This application is an extension of the AES Demo that I posted previously. That demo was put together to demonstrate the use of AES in TLS 1.2, and to test my own encryption algorithm against an established algorithm. I believe my own algorithm is as safe as any established algorithm, but a good algorithm should also be fast. My own algorithm turned out to be about 3 times slower than AES on long encrypts. So I set out to update my TLS program, and that is when I discovered TLS 1.3.
The final draft of TLS 1.3 was released on Mar 20, 2018, and implementation is in it's infancy. Mozilla Firefox has TLS 1.3 enabled by default starting at Version 60, and Versions 52-60 can be enabled by adjusting the SSL Version to 4. But that does not mean that all versions will work with all TLS 1.3 Web sites. It all depends on which draft each is compiled to work with. Why did I choose to use such a new protocol? Because TLS 1.3 is faster, simpler, and more secure. It only uses ECC (Elliptical Curve Cryptography) to transfer the Pre-Master key, one complete round trip has been eliminated, and several functions have been relegated to being ignored. A good overview can be found here:
Notice that most of them use AES. For this demo, we use none of the above. Instead we use a default Anonymous suite. Anonymous suites are not recommended for any TLS version because the server cannot be authenticated using Certificates. This particular demo will not yet be completely TLS 1.3; it will be more like a combination of TLS 1.2 & 1.3. That is because I am still trying to extract the implementation details. For example, the Server Finish would normally be transferred encrypted with the Certificate data, but for personal use the expense of Certificates just isn't warranted. So I transferred the Finished record unencrypted with the Server Hello. On the Client side, the Finished record is transferred by itself unencrypted, after receiving the Server Finished record.
To say that this demo is complicated would be an understatement, and it is by no means complete. I contemplated not using HMAC records, but HMAC was engrained in the code I was upgrading. The IETF provided Example Handshake Traces for TLS 1.3 here:
but as usual RFC documents are not the easiest thing to follow. As well, the examples all used curve x25519, which is only supported on Windows 10. The difficulty with Windows 10 is that I have still not found a way to recover the raw Agreed Secret, which is required if you are going to connect with a real world server using TLS 1.3.
To test these 2 programs, set up 2 VB6 IDEs and run the Client program in one and the Server program in the other. All the modules are common to each program. The Server program will listen on port 443. In the Client program, click the dropdown arrow, and choose the "localhost" option. This will attempt to connect with the Server using the loopback address 127.0.0.1. If successful, the Client will send the Client Hello, which includes the Client Random and the Public Key for the "ECDH_P256" curve under the name "key share". A full breakdown of the Client Hello is included in the code.
The server receives the Client Hello and has enough information to create the AgreedSecret and Master Key. Using the Master Key and Random values, the Server then creates the various keys used in the encryption process (Read MAC Key, Write MAC Key, Read Key, Write Key, Read IV, & Write IV). Now it can send its own Server Hello along with the Server Finished record back to the Client. Once again, a full breakdown of the Server Hello is included in the code.
The Client receives the Server Hello and creates it's own AgreedSecret and Master Key, which should be the same as those created by the Server. It then creates all the keys that it needs and sends a Client Finished record back to the Server.
Both programs should now be ready to send and receive encrypted messages. Click on the "Send Sample" button to send a sample message to the Server. Likewise, click on the "Send Response" button to send a response back to the Client.
It is my hope that you find these programs educational.
J.A. Coutts
Last edited by couttsj; Aug 8th, 2018 at 10:06 AM.
Reply With Quote