Question

1 Approved Answer

Posted on Sep 22, 2024

Detail the components of a common cipher suite. The diagram depicts a Wireshark trace of a TLS handshake . Highlighted above is the following cipher

Detail the components of a common cipher suite.

The diagram depicts a Wireshark trace of a TLS handshake

. image text in transcribed

Highlighted above is the following cipher suite:

TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (0xc030)

Use Wireshark to capture your own cipher suite. You can use the filter "tls" to monitor traffic. Or you can use the filter "ssl.handshake.extensions_server_name" to capture the Client Hello (If you have trouble capturing the Client Hello, try visiting a website while capturing packets. If you still have trouble, change the interface that you are using to capture packets)

Click a Client Hello packet, then click: Secure Sockets Layer -> TLSv1.2 Record Layer: Handshake Protocol: Client Hello -> Handshake Protocol: Client Hello -> Cipher Suites ("X" suites)

1. Include a screenshot of the suites that you see (similar to the example in class). 2. Count them. How many ciphersuites are in the Client hello ("X")? 3. Identify one ciphersuite and explain the meaning of each component of the ciphersuite. 3a. What is the purpose of each component? 3b. How does each interact with other components? 3c. What is the range of possible choices of algorithms for each component of the cipher suite? 4. Discuss the relative strength or weakness of your chosen ciphersuite.

image text in transcribed

230 0.059 0.059 52.114.142.144 192.168.86.242 TLSv1.2 316 Server Hello, Certificate, Certificate Status, Server Key Exchange, Server Hello Done 235 0.023 0.023 192.168.86.242 52.114.142.144 TLSv1.2 212 Client Key Exchange, Change Cipher Spec, Encrypted Handshake Message 242 2.030 2.939 52.114.142.144 192.168.86.242 TLS 1.2 195 Change Cinber Snec Encrunted Handshake Message [ Reassemblea TCP Segments (0102 bytes): #220 (1460), #227(1400), #228(1400), #229(1400), #2301202) Transport Layer Security TLSv1.2 Record Layer: Handshake Protocol: Multiple Handshake Messages Content Type: Handshake (22) Version: TLS 1.2 (0x0303) Length: 6097 Handshake Protocol: Server Hello Handshake Type: Server Hello (2) Length: 94 Version: TLS 1.2 (0x0303) Random: 5ed31c11de261b6c2e8d8fff19a30f476ef407542d0ffc93... Session ID Length: 32 Session ID: 9236000081ca8fbf%cf382ff5978b98eab4b625a688645f8... Cipher Suite: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (0xc030) Compression Method: null (0) Extensions Length: 22 Extension: status_request (len=0) Extension: application_layer_protocol_negotiation (len=5) Extension: extended_master_secret (len=0) Extension: renegotiation_info (len=1) Handshake Protocol: Certificate Handshake Type: Certificate (11) Length: 3787 Certificates Length: 3784 Certificates (3784 bytes) Certificate Length: 2314 Certificate: 30820906308206eea00302010202136100195b6a9df6c777... (id-at-commonName=presence. teams.microsoft.com) signedCertificate version: v3 (2) seria lNumber: 0x6100195b6a9df6c77732a52edd000000195b6a signature (sha256WithRSAEncryption) Algorithm Id: 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) 230 0.059 0.059 52.114.142.144 192.168.86.242 TLSv1.2 316 Server Hello, Certificate, Certificate Status, Server Key Exchange, Server Hello Done 235 0.023 0.023 192.168.86.242 52.114.142.144 TLSv1.2 212 Client Key Exchange, Change Cipher Spec, Encrypted Handshake Message 242 2.030 2.939 52.114.142.144 192.168.86.242 TLS 1.2 195 Change Cinber Snec Encrunted Handshake Message [ Reassemblea TCP Segments (0102 bytes): #220 (1460), #227(1400), #228(1400), #229(1400), #2301202) Transport Layer Security TLSv1.2 Record Layer: Handshake Protocol: Multiple Handshake Messages Content Type: Handshake (22) Version: TLS 1.2 (0x0303) Length: 6097 Handshake Protocol: Server Hello Handshake Type: Server Hello (2) Length: 94 Version: TLS 1.2 (0x0303) Random: 5ed31c11de261b6c2e8d8fff19a30f476ef407542d0ffc93... Session ID Length: 32 Session ID: 9236000081ca8fbf%cf382ff5978b98eab4b625a688645f8... Cipher Suite: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (0xc030) Compression Method: null (0) Extensions Length: 22 Extension: status_request (len=0) Extension: application_layer_protocol_negotiation (len=5) Extension: extended_master_secret (len=0) Extension: renegotiation_info (len=1) Handshake Protocol: Certificate Handshake Type: Certificate (11) Length: 3787 Certificates Length: 3784 Certificates (3784 bytes) Certificate Length: 2314 Certificate: 30820906308206eea00302010202136100195b6a9df6c777... (id-at-commonName=presence. teams.microsoft.com) signedCertificate version: v3 (2) seria lNumber: 0x6100195b6a9df6c77732a52edd000000195b6a signature (sha256WithRSAEncryption) Algorithm Id: 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) 230 0.059 0.059 52.114.142.144 192.168.86.242 TLSv1.2 316 Server Hello, Certificate, Certificate Status, Server Key Exchange, Server Hello Done 235 0.023 0.023 192.168.86.242 52.114.142.144 TLSv1.2 212 Client Key Exchange, Change Cipher Spec, Encrypted Handshake Message 242 2.030 2.939 52.114.142.144 192.168.86.242 TLS 1.2 195 Change Cinber Snec Encrunted Handshake Message [ Reassemblea TCP Segments (0102 bytes): #220 (1460), #227(1400), #228(1400), #229(1400), #2301202) Transport Layer Security TLSv1.2 Record Layer: Handshake Protocol: Multiple Handshake Messages Content Type: Handshake (22) Version: TLS 1.2 (0x0303) Length: 6097 Handshake Protocol: Server Hello Handshake Type: Server Hello (2) Length: 94 Version: TLS 1.2 (0x0303) Random: 5ed31c11de261b6c2e8d8fff19a30f476ef407542d0ffc93... Session ID Length: 32 Session ID: 9236000081ca8fbf%cf382ff5978b98eab4b625a688645f8... Cipher Suite: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (0xc030) Compression Method: null (0) Extensions Length: 22 Extension: status_request (len=0) Extension: application_layer_protocol_negotiation (len=5) Extension: extended_master_secret (len=0) Extension: renegotiation_info (len=1) Handshake Protocol: Certificate Handshake Type: Certificate (11) Length: 3787 Certificates Length: 3784 Certificates (3784 bytes) Certificate Length: 2314 Certificate: 30820906308206eea00302010202136100195b6a9df6c777... (id-at-commonName=presence. teams.microsoft.com) signedCertificate version: v3 (2) seria lNumber: 0x6100195b6a9df6c77732a52edd000000195b6a signature (sha256WithRSAEncryption) Algorithm Id: 1.2.840.113549.1.1.11 (sha256WithRSAEncryption) 230 0.059 0.059 52.114.142.144 192.168.86.242 TLSv1.2 316 Server Hello, Certificate, Certificate Status, Server Key Exchange, Server Hello Done 235 0.023 0.023 192.168.86.242 52.114.142.144 TLSv1.2 212 Client Key Exchange, Change Cipher Spec, Encrypted Handshake Message 242 2.030 2.939 52.114.142.144 192.168.86.242 TLS 1.2 195 Change Cinber Snec Encrunted Handshake Message [ Reassemblea TCP Segments (0102 bytes): #220 (1460), #227(1400), #228(1400), #229(1400), #2301202) Transport Layer Security TLSv1.2 Record Layer: Handshake Protocol: Multiple Handshake Messages Content Type: Handshake (22) Version: TLS 1.2 (0x0303) Length: 6097 Handshake Protocol: Server Hello Handshake Type: Server Hello (2) Length: 94 Version: TLS 1.2 (0x0303) Random: 5ed31c11de261b6c2e8d8fff19a30f476ef407542d0ffc93... Session ID Length: 32 Session ID: 9236000081ca8fbf%cf382ff5978b98eab4b625a688645f8... Cipher Suite: TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (0xc030) Compression Method: null (0) Extensions Length: 22 Extension: status_request (len=0) Extension: application_layer_protocol_negotiation (len=5) Extension: extended_master_secret (len=0) Extension: renegotiation_info (len=1) Handshake Protocol: Certificate Handshake Type: Certificate (11) Length: 3787 Certificates Length: 3784 Certificates (3784 bytes) Certificate Length: 2314 Certificate: 30820906308206eea00302010202136100195b6a9df6c777... (id-at-commonName=presence. teams.microsoft.com) signedCertificate version: v3 (2) seria lNumber: 0x6100195b6a9df6c77732a52edd000000195b6a signature (sha256WithRSAEncryption) Algorithm Id: 1.2.840.113549.1.1.11 (sha256WithRSAEncryption)