[Cryptography] Is it time for a revolution to replace TLS?
dj at deadhat.com
dj at deadhat.com
Tue Apr 15 16:07:08 EDT 2014
> http://clearcryptocode.org/tls/
>
> Probably not going to happen, but it's nice to dream...
>
It is one of my long term, implausible goals to replace TLS with a
collection of independent app to app function-targeted security protocols
that are individually simple enough to understand and implement cleanly. I
will certainly fail.
E.G.
For paying with a credit card.. A secure credit card payment protocol
For authenticating a web site and producing keys to bind .. A web page
authentication protocol.
For remotely logging into a shell producing keys to bind .. A secure shell
login protocol.
There are many more possibilities.
Today, SSL and TLS with all that entails (ASN.1, X.509, PKCS, TCP/IP etc.)
is the hammer and any securable thing is the nail. But it's really a
client-server session privacy and integrity protocol with issues. It isn't
designed to protect my banking transactions, just the traffic over which I
communicate my transaction intent. If I had a secure bank transaction
protocol independent of TLS, heartbleed wouldn't matter.
A classic mismatch between TLS and its primary use securing web traffic is
the failure of a virtual server to be able to produce the right cert for
the right virtual web site. The cert is really identifying the TLS
termination point which may be a web server, rather than a web site, of
which the server may be serving many. That's one reason why a web-site
security protocol would be more effective than TLS plumbed under HTTP.
TLS does need nuking so we can replace it with simpler things. The
sentiment isn't wrong, it's just hard to pull off.
More information about the cryptography
mailing list