerability that had world-wide implications and far reaching effects to the point that something stronger was needed.
The same thing happened with 3DES which replaced DES, and the same reason TCSEC was replaced by the Common Criteria.
TLS replaced SSL for several reasons, we don’t really need to go into great detail for the exam, but the 2 big reasons are:
It was suggested by the IETF
These are some of the absolutes you’ll need to know for the exam
You have at least know that TLS replaced SSL.
You have to know that TLS is used to secure out data in motion, to secure our data traversing across the unsafe Internet.
Know that TLS and encryption in general is a great defense against man in the middle attacks.
TLS provides server authentication.
TLS provides authentication through the use of a server certificate or a server private key.
TLS provides identification by verifying the public certificate of the server.
Confidentiality as we stated is best provided by the different types of encryption, asymmetric and/or symmetric.
And integrity is provided by TLS through the implementation of hashing, which produces something called a message digest.
Steps of the TLS Handshake:
The client sends a hello packet containing a suite of cipher protocols that it would like to use to encrypt the connection.
The server receives the client hello packet and sends it's own hello packet acknowledging that it can also use the same cipher protocols. The server also sends it's public key.
The client then begins the key exchange process by generating a pre-master secret key. This pre-master secret key is encrypted with the server's public key.
The server receives the encrypted pre-master secret key and decrypts it with it's private key
Since it was encrypted with the server's public key, it can only be decrypted by the server's private key.
The server creates a master key with the client's pre-master secret key, and uses this symmetric Master key to encrypt the data that is about to be sent over an asymmetrically encrypted connection.
Did you catch that part? TLS uses both asymmetric and symmetric encryption.
Asymmetric encryption to create the secure channel, and then symmetric encryption to encrypt the data that is going to go through the secure channel.