Project 7 (TLS)

Objectives

  • Learn how websites you frequently use establish TLS connections.
  • Learn about the openssl TLS debug utility

The following openssl command can be used to debug TLS connections. It will output information regarding the TLS handshake. Port 443 is the default port for HTTPS connections. Run this command and notice the key exchange method that is used for this particular BYU website. Use control-c to break out of the TLS connection established by this command.

openssl s_client -connect booklist.byu.edu:443

Consider also using ssllabs test too, and other command line options to openssl s_client. for instance, you can examine server certificates, see how they are signed, by what 3rd parties etc.

Requirements

  • Use the openssl command to connect to five secure websites that you regularly use (email, social networking, banking, etc.)
  • Write a brief report that lists the key cryptographic properties used by these websites to establish TLS connections. It might be convenient to put this in a table.
    • key exchange method
    • key size
    • cipher suite chosen
    • is session resumption supported?
    • key sizes
    • perfect forward secrecy support
    • tls extensions supported
    • etc.
  • Summarize any interesting differences or common features that you observe
cs-465/project-7-tls.txt · Last modified: 2015/10/22 20:07 by fred
Back to top
CC Attribution-Share Alike 4.0 International
chimeric.de = chi`s home Valid CSS Driven by DokuWiki do yourself a favour and use a real browser - get firefox!! Recent changes RSS feed Valid XHTML 1.0