The Transport Layer Security (TLS) is the successor of the Secure Sockets Layer (SSL). The protocols define the mechanisms to ensure secure transmission of data over the internet. The standards are controlled by The Internet Engineering Task Force (IETF®).

The standard defines the negotiation handshake whch defines the encryption and protocol to be used to transmit data records. The varied nature of the implementations of the standard provides a venue for disruption, i.e., it is possible to promote successful attacks by CyberSecutity hackers.

SSL1, SSL2, SSL3 and TLS1.0 have known flaws. SSL was developed by Netscape in the 90’s and was a preliminary, and exploratory means to define secure communication. The ‘first on the block’ allowed for the inception and development of the concept and the implementation of the ideal, to promote secure transport of data. TLS1.0 corrected some of the flaws in SSL but, in an attempt to accommodate itself the US Government restrictions on the export of cryptographic materiel, had known weak encryption with hackable protocols.

The material here overlaps the material in the Modern Digital Cryptography and Modern Cryptanalysis sections of this web site. But there are parts of the Cryptology sphere of influence which most appropriately resides in this section, and in this section they have been put.

SSL and TLS1.0 and TLS1.1 have been included as reference material. TLS1.2 is the current standard, and TLS1.3 is the forthcoming standard under review.

Very roughly:

  • Standards: Articles which are the TLS standard or describe the standard.
  • Tutorials & Overviews: Gentle (or mostly gentle) matter which describes the protocols. “Light” reading for the unwary.
  • Papers: Peer reviewed papers.
  • Articles: None of the above.
Standards
Name
Abstract Syntax Notation One (ASN.1)
HTTP Over TLS
FIPS PUB 180-4: Secure Hash Standard (SHS)
Prohibiting Secure Sockets Layer (SSL) Version 2.0
Public-Key Cryptography Standards (PKCS) #1: RSA Cryptography Specifications Version 2.1
The Secure Sockets Layer (SSL) Protocol Version 3.0
The SSL Protocol (draft)
The Transport Layer Security (TLS) Protocol Version 1.3
The Transport Layer Security (TLS) Protocol Version 1.2
The Transport Layer Security (TLS) Protocol Version 1.2
The TLS Protocol Version 1.0
XDR: External Data Representation Standard
Tutorials & Overviews
Name
AES-GCM for Efficient Authenticated Encryption – Ending the Reign of HMAC – SHA-1?
Comparison of TLS implementations
Guidelines for the Selection, Configuration, and Use of Transport Layer Security (TLS) Implementations
Guidelines for the Selection, Configuration, and Use of Transport Layer Security (TLS) Implementations
High Performance Browser Networking
HttpClient Tutorial
Security Configuration Benchmark For Microsoft IIS 7.0/7.5
SSL/TLS and Cryptography
SSL 0.2 PROTOCOL SPECIFICATION
TLS and all that
Transport Layer Protection Cheat Sheet
Transport Layer Security (TLS)
Transport Layer Security: Secure Socket Layer
Papers
Name
A Messy State of the Union: Taming the Composite State Machines of TLS
Implementation of OpenSSL API’s for TLS 1.2 Operation
AppliedCryptoHardening
DROWN: Breaking TLS using SSLv2
Elliptic Curve Cryptography (ECC) Certificates Performance Analysis
Elliptic Curves in Transport Layer Security (TLS) – A Presentation Tutorial
Killed by Proxy: Analyzing Client-end TLS Interception Software
Implementation of OpenSSL API’s for TLS 1.2 Operation
Implementing TLS with Verified Cryptographic Security
Lessons Learned From Previous SSL/TLS Attacks A Brief Chronology Of Attacks And Weaknesses
Links to Papers
Nonce-Disrespecting Adversaries: Practical Forgery Attacks on GCM in TLS
On the Security of TLS-DH and TLS-RSA in the Standard Model 1
Prying open Pandora’s box: KCI attacks against TLS
Summarizing Known Attacks on Transport Layer Security (TLS) and Datagram TLS (DTLS)
TLS hardening
TLS in the Wild: An Internet-wide Analysis of TLS-based Protocols for Electronic Communication
Articles
Name
Core Features (TLS)
C Implementation of SHA – 256 Algorithm
Names of SHA-256, SHA-384, and SHA-512
End of Transport Layer Security (TLS) 1.0 Support as of June 30, 2018
FAQ & Instructions for Enabling
Java Cryptography Architecture Oracle Providers Documentation
On the Security of TLS 1.3 and QUIC Against Weaknesses in PKCS#1 v1.5 Encryption
On the Security of TLS-DHE in the Standard Mode
PayPal’s TLS 1.2 and HTTP/1.1 Upgrade and How it Could Impact Your Membership Site
Protecting Against POODLE Attacks
The Foundation for PayPal’s June 2017 TLS 1.2 Upgrade
SHA256 Class
The New TLS 1.3 Standard: Ready or Not, Changes Are Coming
TLS and SRTP for Skype Connect
TLS 1.3 and the Future of Cryptographic Protocols
wolf SSL User Manual