SSL CS772 Fall 2011. Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.

Slides:



Advertisements
Similar presentations
SSL/TLS Protocol Network Security Gene Itkis. Basic paradigmatic application: on-line purchase Client contacts Server (possibly for the first time) Spontaneity.
Advertisements

Computer Science CSC 474Dr. Peng Ning1 CSC 474 Information Systems Security Topic 4.5 Transport Layer Security.
Web security: SSL and TLS
Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.
1 Lecture 17: SSL/TLS history, architecture basic handshake session initiation/resumption key computation negotiating cipher suites application: SET.
TLS Introduction 14.2 TLS Record Protocol 14.3 TLS Handshake Protocol 14.4 Summary.
Cryptography and Network Security
Secure Socket Layer.
Unifying the conceptual levels of network security through use of patterns Ph.D Dissertation Proposal Candidate: Ajoy Kumar, Advisor: Dr Eduardo B. Fernandez.
17.1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 17 Security at the Transport Layer: SSL and TLS.
Socket Layer Security. In this Presentation: need for web security SSL/TLS transport layer security protocols HTTPS secure shell (SSH)
Internet Security Protocols
Working Connection Computer and Network Security - SSL, IPsec, Firewalls – (Chapter 17, 18, 19, and 23)
7-1 Chapter 7 – Web Security Use your mentality Wake up to reality —From the song, "I've Got You under My Skin“ by Cole Porter.
An Introduction to Secure Sockets Layer (SSL). Overview Types of encryption SSL History Design Goals Protocol Problems Competing Technologies.
1 SSL/TLS 2 Web security Security requirements Secrecy to prevent eavesdroppers to learn sensitive information Entity authentication Message authentication.
Transport Layer Security (TLS) Protocol Introduction to networks and communications(CS555) Prof : Dr Kurt maly Student:Abhinav y.
Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.
CSE 461 Section. “Transport Layer Security” protocol Standard protocol for encrypting Internet traffic Previously known as SSL (Secure Sockets Layer),
BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.
1 Supplement III: Security Controls What security services should network systems provide? Confidentiality Access Control Integrity Non-repudiation Authentication.
Mar 19, 2002Mårten Trolin1 This lecture On the assignment Certificates and key management SSL/TLS –Introduction –Phases –Commands.
Apr 2, 2002Mårten Trolin1 Previous lecture On the assignment Certificates and key management –Obtaining a certificate –Verifying a certificate –Certificate.
Cryptography and Network Security Chapter 17
0 SSL3.0 / TLS1.0 Secure Communication over Insecure Line.
Chapter 8 Web Security.
Secure Sockets Layer 1 / 99  SSL is perhaps the widest used security protocol on the Internet today.  Together with DC enables secure communication.
Announcement Final exam: Wed, June 9, 9:30-11:18 Scope: materials after RSA (but you need to know RSA) Open books, open notes. Calculators allowed. 1.
CSCI 6962: Server-side Design and Programming
11 Secure Sockets Layer (SSL) Protocol (SSL) Protocol Saturday, University of Palestine Applied and Urban Engineering College Information Security.
SSL and https for Secure Web Communication CSCI 5857: Encoding and Encryption.
SSL / TLS in ITDS Arun Vishwanathan 23 rd Dec 2003.
Behzad Akbari Spring 2012 (These slides are based on lecture slides by Lawrie Brown)
Cosc 4765 SSL/TLS and VPN. SSL and TLS We can apply this generally, but also from a prospective of web services. Multi-layered: –S-http (secure http),
Introduction to Secure Sockets Layer (SSL) Protocol Based on:
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
Cryptography and Network Security (CS435) Part Fourteen (Web Security)
Web Security : Secure Socket Layer Secure Electronic Transaction.
8-1 Chapter 8 Security Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012 part 3: Securing TCP.
1 SSL - Secure Sockets Layer The Internet Engineering Task Force (IETF) standard called Transport Layer Security (TLS) is based on SSL.
SARVAJANIK COLLEGE OF ENGINEERING & TECHNOLOGY. Secure Sockets Layer (SSL) Protocol Presented By Shivangi Modi Presented By Shivangi ModiCo-M(Shift-1)En.No
SSL (TLS) Part 2 Generating the Premaster and Master Secrets + Encryption.
SMUCSE 5349/7349 SSL/TLS. SMUCSE 5349/7349 Layers of Security.
Secure Sockets Layer (SSL) Protocol by Steven Giovenco.
Network and Internet Security Prepared by Dr. Lamiaa Elshenawy
1 SSL/TLS. 2 Web security Security requirements Secrecy to prevent eavesdroppers to learn sensitive information Entity authentication Message authentication.
Encryption protocols Monil Adhikari. What is SSL / TLS? Transport Layer Security protocol, ver 1.0 De facto standard for Internet security “The primary.
Mar 28, 2003Mårten Trolin1 This lecture Certificates and key management Non-interactive protocols –PGP SSL/TLS –Introduction –Phases –Commands.
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
8-1 CSE 4707/5850 Network Security (2) SSL/TLS. 8-2 Think about Google or YouTube  Desired properties  Indeed the other side is Google or YouTube server.
@Yuan Xue CS 285 Network Security Secure Socket Layer Yuan Xue Fall 2013.
Cryptography CSS 329 Lecture 13:SSL.
Page 1 of 17 M. Ufuk Caglayan, CmpE 476 Spring 2000, SSL and SET Notes, March 29, 2000 CmpE 476 Spring 2000 Notes on SSL and SET Dr. M. Ufuk Caglayan Department.
SSL: Secure Socket Layer By: Mike Weissert. Overview Definition History & Background SSL Assurances SSL Session Problems Attacks & Defenses.
The Secure Sockets Layer (SSL) Protocol
Cryptography and Network Security
Secure Sockets Layer (SSL)
Originally by Yu Yang and Lilly Wang Modified by T. A. Yang
CSE 4095 Transport Layer Security TLS, Part II
CSE 4095 Transport Layer Security TLS
Cryptography and Network Security
Cryptography and Network Security
SSL (Secure Socket Layer)
The Secure Sockets Layer (SSL) Protocol
Transport Layer Security (TLS)
Cryptography and Network Security
Presentation transcript:

SSL CS772 Fall 2011

Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top goal Server authentication is necessary. Client authentication is optional. With unknown parties communicating, spontaneity is necessary Transparency to TCP is necessary. In other words, software working on top of SSL should feel that they are only working with TCP and not SSL. SSLv3: Provide a mechanism for secure negotiating multiple cryptographic algorithms--- support far greater number of algorithms TLS: Transport Layer Protocol: A modified SSLv3 that requires implementation to support DH (Diffie-Hellman), DSS (Digital signature algorithm of NSA), and 3DES

https In HTTP a TCP connection is created and the clients send a request. The server responds with a document. When SSL is used: SSL is on top of TCP, and HTTP is on top of SSL. Since there are more handshake messages in this case, it uses HTTPS stands for Hypertext Transfer Protocol over Secure Socket Layer, or HTTP over SSL. HTTPS encrypts and decrypts the page requests and page information between the client browser and the web server using a secure Socket Layer (SSL). HTTPS by default uses port 443 as opposed to the standard HTTP port of 80. URLs beginning with HTTPS indicate that the connection between client and browser is encrypted using SSL. SSL transactions are negotiated by means of a key based encryption algorithm between the client and the server, this key is usually either 40 or 128 bits in strength (the higher the number of bits the more secure the transaction). HTTPS should not be confused with S-HTTP, a security-enhanced version of HTTP. SSL and S-HTTP have very different designs and goals so it is possible to use the two protocols together. Whereas SSL is designed to establish a secure connection between two computers, S-HTTP is designed to send individual messages securely.

Basic SSL An SSL connection is divided into two phases: (i) Handshake (ii) Data transfer Handshake: 1.Client sends the server a list of the algorithms it is wiling to support, along with a random number used as input to the key generation process 2.The server chooses a cipher out of that list and sends it back along with server’s certificate with its public key. It also send a random number. 3.Client verifies the certificate, extracts the server’s public key; client also generates a random secret string called “pre master secret” and encrypts using server’s public key and sends it to server 4.Client and server independently compute the encryption and MAC keys from the pre_master_secret and the client and server’s random values 5.Client sends a MAC of all the handshake messages to the server 6.Server sends a MAC of all the handshake messages to the client 7.The random numbers generated by server and client are useful to avoid replay attack 8.MAC exchange helps an intruder from modifying the cipher set sent from client to server, for example.

Data transfer phase: SSL Record Protocol Break up the input data stream into a series of fragments, each of which is independently protected and transmitted. At the other end, each record is decrypted and verified. The header has: content type, the length, and SSL version Content type: application_data, alert, handshake, and change_cipher_spec

Advanced SSL Session resumption –full handshake can be very expensive in terms of CPU time and number of messages –the most expensive part is the establishment of the pre_master_secret, requires public key cryptography –Resumed handshake allows a new connection to use a master_secret established in a previous handshake.

Session Resumption (contd.) Connection vs. session –A connection represents one specific communications channel (e.g., a TCP connection), along with its keys, cipher choices, sequence number state, etc. –A session is a virtual construct representing the negotiated algorithms and the master_secret. It is created every time a given client and server go through a full key exchange and establish a new master_secret. –Multiple connections can be associated with a given session. –Although all connections in a given session share the same master_secret, each has its own encryption keys, MAC keys, and IVs.

Client Authentication Useful if a server wanted to restrict access to some services to only certain authorized clients and could use client authentication to do so. Clients use their private keys to sign something that proves that it is the “client” with the private key. It is initiated by the server sending a CertificateRequest message to the client. The client responds by sending a Certificate message and a message string signed with the private key

Rehandshake A rehandshake is a new SSL handshake performed over the current protected connection The rehandshake messages are encrypted in transit Once the new handshake has finished, data will be protected using the new session state.

SSL Security What SSL provides: –Provides channel-level security---two ends of the connection know that the data being transmitted is being kept secret and that it has not been tampered with. –Server is always authenticated; client could be authenticated –All security depends on keeping the master_secret private---once this is compromised all other keys can be generated and session compromised –If an attacker has server’s private key, then the attacker can obtain the master_secret as it is sent in an encrypted form by the client. –SSL uses random numbers in a number of places---(i) Private keys for the server (and optionally for client) need to be randomly generated (ii) Client needs a random number to perform key exchange (or to generate pre_master_secret for RSA) (iii) If DSA is being used for signature than a random number is needed for each signature. (iv) For handshake values by both client and server. –The random numbers should be strong random numbers –Check the certificate chain

SSL Key derivation

What can compromise security? Master_secret is the key; if that is compromised by an attacker, all else is known to the attacker. With this compromise, confidentiality and integrity attacks are quite possible.

SSL Performance SSL is slow---depending on the protocols being used, the server hardware, and the network environment, SSL connections can be anywhere between 2 and 100 times slower than ordinary TCP connections. Some performance degradation is due to computational cost of cryptographic operations.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.