Detailed explanation of SSL TLS openssl

Relationship profile

First, let's look at the relationship between them.

SSL (Secure Socket Layer) is a network security protocol first adopted by Netscape.

TLS (Transport Layer Security) is also a network security protocol developed based on SSL. It can be regarded as an upgraded version of SSL. After SSL was standardized by IETF, it was named TLS.

openssl is an open source software library package, its main library is written in C language, and it implements the SSL and TLS protocols. It also provides other tools related to encryption certificates.

It can be simply understood as shown in the figure:

SSL(Secure Socket Layer)

origin

SSL (Secure Sockets Layer) is a secure transmission protocol designed by Netscape and mainly used for the Web. This protocol has been widely used on the Web. When the first version of the web browser, Netscape Navigator, was launched in 1994, the HTTPS protocol was launched and encrypted with SSL, which is the origin of SSL.

The basic algorithm was written by Taher Elgamal, the chief scientist of Netscape, so he is known as the "father of SSL".

version history

There are three versions of SSL, all of which are currently deprecated.

protocol	release time	state
SSL 1.0	unpublished	unpublished
SSL 2.0	the year 1995	Deprecated in 2011
SSL 3.0	1996	Deprecated in 2015

Version 1.0 was never made public because of serious security holes.
Version 2.0 was released in February 1995. In 2011, the RFC 6176 standard deprecated SSL 2.0.
Released in 1996, version 3.0 was completely redesigned by Netscape engineers Paul Kocher, Phil Karlton, and Alan Freier. In 2015, the RFC 7568 standard deprecated SSL 3.0.

TLS(Transport Layer Security)

origin

IETF standardizes SSL as RFC 2246 and calls it TLS (Transport Layer Security). The first version was released in 1999, called TLS 1.0. Technically speaking, the differences between TLS 1.0 and SSL 3.0 are very subtle.

version history

TLS 1.0	Year 1999	Deprecated in 2021
TLS 1.1	year 2006	Deprecated in 2021
TLS 1.2	Year 2008
TLS 1.3	2018

TLS 1.0

IETF standardizes SSL, namely RFC 2246, and calls it TLS (Transport Layer Security).

TLS 1.1

TLS 1.1 is defined in RFC 4346, published in April 2006, which is an update of TLS 1.0. Differences in this release include:

Add protection against CBC attacks:
- The implicit IV is replaced with an explicit IV. (called initialization vector in IV cryptography)
- Change padding errors in block cipher modes.
Support for IANA registered parameters.

Four browser vendors, Microsoft, Google, Apple, and Mozilla, will stop supporting TLS 1.0 and 1.1 in 2020. In March 2021, the RFC 8996 standard deprecated TLS 1.0 and TLS 1.1.

TLS 1.2

TLS 1.2 is defined in RFC 5246, published in August 2008. It is based on the earlier TLS 1.1 specification. Key differences include:

Added SHA-2 cryptographic hash function.
Add AEAD encryption algorithm, such as GCM mode.
Add TLS extension definitions and AES cipher suites. All TLS versions removed their compatibility with SSL in RFC 6176 published in March 2011, so that TLS sessions will never be able to negotiate the use of SSL 2.0 to avoid security problems.

TLS 1.3

TLS 1.3 is defined in RFC 8446, published in August 2018. Its main differences from TLS 1.2 include:

Separate key exchange algorithms (such as ECDHE) and authentication algorithms (such as RSA) from the cipher package.
Removed support for MD5 and SHA1 cryptographic hash functions.
Request a digital signature.
Integrating HKDF and semi-ephemeral DH proposals.
Replacement using PSK and recovery of tickets.
Support 1-RTT handshake and initially support 0-RTT.
Perfect forward secrecy is guaranteed by using ephemeral keys during key agreement.
Dropped support for many insecure or obsolete features, including data compression, renegotiation, non-AEAD encryption algorithms, static RSA and static DH key exchange, custom DHE grouping, point format negotiation, protocol to change cipherbook specifications, UNIX time The Hello message and the length field AD are input into the AEAD cipherbook.
Faster and better performance than TLS 1.2.
Removed support for RC4 encryption algorithm.
Integrate usage of session hash.
Deprecated record layer version numbers and freeze numbers to improve backwards compatibility.
Moved some security-related algorithm details from appendix to standard, and relegated ClientKeyShare to appendix.
Support Ed25519 and Ed448 digital signature algorithms.
Support for X25519 key exchange.
Support ChaCha20 encryption algorithm with Poly1305 message authentication code.
Support Encrypted Server Name Indication ( ESNI ) .

openssl

origin

The OpenSSL project started in 1998 with the goal of inventing a set of free encryption tools for use on the Internet. OpenSSL is based on SSLeay developed by Eric Young and Tim Hudson. As the two went to work at RSA, SSLeay stopped development in December 1998. Therefore, in December 1998, the community forked OpenSSL to continue development.

overview

The OpenSSL toolkit includes:

libssl is an implementation of all TLS protocol versions prior to TLSv1.3 (RFC 8446).
libCrypto is a full-strength general-purpose encryption library. It forms the basis of the TLS implementation and can also be used independently.
openssl OpenSSL command line tool, swiss army knife for encryption tasks, testing and analysis. it can be used for
- Create key parameters
- Create X.509 certificates, CSRs and CRLs
- Calculation of message digests
- encryption and decryption
- SSL/TLS client and server testing
- Handle S/MIME signed or encrypted mail
- and more...

version history

Version	initial version date	Remark	latest update
0.9.1	December 23, 1998	The official opening of the OpenSSL project	0.9.1c (December 23, 1998)
0.9.2	March 22, 1999	Replaces 0.9.1c	0.9.2b (April 6, 1999)
0.9.3	May 25, 1999	Replaces 0.9.2b	0.9.3a (May 27, 1999)
0.9.4	August 9, 1999	Replaces 0.9.3a	0.9.4 (April 9, 1999)
0.9.5	February 28, 2000	Replaces 0.9.4	0.9.5a (April 1, 2000)
0.9.6	September 24, 2000	Replaces 0.9.5a	0.9.6m (March 17, 2004)
0.9.7	December 31, 2002	Replace 0.9.6m	0.9.7m (February 23, 2007)
0.9.8	July 5, 2005	Replaces 0.9.7m	0.9.8zh (December 3, 2015)
1.0.0	March 29, 2010	Replaces 0.9.8n	1.0.0t (December 3, 2015)
1.0.1	March 14, 2012	supersedes 1.0.0 Maintenance until December 31, 2016 Support RFC 6520 TLS/DTLS heartbeat Support SCTP RFC 5705TLS key material exporter RFC 5764 DTLS-SRTP Negotiation Next Protocol Negotiation PSS signatures in certificates, requests and certificate revocation lists Support for password based recipient info for CMS Support TLS v1.2 and TLS v1.1 Preliminary FIPS capability for unvalidated 2.0 FIPS module Support Secure Remote Password Protocol (SRP)	1.0.1u (September 22, 2016)
1.0.2	January 22, 2015	Replaces 1.0.1 Maintenance until December 31, 2019 (long-term maintenance) Suite B supports TLS 1.2 and DTLS 1.2 Support DTLS 1.2 TLS automatically selects an elliptic curve (EC) API for setting the signature algorithms and curves supported by TLS SSL_CONF configuration API Support TLS Brainpool Support application layer protocol negotiation CMS supports RSA-PSS, RSA-OAEP, ECDH and X9.42 DH	1.0.2u (December 20, 2019)
1.1.0	August 25, 2016	取代1.0.2h 预计维护到2019年9月支持 BLAKE ( RFC 7693) 支持 ChaCha20-Poly1305（ RFC 7539）支持 X25519（ RFC 7748）支持 DANE和证书透明度支持扩 CCM密码包支持扩展主密钥移除SSLv2 移除对Kerberos密码包的支持将RC4和3DES从libssl从DEFAULT密码包中移除将DSS、SEED、IDEA、CAMELLIA以及AES-CCM从DEFAULT密码包中移除将40和56位密码从libssl中移除	1.1.0l（2019年9月10日）
1.1.1	2018年9月11日	将持续维护至少五年（预计到2023年9月）支持 TLS1.3 支持 SHA-3 支持 X448以及 Ed448（ RFC 7748）支持 SipHash 支持 ARIA (cipher) 支持多素数 RSA（ RFC 8017）支持 SM2、 SM3以及 SM4 移除 Heartbleed 移除对QNX支持的支持	1.1.1p（2022年6月21日）
3.0.0	2021年9月7日	重新许可至 Apache License 2.0 重新支持 FIPS 140	3.0.4 (2022年6月21日）

注1：

openssl1.1分支的最新版为1.1.1t，于2023年2月7日发布，为长期支持版本。

openssl3.0分支的最新版本为3.1.0,于2023年3月14日发布，为稳定版本。

注2：

OpenSSL 项目是在 2018 年宣布更改版本号，从 v1.x 版本直接跳到 v3.x 版本，略过 2.x 版本，原因是 OpenSSL FIPS 模块此前已经使用过 2.x 版本号。作为首个大版本号更新，OpenSSL 3.0.0 没有完全向后兼容旧版本，但绝大部分使用 OpenSSL 1.1.1 的应用仍然能正常工作，只需重新编译下。

The Holy Hand Grenade of Antioch - OpenSSL Blog

openssl/openssl: TLS/SSL and crypto library (github.com)