TLS. 14.1 Introduction 14.2 TLS Record Protocol 14.3 TLS Handshake Protocol 14.4 Summary.

Slides:



Advertisements
Similar presentations
SSL/TLS Protocol Network Security Gene Itkis. Basic paradigmatic application: on-line purchase Client contacts Server (possibly for the first time) Spontaneity.
Advertisements

Computer Science CSC 474Dr. Peng Ning1 CSC 474 Information Systems Security Topic 4.5 Transport Layer Security.
Web security: SSL and TLS
Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.
SMUCSE 5349/49 SSL/TLS. SMUCSE 5349/7349 Layers of Security.
Cryptography and Network Security
Secure Socket Layer.
SSL CS772 Fall Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.
Unifying the conceptual levels of network security through use of patterns Ph.D Dissertation Proposal Candidate: Ajoy Kumar, Advisor: Dr Eduardo B. Fernandez.
17.1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 17 Security at the Transport Layer: SSL and TLS.
Socket Layer Security. In this Presentation: need for web security SSL/TLS transport layer security protocols HTTPS secure shell (SSH)
Web Security (SSL / TLS)
Working Connection Computer and Network Security - SSL, IPsec, Firewalls – (Chapter 17, 18, 19, and 23)
7-1 Chapter 7 – Web Security Use your mentality Wake up to reality —From the song, "I've Got You under My Skin“ by Cole Porter.
An Introduction to Secure Sockets Layer (SSL). Overview Types of encryption SSL History Design Goals Protocol Problems Competing Technologies.
Transport Layer Security (TLS) Protocol Introduction to networks and communications(CS555) Prof : Dr Kurt maly Student:Abhinav y.
BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.
Apr 2, 2002Mårten Trolin1 Previous lecture On the assignment Certificates and key management –Obtaining a certificate –Verifying a certificate –Certificate.
Cryptography and Network Security Chapter 17
WEB SECURITY. WEB ATTACK TYPES Buffer OverflowsXML InjectionsSession Hijacking Attacks WEB Attack Types.
0 SSL3.0 / TLS1.0 Secure Communication over Insecure Line.
CSCE 790: Computer Network Security Chin-Tser Huang University of South Carolina.
Chapter 8 Web Security.
Seguridad en Sistemas de Información Francisco Rodríguez Henríquez SSL/TLS: An Introduction.
Secure Sockets Layer 1 / 99  SSL is perhaps the widest used security protocol on the Internet today.  Together with DC enables secure communication.
Announcement Final exam: Wed, June 9, 9:30-11:18 Scope: materials after RSA (but you need to know RSA) Open books, open notes. Calculators allowed. 1.
Secure Socket Layer (SSL)
SSL / TLS in ITDS Arun Vishwanathan 23 rd Dec 2003.
Behzad Akbari Spring 2012 (These slides are based on lecture slides by Lawrie Brown)
Introduction to Secure Sockets Layer (SSL) Protocol Based on:
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
Cryptography and Network Security (CS435) Part Fourteen (Web Security)
Web Security : Secure Socket Layer Secure Electronic Transaction.
Cryptography and Network Security (SSL)
Web Security Network Systems Security
8-1 Chapter 8 Security Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012 part 3: Securing TCP.
Tunneling and Securing TCP Services Nathan Green.
SSL (TLS) Part 2 Generating the Premaster and Master Secrets + Encryption.
1 Understanding Secure Socket Layer (SSL) Advisor Advisor Prof. Tzonelih Hwang Presenter Prosanta Gope.
SMUCSE 5349/7349 SSL/TLS. SMUCSE 5349/7349 Layers of Security.
Web Security Web now widely used by business, government, individuals but Internet & Web are vulnerable have a variety of threats – integrity – confidentiality.
1 SSL/TLS. 2 Web security Security requirements Secrecy to prevent eavesdroppers to learn sensitive information Entity authentication Message authentication.
Encryption protocols Monil Adhikari. What is SSL / TLS? Transport Layer Security protocol, ver 1.0 De facto standard for Internet security “The primary.
1 Secure Socket Layer Originally by Yu Yang and Lilly Wang Originally by Yu Yang and Lilly Wang Modified by T. A. Yang Modified by T. A. Yang.
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
8-1 CSE 4707/5850 Network Security (2) SSL/TLS. 8-2 Think about Google or YouTube  Desired properties  Indeed the other side is Google or YouTube server.
@Yuan Xue CS 285 Network Security Secure Socket Layer Yuan Xue Fall 2013.
Cryptography CSS 329 Lecture 13:SSL.
Page 1 of 17 M. Ufuk Caglayan, CmpE 476 Spring 2000, SSL and SET Notes, March 29, 2000 CmpE 476 Spring 2000 Notes on SSL and SET Dr. M. Ufuk Caglayan Department.
PRESENTATION ON SECURE SOCKET LAYER (SSL) BY: ARZOO THAKUR M.E. C.S.E (REGULAR) BATCH
TLS/SSL Protocol Presented by: Vivek Nelamangala Includes slides presented by Miao Zhang on April Course: CISC856 - TCP/IP and Upper Layer Protocols.
Network security Presentation AFZAAL AHMAD ABDUL RAZAQ AHMAD SHAKIR MUHAMMD ADNAN WEB SECURITY, THREADS & SSL.
The Secure Sockets Layer (SSL) Protocol
Cryptography and Network Security
CSCE 715: Network Systems Security
Visit for more Learning Resources
Originally by Yu Yang and Lilly Wang Modified by T. A. Yang
CSE 4095 Transport Layer Security TLS, Part II
CSE 4095 Transport Layer Security TLS
Cryptography and Network Security
SSL (Secure Socket Layer)
Security at the Transport Layer: SSL and TLS
SSL Protocol Figures used in the presentation
The Secure Sockets Layer (SSL) Protocol
Transport Layer Security (TLS)
Cryptography and Network Security
Presentation transcript:

TLS

14.1 Introduction 14.2 TLS Record Protocol 14.3 TLS Handshake Protocol 14.4 Summary

14.1 Introduction  Transport Layer Security (TLS) [RFC2246]  TLS provides transport layer security for Internet applications  It provides for confidentiality and data integrity over a connection between two end points  TLS operates on a reliable transport, such as TCP, and is itself layered into TLS Record Protocol TLS Handshake Protocol

 Advantage of TLS applications can use it transparently to securely communicate with each other TLS is visible to applications, making them aware of the cipher suites and authentication certificates negotiated during the set-up phases of a TLS session

14.2 TLS Record Protocol  TLS Record Protocol layers on top of a reliable connection-oriented transport, such as TCP  TLS Record Protocol provides data confidentiality using symmetric key cryptography provides data integrity using a keyed message authentication checksum (MAC)  The keys are generated uniquely for each session based on the security parameters agreed during the TLS handshake

 Basic operation of the TLS Record Protocol 1.read messages for transmit 2.fragment messages into manageable chunks of data 3.compress the data, if compression is required and enabled 4.calculate a MAC 5.encrypt the data 6.transmit the resulting data to the peer

 At the opposite end of the TLS connection, the basic operation of the sender is replicated, but in the reverse order 1.read received data from the peer 2.decrypt the data 3.verify the MAC 4.decompress the data, if compression is required and enabled 5.reassemble the message fragments 6.deliver the message to upper protocol layers

14.3 TLS Handshake Protocol  TLS Handshake Protocol is layered on top of the TLS Record Protocol  TLS Handshake Protocol is used to authenticate the client and the server exchange cryptographic keys negotiate the used encryption and data integrity algorithms before the applications start to communicate with each other

 Figure 14.1 illustrates the actual handshake message flow [Step1]  the client and server exchange Hello messages  the client sends a ClientHello message, which is followed by the server sending a ServerHello message

 these two messages establish the TLS protocol version, the compression mechanism used, the cipher suite used, and possibly the TLS session ID  additionally, both a random client nonce and a random server nonce are exchanged that are used in the handshake later on

[Step2]  the server may send any messages associated with the ServerHello  depending on the selected cipher suite, it will send its certificate for authentication  the server may also send a key exchange message and a certificate request message to the client, depending on the selected cipher suite

 to mark the end of the ServerHello and the Hello message exchange, the server sends a ServerHelloDone message

 [Step3] next, if requested, the client will send its certificate to the server in any case, the client will then send a key exchange message that sets the pre-master secret between the client and the server optionally, the client may also send a Certificate Verify message to explicitly verify the certificate that the server requested

 [Step4] then, both the client and the server send the ChangeCipherSpec messages and enable the newly negotiated cipher spec the first message passed in each direction using the new algorithms, keys and secrets is the Finished message, which includes a digest of all the handshake messages each end inspects the Finished message to verify that the handshake was not tampered with

註:  Digest of all the handshake messages means the results of applying a one-way hash function to the handshake messages

14.4 Summary  TLS protocol provides transport layer security for Internet applications and confidentiality using symmetric key cryptography and data integrity using a keyed MAC  It also includes functionality for client and server authentication using public key cryptography

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.