TLS (Transport Layer Security)

2022

Release of free TLS security certificates for Russian sites

In Russia, an information infrastructure has been developed to maintain the trouble-free operation of Russian information resources. This was announced by the company FSAU Research Institute "Sunrise" on March 28, 2022. The information system of the National Certification Center created for this purpose provides the issuance of TLS certificates using both Russian and other cryptographic algorithms. Read more here.

TLS version 1.3 with support for Russian encryption standards

On March 14, 2022, the company Kryptonite"" announced that its specialists, together with employees of the company, CryptoCom"" completed the development of an open implementation of the TLS protocol version 1.3, which provides data protection using. the Russian cryptographic algorithms It is available as an extension for OpenSSL 1.1.1.

The TLS protocol is used in browsers, instant messengers, email clients, IP telephony and other applications to ensure the confidentiality of data transmitted over the Internet. Version 1.3 of this protocol is defined in the international standard RFC8446 and is quite "revolutionary." Thanks to it, significant modifications have been made to the protocol to simultaneously strengthen security and improve its user characteristics.

TLS 1.3 allows you to use various algorithms for encryption, key distribution and digital signature. A specific set of cryptographic algorithms (cipher suites), supported by both sides, is set at the Handshake stage - negotiation of connection parameters.

The RFC8446 standard provides for the use of only foreign cryptographic algorithms in the protocol. In Russia, the expansion of RFC8446 is adopted - standard R 1323565.1.030-2020. Its main difference is the use of Russian cryptographic algorithms and support for other modes of protocol operation. The domestic standard defines 4 crypto sets, each of which uses the MGM mode (described in P 1323565.1.026) with its own unique parameters.

MGM mode belongs to the group of AEAD algorithms. It uses a multi-line mode with Galois authentication, which allows you to simultaneously process confidential data (content of network packets) and auxiliary technical (packet headers). The latter do not need to be encrypted, but they need to provide protection against modification (integrity) and verified compliance with encrypted fragments. In other words, MGM protects against unauthorized changes to metadata transmitted in plain text.

Earlier, the research and production company Kryptonit announced the creation of an open source implementation based on OpenSSL 1.1.1 of all current Russian encryption algorithms and modes of their use, including the MGM mode. The next step was to ensure that these algorithms could be used in the TLS 1.3 protocol.

The main mechanism for expanding the functionality of the OpenSSL library in versions 1.1.1 and earlier is the engine mechanism. A significant amount of Russian cryptographic algorithms is available in OpenSSL through the Gost Engine extension.

Specialists from Kryptonit and CryptoCom completed the following improvements to the Ghost Engine, as well as the source code of the OpenSSL library itself:

• added a public ephemeral key encoding algorithm in the key_share extension (in the Handshake step);
• added an algorithm for generating a common secret ECDHE value using the Diffie-Hellman protocol;
• the TLSTREE algorithm is implemented, which is used to generate keys for protecting records from the root key;
• the algorithm matching mechanism in the signature_algorithms extension has been improved (it required editing the OpenSSL code);
• the built-in test system has been improved.

In a relatively short time after the release of the official standard, we made an open source implementation of the TLS 1.3 protocol with domestic cryptography. It seems to me that this is a good job and an excellent reserve for the future for the scientific community, developers, as well as users who properly treat the security of their communications, "explained Alexander Spiridonov, head of the information and network security laboratory at Kryptonit NPK.

Our company has always understood the importance of open implementations along with certified ones, we believe that this approach contributes to the expansion of the market for all its participants, - commented Dmitry Kabelev, General Director of Cryptocom LLC.

At the final stage, according to the methodological recommendations of the TK26, the resulting implementation of the TLS 1.3 protocol was checked using control examples. Additionally, it was tested using the formal language of the primary specifications of cryptographic protocols. The developed implementation of the TLS 1.3 protocol is planned to be used at the cryptographic compatibility testing stand, also developed at Kryptonit NPK.

In parallel, for the current OpenSSL 3.0 branch, similar work is already underway to implement Russian encryption standards.

Free TLS certificates will ensure the availability of sites

On March 4, 2022 Ministry of Digital Science of the Russian Federation , they announced that in the near future regulatory acts would be adopted regulating the work of the National Certification Centre on the free issuance of TLS certificates Russian legal to persons. This will help users maintain safe access to sites that have had TLS revoked.

It will be possible to obtain a TLS certificate on the State Public services portal in a fully remote mode. All browsers and operating systems will have to support the operation of TLS certificates on the sites that receive them. It will be possible to see the full list of domains for which certificates have been issued on the State Public services portal.

See also

• SSL

• PKI
• PCI DSS
• Https