SSL/TLS Syntaxes & Security Glossary

An production-ready, expansive guide containing technical definitions, handshake syntaxes, and advanced cryptographic security records.

Author: Mir Ali Shahidi (میر علی شهیدی)
📍 Address: Tehran, Iran
✉️ Email: info@miralishahidi.ir
📞 Phone: +98 936 071 5710
🌐 Website: www.miralishahidi.ir

1 Handshake Protocol

  • ClientHello: The client sends a message to initiate the handshake and negotiate the connection parameters.
  • ServerHello: The server responds with its chosen parameters for the connection.
  • Certificate: The server sends its digital certificate to the client for authentication.
  • ClientKeyExchange: The client generates a premaster secret and encrypts it with the server's public key.
  • ServerKeyExchange: Optional message sent by the server to provide additional key exchange information.
  • CertificateRequest: The server requests the client's digital certificate for mutual authentication (optional).
  • ServerHelloDone: The server indicates the completion of its part of the handshake.
  • CertificateVerify: The client signs a hash of the handshake messages to prove the authenticity of its certificate (optional).
  • ChangeCipherSpec: Signals a switch to encrypted communication.
  • Finished: The parties exchange a message to verify the integrity of the handshake messages.

2 Record Protocol

  • Content Type: Specifies the type of data encapsulated in the record, such as handshake, application data, alert, or heartbeat.
  • Version: Indicates the version of the SSL/TLS protocol used.
  • Length: The length of the encrypted data.
  • Data: The actual payload of the record, encrypted and authenticated.

3 Cipher Suites

  • CipherSuite: Specifies the cryptographic algorithms used for key exchange, encryption, and message authentication.
  • CipherSuite Format: {Key Exchange Algorithm}_{Bulk Encryption Algorithm}_{Message Authentication Code (MAC) Algorithm}

4 SSL/TLS Alerts

  • Level: Indicates the severity level of the alert, either warning or fatal.
  • Description: Specifies the specific alert message, such as close_notify, unexpected_message, bad_record_mac, handshake_failure, etc.

5 TLS Extensions

  • Supported Versions: Indicates the TLS versions supported by the client or server.
  • Server Name Indication (SNI): Specifies the hostname that the client is attempting to connect to (in the ClientHello message).
  • Certificate Status Request: Allows the client to request the server's certificate status.
  • Supported Elliptic Curves: Lists the elliptic curves supported for key exchange.
  • Supported Signature Algorithms: Lists the signature algorithms supported for digital signatures.
Please note that the actual implementation and syntax may vary depending on the specific SSL/TLS library or protocol version being used.

6 Certificate Format (X.509)

  • Version: Indicates the version of the X.509 certificate format.
  • Serial Number: A unique identifier assigned by the certificate authority (CA) to the certificate.
  • Signature Algorithm: Specifies the algorithm used to sign the certificate.
  • Issuer: Identifies the entity that issued the certificate (CA).
  • Validity Period: Defines the start and end dates for which the certificate is valid.
  • Subject: Identifies the entity (such as a website or organization) associated with the public key in the certificate.
  • Subject Public Key Info: Contains the public key associated with the subject.
  • Extensions: Additional optional fields that provide extra information, such as subject alternative names (SANs), key usage, extended key usage, etc.

7 TLS Renegotiation

  • HelloRequest: The server sends a HelloRequest message to the client to initiate renegotiation.
  • ClientHello: The client responds with a ClientHello message, and renegotiation proceeds similar to the initial handshake.
  • RenegotiationInfo: An extension used to indicate the renegotiation process and prevent certain types of attacks.

8 Session Resumption

  • Session ID: A unique identifier assigned to a session and used for session resumption.
  • Session Ticket: A mechanism where the server generates and sends a ticket to the client, allowing it to resume the session later.

9 Diffie-Hellman Exchange

  • ClientKeyExchange: The client sends its Diffie-Hellman public value to the server.
  • ServerKeyExchange: The server responds with its Diffie-Hellman public value.
  • Premaster Secret: The shared secret computed by both client and server using their respective private and public values.

10 Pre-Shared Key (PSK)

  • PSK Identity: A shared secret identifier or username used for authentication.
  • PSK Binder: A cryptographic value that proves possession of the corresponding pre-shared key.
These are a few additional SSL/TLS syntaxes and concepts that you may encounter in the context of SSL/TLS communication. It's important to note that SSL/TLS protocols and libraries may support different versions and extensions, and the specific syntax can vary depending on the implementation and protocol version being used.

11 TLS 1.3 Syntaxes

  • EncryptedExtensions: An extension sent by the server after the ServerHello message, containing additional extensions encrypted under the session keys.
  • CertificateVerify: In TLS 1.3, the CertificateVerify message is sent after the client has sent its Finished message, providing the server with a digitally-signed verification of the handshake.
  • KeyUpdate: A message used to update the traffic keys for the connection.
  • EarlyData: Allows the client to send application data in the initial flight of messages, before the handshake is complete.

12 TLS 1.3 Key Schedule

  • Handshake Traffic Keys: Derived from the handshake secret and used to protect the handshake messages.
  • Application Traffic Keys: Derived from the application secret and used to protect the application data.
  • Derived Secrets: Intermediate secrets derived from the master secret.

13 Cipher Suites Syntax

  • Key Exchange Algorithm: Specifies the algorithm used to perform key exchange, such as RSA, Diffie-Hellman, Elliptic Curve Diffie-Hellman (ECDHE), etc.
  • Bulk Encryption Algorithm: Defines the symmetric encryption algorithm used for encrypting the data, such as AES (Advanced Encryption Standard), 3DES (Triple Data Encryption Standard), etc.
  • Message Authentication Code (MAC) Algorithm: Specifies the algorithm used for integrity protection and authentication of the data, such as HMAC-SHA256, HMAC-SHA384, etc.
  • Cipher Suite Examples: ECDHE-RSA-AES256-GCM-SHA384
    DHE-RSA-AES128-SHA256
    TLS_RSA_WITH_AES_128_CBC_SHA256

14 Protocol Versions

  • SSL 3.0: The SSL protocol version 3.0.
  • TLS 1.0: The Transport Layer Security version 1.0.
  • TLS 1.1: The Transport Layer Security version 1.1.
  • TLS 1.2: The Transport Layer Security version 1.2.
  • TLS 1.3: The Transport Layer Security version 1.3.
These are some additional SSL/TLS syntaxes and concepts that you may come across. Remember that the specific syntax and features can vary depending on the SSL/TLS protocol version and the implementation being used.

15 SSL/TLS Compression

  • Compression Method: Specifies the algorithm used to compress the data before encryption, such as null compression, Deflate, etc.
  • Compression Negotiation: The client and server negotiate the compression method during the handshake.

16 Handshake Msg Length

  • Handshake Message Length: Indicates the length of the handshake message being transmitted.

17 Application Data

  • Application Data: The payload of encrypted data that is exchanged between the client and server after the handshake is completed.

18 Heartbeat Extension

  • Heartbeat Request: A message sent by one party to the other to check if the connection is still alive.
  • Heartbeat Response: The response sent by the receiving party, containing the same payload as the request.

19 Cert Revocation

  • Certificate Revocation List (CRL): A list maintained by the CA that contains the serial numbers of revoked certificates.
  • Online Certificate Status Protocol (OCSP): A protocol used to query the CA for the revocation status of a certificate.

20 SNI Extension

  • Server Name Indication (SNI): An extension in the ClientHello message that allows the client to specify the hostname it is attempting to connect to, allowing the server to present the appropriate certificate.

21 ALPN Extension

  • Application-Layer Protocol Negotiation (ALPN): An extension in the ClientHello message that allows the client and server to negotiate the application protocol to be used over the encrypted connection, such as HTTP/1.1, HTTP/2, etc.
These are some additional SSL/TLS syntaxes and concepts that you may encounter in SSL/TLS communication. Remember that the specific implementation and protocol version being used may introduce variations in the syntax and features.

22 Certificate Chain

  • Certificate Chain: A sequence of certificates starting from the end-entity certificate and ending at the root certificate.
  • Intermediate Certificate: Certificates issued by intermediate CAs that link the end-entity certificate to the root certificate.
  • Root Certificate: The self-signed certificate at the root of the certificate hierarchy.

23 Key Usage Extension

  • Key Usage Extension: Specifies the purpose(s) for which the public key in the certificate can be used, such as digital signature, key encipherment, key agreement, etc.

24 Extended Key Usage

  • Extended Key Usage Extension: Provides additional constraints on the usage of the public key, such as server authentication, client authentication, code signing, etc.

25 Cert Transparency

  • Certificate Transparency (CT): A mechanism to publicly log and monitor SSL/TLS certificates, enhancing security and detecting certificate misissuance.

26 Perfect Forward Secrecy

  • Perfect Forward Secrecy: A property of key exchange algorithms that ensures that compromise of a long-term private key does not reveal past session keys.

27 OCSP Stapling

  • OCSP Stapling: A mechanism where the server includes a signed OCSP response with its certificate, improving the efficiency and privacy of certificate revocation checks.

28 Session Tickets

  • Session Tickets: A mechanism to store session state on the client side and present it for session resumption, improving performance.

29 TLS False Start

  • False Start: A technique where the client starts sending application data before the handshake is fully complete, reducing latency.

30 Forward Secrecy

  • Forward Secrecy: A property of key exchange algorithms that ensures that compromise of long-term private keys does not compromise the confidentiality of past session data.
These are additional SSL/TLS syntaxes and concepts that you may come across in SSL/TLS communication. Remember that the specific syntax, extensions, and features can vary depending on the SSL/TLS protocol version and the implementation being used.

31 Client Authentication

  • Certificate-based Client Authentication: A mechanism where the client presents its digital certificate to the server for authentication.
  • Client Certificate Request: A message sent by the server to request the client's certificate during the handshake.

32 Revocation Checking

  • Certificate Revocation Checking: The process of verifying whether a certificate has been revoked by checking CRLs or using OCSP.
  • CRL Distribution Points: An extension in the certificate that specifies the locations where the CRLs are published.
  • Authority Information Access: An extension in the certificate that specifies the location of the OCSP responder.

33 Post-Handshake Msg

  • NewSessionTicket: A message sent by the server to provide the client with a new session ticket for session resumption.
  • EncryptedExtensions: An extension in the server's Finished message to convey additional extensions encrypted under the session keys.

34 Early Data Resumption

  • Early Data Resumption: A feature in TLS 1.3 that allows the client to send application data in the initial flight of messages, even before the handshake is complete.

35 CT Extension

  • Certificate Transparency (CT) Extension: An extension in the TLS handshake that indicates the support for Certificate Transparency by the client or server.

36 ALPN Negotiation

  • Application-Layer Protocol Negotiation (ALPN): An extension in the TLS handshake that allows the client and server to negotiate the application protocol to be used over the encrypted connection.

37 Elliptic Curve Cryptography

  • Elliptic Curve Cryptography (ECC): A family of public-key cryptographic algorithms based on elliptic curves.
  • Elliptic Curve Diffie-Hellman (ECDH): A key exchange algorithm based on elliptic curve cryptography.

38 Token Binding

  • Token Binding: A mechanism that provides cryptographically binding tokens to the TLS connection, enhancing security.
These are some additional SSL/TLS syntaxes and concepts that you may encounter in SSL/TLS communication. Remember that the specific implementation, protocol version, and extensions being used can introduce variations in the syntax and features.

39 Cipher Suite Negotiation

  • Supported Cipher Suites: A list of cipher suites supported by the client or server, ordered by preference.
  • Cipher Suite Negotiation: The process of selecting a mutually supported cipher suite during the handshake.

40 Cryptographic Key Lengths

  • Key Length: The size of the cryptographic keys used in encryption algorithms, such as RSA, AES, etc. Common key lengths include 128-bit, 256-bit, etc.

41 Certificate Authorities

  • Certificate Authority (CA): An entity trusted to issue digital certificates.
  • Root Certificate Authority: The highest level of authority in a certificate hierarchy, typically self-signed.
  • Intermediate Certificate Authority: A subordinate CA that is issued a certificate by a higher-level CA.

42 Certificate Validation

  • Certificate Validation: The process of verifying the authenticity and integrity of a digital certificate.
  • Certificate Chain Validation: The process of validating the entire certificate chain from the end-entity certificate to the root certificate.

43 Historical Vulnerabilities

  • BEAST (Browser Exploit Against SSL/TLS): A vulnerability that affects certain block cipher modes in SSL/TLS 1.0 and earlier versions.
  • POODLE (Padding Oracle On Downgraded Legacy Encryption): A vulnerability that affects SSL 3.0 and earlier versions.
  • Heartbleed: A catastrophic security bug in the OpenSSL cryptography library that allowed attackers to read memory buffers secretly.

44 HSTS Implementation

  • HTTP Strict Transport Security: A web security policy mechanism that forces browsers to interact with websites only via secure HTTPS connections.

45 Certificate Pinning

  • Certificate Pinning: A mechanism to associate a specific cryptographic public key or certificate with a particular server to prevent MITM attacks.
These are additional SSL/TLS syntaxes and concepts that you may come across in SSL/TLS communication. Remember that the specific syntax, vulnerabilities, and features can vary depending on the SSL/TLS protocol version, implementation, and extensions being used.

46 Secure Renegotiation

  • Secure Renegotiation: A mechanism introduced to address security flaws in the legacy renegotiation process, guaranteeing cryptographically bound context.

47 Session Resumption Tech

  • Session Resumption: The process of reestablishing a previously established session without performing a costly full handshake.
  • Session ID Resumption: The client and server use a mutually cached session identifier to speed up connection setup.
  • Session Ticket Resumption: The server offloads encrypted state to the client in the form of a ticket for stateless resumption.

48 Channel Binding

  • Channel Binding: A security mechanism that correlates layer-based security properties (like TLS parameters) with application-layer authentication tokens.

49 CT Log Monitoring

  • Certificate Transparency Monitoring: Continual analysis of public cryptographic CT logs to proactively discover unauthorized or rogue certificate issuances.

50 OCSP Stapling (Advanced)

  • OCSP Stapling: A technique where the server periodically requests its own validity token from the CA and appends it directly inside the TLS Handshake.

51 Ticket Encryption Keys

  • Session Ticket Encryption: Cryptographic processing of session tickets utilizing Session Ticket Encryption Keys (STEK) to secure structural session payloads.

52 Early Data Limit Bounds

  • Early Data Limit: The fixed structural maximum byte limit a client is legally authorized to stream during a 0-RTT initialization phase.

53 Handshake Ciphers

  • Handshake Cipher Suites: Explicitly restricted algorithm suites engineered exclusively for initial key establishment workflows.

54 Downgrade Protection

  • Protocol Downgrade Protection: Cryptographic fallback safety signs injected into ClientHello/ServerHello arrays preventing systemic forced down-negotiations.
These are additional SSL/TLS syntaxes and concepts that you may encounter in SSL/TLS communication. Remember that the specific syntax, mechanisms, and features can vary depending on the SSL/TLS protocol version, implementation, and configurations being used.

55 0-RTT Replay Protection

  • Replay Attack Vulnerability: TLS 1.3 Early Data (0-RTT) does not possess full forward secrecy and is inherently susceptible to packet capture and re-transmission attacks.
  • Mitigation Techniques: Implementing Single-Use Session Tickets, strict Server Time Windows, or utilizing uniquely isolated non-idempotent application actions (like HTTP GET only).

56 Encrypted ClientHello (ECH)

  • Privacy Leakage: Traditional SNI fields transmit target hostnames in cleartext during the ClientHello phase, enabling network surveillance.
  • ECH Solution: Encrypts the sensitive parts of the ClientHello message using a public key retrieved from the server's DNS records (via secure HTTPS/DoH).

57 Post-Quantum TLS (PQC)

  • Quantum Threat: Shor's algorithm risks breaking asymmetric infrastructure like RSA and ECC keys via future quantum computing power.
  • Hybrid Key Exchange: Modern deployments utilize a combination of classical algorithms (like X25519) and Quantum-Resistant algorithms (like ML-KEM / Kyber) in the TLS handshake.

58 ALPACA Attack Defense

  • Cross-Protocol Mitigation: Exploit where an attacker redirects TLS traffic from an application server to a different server using the same certificate (e.g., HTTPS to SMTP).
  • Enforcement: Strict Application-Layer Protocol Negotiation (ALPN) validation ensures connection packets are rejected if the service type mismatches.

59 Deprecation Realities

  • Industry Standards: TLS 1.0 and 1.1 are completely deprecated by IETF (RFC 8996) due to weak hashes (MD5, SHA-1) and vulnerability to CBC padding oracle attacks.
  • Security Enforcement: Modern user agents and PCI-DSS compliance frameworks strictly require a minimum configuration of TLS 1.2, with TLS 1.3 highly recommended.
CRITICAL SECURITY WARNING: Legacy cipher suites utilizing RC4, 3DES, or static RSA key exchange (without Forward Secrecy) are highly insecure. Ensure your server configurations explicitly disable these suites to prevent modern decryption vectors.