Certain investigations on record and handshake layers of TLS cipher suites for cloud applications

Abstract

Transport Layer Security (TLS) is a widely used security newlineprotocol that is designed to improve privacy and data security for internet newlinecommunications. Encrypting communication between web applications and newlineservers, such as web browsers loading a website from server, is a primary use newlinecase for TLS. TLS contains two main protocols: the TLS handshake protocol newlineand the TLS record protocol. The handshake protocol is responsible for newlineauthentication, cipher suite negotiation and key exchange between web newlinebrowser and web server. TLS record protocol secures the application data newlineafter the handshake protocol operation using symmetric key cryptographic newlinealgorithms such as AES or CHACHA20 based stream cipher and hash newlinealgorithms like SHA256 or MD5. The record protocol is responsible for newlinesecuring the application data along with verifying its integrity and origin newlinebetween web browser and web server. A cipher suite is a set of symmetric newlinekey cryptographic algorithms which is used to encrypt messages between newlineweb browser and web server over a secure SSL/TLS protocol. For example, newlineTLS_ECDHE_ECDSA_AES_128_GCM_SHA256 cipher suite uses ECDHE newlineas the key exchange algorithm, ECDSA as the authentication algorithm, newlineAES_128_GCM as the block cipher algorithms which achieves the privacy newlineand SHA256 as the hash algorithm to preserve message integrity of the newlinehandshake process. newlineThis study aims at developing secure and efficient TLS cipher newlinesuites on various cloud based applications. The thesis presents secure and newlinelight weight elliptic curves based TLS cipher suites for cloud applications. newlineThe thesis also presents AES_GCM_SIV algorithm which is used to improve newlinethe nonce reuse property and message transmission rate in cloud applications newlinewithout compromising the security. newline newline