SSL-TLS and Why It Keeps Your Lake Empty - Andy Shepherd, Symantec

Explore the intricacies of SSL/TLS and its impact on network security in this 29-minute conference talk by Andy Shepherd from Symantec. Delve into the evolution of encryption protocols, from SSL to TLS 1.3, and understand their components, including cipher suites and key exchange mechanisms. Learn about Perfect Forward Secrecy (PFS) and its significance in modern cryptography. Examine the challenges faced by security devices in dealing with encrypted traffic and the stages of TLS 1.3 awareness in middleboxes. Discover potential security issues in SSL/TLS implementations, such as resigning without verification, and gain insights into seamless integrations for improved security infrastructure. This talk provides valuable knowledge for cybersecurity professionals and network administrators looking to enhance their understanding of encryption protocols and their implications for network visibility and security.

CYBER ACADEMY
Types of Feeds from Security Tools
How much is encrypted?
What is SSL/TLS? Example: Browser
SSL/TLS Management
SSL/TLS Dates Recap
SSL/TLS Components Each specification (SSLV3, TLS 1.2, TLS1.3) is a set of standards - Each standard is made up of lots of different Ciphers-Suites • Example Cipher-Suite names
Arrival of TLS 1.3
Major Differences in TLS 1.3 • Gone is functionality bloat
Old RSA Key Exchange (before PFS)
Perfect Forward Secrecy (PFS) 2011, but really 1990 Chuck
Multiple Security Devices With SSLV
TLS 1.3 Decrypted
Simple: Visibility
Stages of TLS1.3 Awareness in Middleboxes
Sandwich Approach Let's see what can go wrong
Connecting whilst honouring client handshake
and not honouring client handshake
Resigning Without Verification Security Issue - Exposing Clients to Attack
Seamless integrations for better security infrastructure