GMAIL Transport Lay...
 
Notifications
Clear all

GMAIL Transport Layer Security (TLS)

2 Posts
2 Users
0 Likes
381 Views
(@trewmte)
Posts: 1877
Noble Member
Topic starter
 

Possibly most are familiar with the new GMAIL Transport Layer Security (TLS) but after a very quick searches at FF nothing was returned about this subject.

The below could be useful as investigator background knowledge or maybe student research.

GMAIL unveiled its new email encryption defined for the user as a RED closed or open PADLOCK on Safer Internet Day.

Research Links
https://support.google.com/mail/answer/6330403?p=tls&hl=en&rd=1
https://www.google.com/transparencyreport/saferemail/
https://www.google.com/transparencyreport/saferemail/tls/?hl=en
http//gmailblog.blogspot.co.uk/2016/02/making-email-safer-for-you-posted-by.html

Basically, where a Gmail user receives an email sent from a sender that hasn't encrypted the message using Transport Layer Security (TLS) encryption, Gmail will display an open red padlock icon near to the sender and receivers address. Using the drop arrow icon next to "to me" reveals more about the sent message. Using the drop arrow icon next to the message sent date enables investigators to activate "Show Original" message. The latter is not new but it being referred to just for completeness.

In addition, where a Gmail user receives a message that cannot be authenticated with either SPF (Sender Policy Framework) or DKIM (Domain Keys Identified Mail), should the sender’s profile have a photo or avatar either will be replaced with a red question mark. Clicking on the icons will give the user more information about the authentication associated with the received email.

RFC 5246 ( https://www.rfc-editor.org/rfc/rfc5246.txt ) specifies Version 1.2 of The Transport Layer Security (TLS) Protocol. The TLS protocol provides communications security over the Internet. The protocol allows client/server applications to communicate in a way that is designed to prevent eavesdropping, tampering, or message forgery. Therefore, the primary goal of the TLS protocol is to provide privacy and data integrity between two communicating applications. TLS lies on top of the transport layer protocol, like TCP, and provides security to it. The protocol is composed of two layers the TLS Record Protocol and the TLS Handshake Protocol. TLS is application protocol independent. It is possible with higher-level protocols they can be transparently layered on top of the TLS protocol.

However, the TLS standard does not specify how protocols add security with TLS. Instead, the decisions on how to initiate TLS handshaking and how to interpret the authentication certificates exchanged has been left to the judgment of those who design and implement protocols that run on top of TLS.

 
Posted : 01/03/2016 6:31 pm
RolfGutmann
(@rolfgutmann)
Posts: 1185
Noble Member
 

Very useful explained, thank you! Its may worth considering in TLS 1.2 to prefer SHA256 signatures over SHA1, as SHA1 soon will be broken (few months)

 
Posted : 10/03/2016 2:33 am
Share: