SEMI-PASSIVE TRANSPORT LAYER SECURITY VERSION 1.3 DECRYPTION OPPORTUNITIES
Loading...
Authors
Anderson, Alex M.
Subjects
TLS 1.3
transport layer security version 1.3
encryption
decryption
man-on-the-side attack
blue team
red team
defensive cyber
offensive cyber
transport layer security version 1.3
encryption
decryption
man-on-the-side attack
blue team
red team
defensive cyber
offensive cyber
Advisors
McEachen, John C.
Tummala, Murali
Date of Issue
2023-09
Date
Publisher
Monterey, CA; Naval Postgraduate School
Language
Abstract
With the release of Transport Layer Security (TLS) version 1.3 protocol in 2018, many security improvements have proven challenging to overcome from both an offensive and defensive cybersecurity perspective. The adoption rate of this latest version is continuing to increase. TLS version 1.3 is now the preferred protocol for use in the vast majority of active websites. However, a security cryptosystem is only secure if the private keys are kept secret. In this research, methods of key logging will be explored, along with various ways of extraction to conserve network bandwidth or to provide a stealthy exfiltration. With the cryptographic keys now available, the end result is a successful decryption of passively captured network traffic. Key logging of distinct Gmail email sessions and multiple compression techniques were experimented and analyzed. The outcome has provided proven viable benefits for both the offensive and defensive cybersecurity analyst teams with follow-on development opportunities.
Type
Thesis
Description
Series/Report No
Department
Electrical and Computer Engineering (ECE)
Organization
Identifiers
NPS Report Number
Sponsors
Laboratory for Telecommunication Sciences
Funder
Format
Citation
Distribution Statement
Approved for public release. Distribution is unlimited.
Rights
This publication is a work of the U.S. Government as defined in Title 17, United States Code, Section 101. Copyright protection is not available for this work in the United States.