Encryp­ti­on on the World Wide Web has a long histo­ry, which explains the abbre­via­ti­ons used today. It star­ted back in 1993 with Secu­re Sockets Pro­gramming as a pro­to­ty­pe. Net­scape sub­se­quent­ly com­ple­ted Secu­re Sockets Lay­er (SSL). SSL ver­si­on 1 was never published. Ver­si­on 2 dates back to 1995. Ver­si­on 3 was published in 1996 as a com­ple­te re-design. So anyo­ne who says SSL actual­ly means a his­to­ri­cal pro­to­col that is no lon­ger in use. The Inter­net Engi­nee­ring Task Force (IETF) took over the main­ten­an­ce of the stan­dard in 1999. This was accom­pa­nied by a new name: Trans­port Lay­er Secu­ri­ty (TLS). The ver­si­ons of the spe­ci­fi­ca­ti­on are 1.0 (1999), 1.1 (2006), 1.2 (2008), and 1.3 (2018). So peo­p­le still call encrypt­ed con­nec­tions SSL/TLS, even though SSL may/should not actual­ly be used anymore.

Why should one bother with it?

Typi­cal­ly, one deals with web appli­ca­ti­ons and mes­sa­ges in ever­y­day work and also in pri­va­te life. Both types of appli­ca­ti­ons use encryp­ti­on to ensu­re that con­tent on its way to the con­su­mer (smart­phone, brow­ser, email pro­gram, mes­sen­ger, etc.) is not modi­fied or read. At the latest sin­ce the reve­la­ti­ons of Edward Snow­den you want encryp­ti­on from one end to the other. This is also cal­led end-to-end encryp­ti­on. The idea is that no third par­ty is in the midd­le and can read data. This means that vide­os come direct­ly from the strea­ming pro­vi­der. The same appli­es to all appli­ca­ti­ons. So the con­tent can only be view­ed at the ends and thus veri­fied. What does this mean for infor­ma­ti­on security?

SSL and TLS are important com­pon­ents for security.

This means that encrypt­ed data trans­mis­si­ons can­not be bro­ken. This is a fun­da­men­tal requi­re­ment. If the­re were back­doors or vul­nerabi­li­ties, atta­ckers would exploit this, and the enti­re pro­to­col would be inef­fec­ti­ve. Secu­ri­ty sys­tems the­r­e­fo­re imple­ment inspec­tion of the con­tent via so-cal­led pro­xy sys­tems. The cli­ent con­nects to the pro­xy and the pro­xy fet­ches the con­tent from the ser­ver. The pro­xy thus sits in the midd­le, and one TLS con­nec­tion beco­mes two. In this way, inspec­tion of the trans­mit­ted data is pos­si­ble. The­re is a logi­sti­cal chall­enge with this. The design of SSL/TLS pro­vi­des for cen­tral cer­ti­fi­ca­te aut­ho­ri­ties that cer­ti­fy keys and names. All web brow­sers have a list of trus­ted aut­ho­ri­ties. Encryp­ti­on alo­ne wit­hout a trust base is wort­hl­ess. Con­tent veri­fi­ca­ti­on requi­res that the pro­xy have a list of cer­ti­fi­ca­te aut­ho­ri­ties it trusts, and that the cli­ent trust the proxy.

The­re are two other methods of veri­fy­ing con­tent or meta­da­ta. One can also try to open the encryp­ti­on wit­hout a pro­xy. To do this, one uses the atta­ckers’ methods by for­ging cer­ti­fi­ca­tes and having them issued by a sepa­ra­te cer­ti­fi­ca­te aut­ho­ri­ty that the cli­ents all know and trust blind­ly. Such sys­tems are cal­led midd­le boxes, ana­log­ous to midd­le men who sit in the midd­le bet­ween ser­ver and cli­ent. The­se sys­tems ulti­m­ate­ly exploit open points or vul­nerabi­li­ties in the stan­dard. The­se methods will no lon­ger be pos­si­ble with TLS ver­si­on 1.3. This is a con­scious decis­i­on in favor of secu­ri­ty. The fact that it is pos­si­ble to for­ge or break encrypt­ed con­nec­tions is always unde­si­ra­ble. In addi­ti­on, it was pre­vious­ly pos­si­ble to see which cer­ti­fi­ca­tes the con­nec­tion was working with, becau­se the estab­lish­ment of a TLS con­nec­tion is not com­ple­te­ly encrypt­ed until ver­si­on 1.2. At the moment, the­re are still (pseudo)security sys­tems that build on the­se weaknesses.

Is con­tent veri­fi­ca­ti­on still possible?

What hap­pens now when TLS ver­si­on 1.3 beco­mes wide­spread? Of cour­se, con­tent veri­fi­ca­ti­on will not die with it. You just have to find the right archi­tec­tu­re or adapt the exis­ting one. Pro­xy sys­tems offer hig­her secu­ri­ty than pure packet fil­ters (no mat­ter how “deep­ly” they ana­ly­ze packets) becau­se they under­stand the pro­to­col. All that’s left is for cli­ents to compa­re cer­ti­fi­ca­te aut­ho­ri­ties with hard-coded checks­ums. Mozil­la Fire­fox, Goog­le Chro­me, and some apps for smart­phones imple­ment this method. This is not a secu­ri­ty issue, but a trust issue. After all, anyo­ne who has this soft­ware on their net­work trusts it any­way. This is espe­ci­al­ly true for the app stores of some pro­vi­ders. After all, the secu­ri­ty model of the app stores com­ple­te­ly col­lap­ses if someone can pre­tend to be an app store. In the­se cases, any con­tent veri­fi­ca­ti­on must take place on the cli­ent after the data has been decrypt­ed any­way. This so-cal­led end point pro­tec­tion, i.e., pro­tec­tion at the end of the line, is also the basis for a secu­re IT architecture.

End-to-end encryp­ti­on is a secu­ri­ty concept!

The fact that some have not yet imple­men­ted this con­cept is an indi­ca­ti­on of a need to catch up, not of errors in encryp­ti­on stan­dards. The imple­men­ta­ti­on of TLS ver­si­on 1.3 must be careful­ly plan­ned if non-stan­dard solu­ti­ons are to be used. A bonus is HTTP2, the new gene­ra­ti­on of the Hyper­text Trans­fer Pro­to­col, which only trans­fers encrypt­ed data. It is more per­for­mant than the ver­si­ons befo­re it. Fas­ter appli­ca­ti­ons the­r­e­fo­re do not stand in the way of secu­ri­ty and can act as a reward.

SEC4YOU advi­ses you in ques­ti­ons of end-to-end encryp­ti­on and the cor­rect use of TLS 1.3. We are also hap­py to check exis­ting sys­tems and whe­ther their use of SSL/TLS cor­re­sponds to the cur­rent sta­te of the art.

Plea­se use our cont­act form to cont­act us in case of any questions..