Project 6 (TLS)

• Learn how websites you frequently use establish TLS connections.
• Learn about the openssl TLS debug utility

The following openssl command can be used to debug TLS connections. It will output information regarding the TLS handshake. Port 443 is the default port for HTTPS connections. Run this command and notice the key exchange method that is used for this particular BYU website. Use control-c to break out of the TLS connection established by this command.

openssl s_client -connect booklist.byu.edu:443

Consider also using ssllabs test too, and other command line options to openssl s_client. for instance, you can examine server certificates, see how they are signed, by what 3rd parties etc.

• Use the openssl command to connect to ten secure websites that you regularly use (email, social networking, banking, etc.)
• Write a brief report that lists the key cryptographic properties used by these websites to establish TLS connections. It might be convenient to put this in a table.
  • key exchange method
  • authentication algorithm
  • symmetric encryption algorithm, key size, and mode

• Summarize any interesting differences or common features that you observe
• Also list questions about any information you don't understand or would like to know more about

See this document for examples of the TLS cipher suite options ** EXAMPLE TLS cipher name example