The Transport Layer Security (TLS) Protocol Version 1.2

This document specifies an Internet standards track protocol for the Internet community, and requests discussion and suggestions for improvements. Please refer to the current edition of the "Internet Official Protocol Standards" (STD 1) for the standardization state and status of this protocol. Distribution of this memo is unlimited. Abstract This document specifies Version 1.2 of the Transport Layer Security (TLS) protocol. The TLS protocol provides communications security over the Internet. The protocol allows client/server applications to communicate in a way that is designed to prevent eavesdropping, tampering, or message forgery.

[1]  Hugo Krawczyk,et al.  The Order of Encryption and Authentication for Protecting Communications (or: How Secure Is SSL?) , 2001, CRYPTO.

[2]  Tero Kivinen,et al.  More Modular Exponential (MODP) Diffie-Hellman groups for Internet Key Exchange (IKE) , 2003, RFC.

[3]  Elaine B. Barker Digital Signature Standard (DSS) [includes Change Notice 1 from 12/30/1996] | NIST , 1994 .

[4]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[5]  Khawaja Amer Hayat,et al.  Password Interception in a SSL/TLS Channel , 2004 .

[6]  Steven M. Bellovin,et al.  Defending against Sequence Number Attacks , 2012, RFC.

[7]  Hugo Krawczyk,et al.  HMAC: Keyed-Hashing for Message Authentication , 1997, RFC.

[8]  James H. Burrows,et al.  Secure Hash Standard , 1995 .

[9]  Christopher Allen,et al.  The TLS Protocol Version 1.0 , 1999, RFC.

[10]  Hannes Tschofenig,et al.  Pre-Shared Key Ciphersuites for Transport Layer Security (TLS) , 2005, RFC.

[11]  Donald E. Eastlake,et al.  Randomness Requirements for Security , 2005, RFC.

[12]  Stephen T. Kent,et al.  IP Encapsulating Security Payload (ESP) , 1995, RFC.

[13]  Stephen T. Kent,et al.  IP Authentication Header , 1995, RFC.

[14]  Jakob Jonsson,et al.  Public-Key Cryptography Standards (PKCS) #1: RSA Cryptography Specifications Version 2.1 , 2003, RFC.

[15]  William C. Barker,et al.  TECHNOLOGY ADMINISTRATION , 2004 .

[16]  Jeffrey I. Schiller,et al.  Cryptographic Algorithms for Use in the Internet Key Exchange Version 2 (IKEv2) , 2005, RFC.

[17]  Bodo Möller,et al.  Network Working Group Elliptic Curve Cryptography (ecc) Cipher Suites for Transport Layer Security (tls) , 2006 .

[18]  Nikos Mavrogiannopoulos,et al.  Using OpenPGP Keys for Transport Layer Security (TLS) Authentication , 2007, Request for Comments.

[19]  Jon Postel,et al.  Transmission Control Protocol , 1981, RFC.

[20]  David Brumley,et al.  Remote timing attacks are practical , 2003, Comput. Networks.

[21]  Bernard P. Zajac Applied cryptography: Protocols, algorithms, and source code in C , 1994 .

[22]  Tim Wright,et al.  Transport Layer Security (TLS) Extensions , 2003, RFC.

[23]  Paul E. Hoffman,et al.  Determining Strengths For Public Keys Used For Exchanging Symmetric Keys , 2004, RFC.

[24]  Robert J. Zuccherato,et al.  Methods for Avoiding the "Small-Subgroup" Attacks on the Diffie-Hellman Key Agreement Method for S/MIME , 2000, RFC.

[25]  David Cooper,et al.  Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile , 2008, RFC.

[26]  Thomas Narten,et al.  Guidelines for Writing an IANA Considerations Section in RFCs , 1998, RFC.

[27]  Vlastimil Klíma,et al.  Attacking RSA-Based Sessions in SSL/TLS , 2003, CHES.

[28]  Mike Eisler XDR: External Data Representation Standard , 2006, RFC.

[29]  Ronald L. Rivest,et al.  The MD5 Message-Digest Algorithm , 1992, RFC.

[30]  Daniel Bleichenbacher,et al.  Chosen Ciphertext Attacks Against Protocols Based on the RSA Encryption Standard PKCS #1 , 1998, CRYPTO.

[31]  Eric Rescorla,et al.  The Transport Layer Security (TLS) Protocol Version 1.1 , 2006, RFC.

[32]  권태경,et al.  SSL Protocol 기반의 서버인증 , 2003 .

[33]  Pete Chown,et al.  Advanced Encryption Standard (AES) Ciphersuites for Transport Layer Security (TLS) , 2002, RFC.

[34]  Alfred Menezes,et al.  The Elliptic Curve Digital Signature Algorithm (ECDSA) , 2001, International Journal of Information Security.

[35]  Scott O. Bradner,et al.  Key words for use in RFCs to Indicate Requirement Levels , 1997, RFC.

[36]  David A. McGrew,et al.  An Interface and Algorithms for Authenticated Encryption , 2008, RFC.

[37]  Scott Hollenbeck,et al.  Transport Layer Security Protocol Compression Methods , 2004, RFC.