J. Wang. Computer Network Security Theory and Practice. Springer 2009 Chapter 5 Network Security Protocols in Practice Part II.

Slides:



Advertisements
Similar presentations
Cryptography and Network Security Chapter 16
Advertisements

Web security: SSL and TLS
Spring 2012: CS419 Computer Security Vinod Ganapathy SSL, etc.
1 Lecture 17: SSL/TLS history, architecture basic handshake session initiation/resumption key computation negotiating cipher suites application: SET.
Lecture 6: Web security: SSL
TLS Introduction 14.2 TLS Record Protocol 14.3 TLS Handshake Protocol 14.4 Summary.
Cryptography and Network Security
Secure Socket Layer.
SSL CS772 Fall Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.
Socket Layer Security. In this Presentation: need for web security SSL/TLS transport layer security protocols HTTPS secure shell (SSH)
Working Connection Computer and Network Security - SSL, IPsec, Firewalls – (Chapter 17, 18, 19, and 23)
7-1 Chapter 7 – Web Security Use your mentality Wake up to reality —From the song, "I've Got You under My Skin“ by Cole Porter.
An Introduction to Secure Sockets Layer (SSL). Overview Types of encryption SSL History Design Goals Protocol Problems Competing Technologies.
BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.
Chapter 5 Network Security Protocols in Practice Part I
TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 30 Internet Security.
Cryptography and Network Security Chapter 17
TCP/IP Protocol Suite 1 Chapter 28 Upon completion you will be able to: Security Differentiate between two categories of cryptography schemes Understand.
Chapter 8 Web Security.
Seguridad en Sistemas de Información Francisco Rodríguez Henríquez SSL/TLS: An Introduction.
Announcement Final exam: Wed, June 9, 9:30-11:18 Scope: materials after RSA (but you need to know RSA) Open books, open notes. Calculators allowed. 1.
CSCI 6962: Server-side Design and Programming
SYSTEM ADMINISTRATION Chapter 13 Security Protocols.
SSL and https for Secure Web Communication CSCI 5857: Encoding and Encryption.
Secure Socket Layer (SSL)
SSL / TLS in ITDS Arun Vishwanathan 23 rd Dec 2003.
Behzad Akbari Spring 2012 (These slides are based on lecture slides by Lawrie Brown)
1 TCP/IP Applications. 2 NNTP: Network News Transport Protocol NNTP is a TCP/IP protocol based upon text strings sent bidirectionally over 7 bit ASCII.
Cosc 4765 SSL/TLS and VPN. SSL and TLS We can apply this generally, but also from a prospective of web services. Multi-layered: –S-http (secure http),
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
Network Security Essentials Chapter 5
Cryptography and Network Security (CS435) Part Fourteen (Web Security)
Web Security : Secure Socket Layer Secure Electronic Transaction.
Cryptography and Network Security (SSL)
Internet Security. 2 PGP is a security technology which allows us to send that is authenticated and/or encrypted. Authentication confirms the identity.
8-1 Chapter 8 Security Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012 part 3: Securing TCP.
Tunneling and Securing TCP Services Nathan Green.
1 Security Protocols in the Internet Source: Chapter 31 Data Communications & Networking Forouzan Third Edition.
SSL (TLS) Part 2 Generating the Premaster and Master Secrets + Encryption.
Chapter 32 Internet Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
SMUCSE 5349/7349 SSL/TLS. SMUCSE 5349/7349 Layers of Security.
Encryption protocols Monil Adhikari. What is SSL / TLS? Transport Layer Security protocol, ver 1.0 De facto standard for Internet security “The primary.
1 Chapter 7 WEB Security. 2 Outline Web Security Considerations Secure Socket Layer (SSL) and Transport Layer Security (TLS) Secure Electronic Transaction.
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
Chapter 7 : Web Security Lecture #1-Week 12 Dr.Khalid Dr. Mohannad Information Security CIT 460 Information Security Dr.Khalid Dr. Mohannad 1.
Lecture 6 (Chapter 16,17,18) Network and Internet Security Prepared by Dr. Lamiaa M. Elshenawy 1.
@Yuan Xue CS 285 Network Security Secure Socket Layer Yuan Xue Fall 2013.
Cryptography CSS 329 Lecture 13:SSL.
PRESENTATION ON SECURE SOCKET LAYER (SSL) BY: ARZOO THAKUR M.E. C.S.E (REGULAR) BATCH
J. Wang and Z. Kissel. Introduction to Computer Network Security: Theory and Practice. Wiley 2015 Chapter 5 Network Security Protocols in Practice.
Network security Presentation AFZAAL AHMAD ABDUL RAZAQ AHMAD SHAKIR MUHAMMD ADNAN WEB SECURITY, THREADS & SSL.
Chapter 5 Network Security Protocols in Practice Part I
Cryptography and Network Security
Secure Sockets Layer (SSL)
UNIT.4 IP Security.
CSCE 715: Network Systems Security
Originally by Yu Yang and Lilly Wang Modified by T. A. Yang
Chapter 5 Network Security Protocols in Practice
Cryptography and Network Security
Cryptography and Network Security
SSL (Secure Socket Layer)
The Secure Sockets Layer (SSL) Protocol
Lecture 5: Transport layer (TLS / SSL) and Security ( PGP )
Transport Layer Security (TLS)
Cryptography and Network Security
Presentation transcript:

J. Wang. Computer Network Security Theory and Practice. Springer 2009 Chapter 5 Network Security Protocols in Practice Part II

J. Wang. Computer Network Security Theory and Practice. Springer 2009 Chapter 5 Outline 5.1 Crypto Placements in Networks 5.2 Public-Key Infrastructure 5.3 IPsec: A Security Protocol at the Network Layer 5.4 SSL/TLS: Security Protocols at the Transport Layer 5.5 PGP and S/MIME: Security Protocols 5.6 Kerberos: An Authentication Protocol 5.7 SSH: Security Protocols for Remote Logins

J. Wang. Computer Network Security Theory and Practice. Springer 2009 SSL/TLS Secure Socket Layer Protocol (SSL)  Designed by Netscape in 1994  To protect WWW applications and electronic transactions  Transport layer security protocol (TLS) A revised version of SSLv3  Two major components : Record protocol, on top of transport-layer protocols Handshake protocol, change-cipher-spec protocol, and alert protocol; they reside between application-layer protocols and the record protocol

J. Wang. Computer Network Security Theory and Practice. Springer 2009 SSL Example Hyper Text Transmission Protocol over SSL (https)  Implemented in the application layer of OSI model  Uses SSL to Encrypt HTTP packets Authentication between server & client

J. Wang. Computer Network Security Theory and Practice. Springer 2009 SSL Structure

J. Wang. Computer Network Security Theory and Practice. Springer 2009 SSL Handshake Protocol Allows the client and the server to negotiate and select cryptographic algorithms and to exchange keys Allows authentication to each other Four phases:  Select cryptographic algorithms Client Hello Message Server Hello Message  Authenticate Server and Exchange Key  Authenticate Client and Exchange Key  Complete Handshake

J. Wang. Computer Network Security Theory and Practice. Springer 2009 Phase 1a: Client Hello Message 1. Version number, VC:  Highest SSL version installed on the client machine  Eg V C = 3 2. Pseudo Random string, r c  32-byte string 4 byte time stamp 28 byte nonce 3. Session ID, S C  If S c =0 then a new SSL connection on a new session  If S c != 0 then a new SSL connection on existing session, or update parameters of the current SSL connection 4. Cipher suite: (PKE, SKA, Hash)  Eg.  Lists public key encryption algorithms, symmetric key encryption algorithms and hash functions supported by the client 5. Compression Method  Eg.  Lists compression methods supported by the client The client’s hello message contains the following information:

J. Wang. Computer Network Security Theory and Practice. Springer 2009 Phase 1b: Server Hello Message 1. Version number, V S :  V S = min {V Client, V}  Highest SSL version installed at server-side 2. Pseudo Random string, r s  32-byte string 4 byte time stamp 28 byte nonce 3. Session ID, S S  If S c =0 then S s = new session ID  If S c != 0 then S s =S c 4. Cipher suite: (PKE, SKA, Hash)  Eg.  Lists public key encryption algorithm, symmetric key encryption algorithm and hash function supported by the server 5. Compression Method  Eg.  Compression method that the server selected from the client’s list. The server’s hello message contains the following information:

J. Wang. Computer Network Security Theory and Practice. Springer 2009 Phase 2 Server sends the following information to the client: 1.Server’s public-key certificate 2.Server’s key-exchange information 3.Server’s request of client’s public-key certificate 4.Server’s closing statement of server_hello message Note: The authentication part is often not implemented

J. Wang. Computer Network Security Theory and Practice. Springer 2009 Phase 3 Client responds the following information to the server:  Client’s public-key certificate  Client’s key-exchange information  Client’s integrity check value of its public-key certificate The key-exchange information is used to generate a master key i.e., if in Phase 1, the server chooses RSA to exchange secret keys, then the client generates and exchanges a secret key as follows:  Verifies the signature of the server’s public-key certificate  Gets server’s public key K s u  Generates a 48-byte pseudorandom string s pm (pre-master secret)  Encrypts s pm with K s u using RSA and sends the ciphertext as key-exchange information to the server

J. Wang. Computer Network Security Theory and Practice. Springer 2009 Phase 3 (cont.) After phase 3 both sides now have r c, r s, s pm, then both the client & the server will calculate the shared master secret s m : s m = H 1 (s pm || H 2 (‘A’ || s pm || r c || r s )) || H 1 (s pm || H 2 (‘BB’ || s pm || r c || r s )) || H 1 (s pm || H 2 (‘CCC’ || s pm || r c || r s ))

J. Wang. Computer Network Security Theory and Practice. Springer 2009 Phase 4 Client & Server send each other a change_cipher_spec message and a finish message to close the handshake protocol. Now both sides calculate secret-key block K b using same method as we did to calculate the master secret except we use S m instead of S pm K b = H 1 (S m || H 2 (‘A’ || S m || R c || R s )) || H 1 (S m || H 2 (‘BB’ || S m || R c || R s )) || H 1 (S m || H 2 (‘CCC’ || S m || R c || R s )) … K b is divided into six blocks, each of which forms a secret key K b = K c1 || K c2 || K c3 || K s1 || K s2 || K s3 || Z (where Z is remaining substring) Put the secret keys into two groups: Group I: (K c1, K c2, K c3 ) = (K c,HMAC, K c,E, IV c ) (protect packets from client to server) Group II: (K s1, K s2, K s3 ) = (K s,HMAC, K s,E, IV s ) (protect packets from server to client)

J. Wang. Computer Network Security Theory and Practice. Springer 2009 SSL Record Protocol After establishing a secure communication session, both the client and the server will use the SSL record protocol to protect their communications The client does the following:  Divide M into a sequence of data blocks M 1, M 2, …, M k  Compress M i to get M i ’ = CX(M i )  Authenticate M i ’ to get M i ” = M i ’ || H Kc,HMAC (M i ’)  Encrypt M i ” to get C i = E Kc,HMAC (M i ”)  Encapsulate C i to get P i = [SSL record header] || C i  Transmit P i to the server

J. Wang. Computer Network Security Theory and Practice. Springer 2009 The server does the following:  Extracts C i from P i  Decrypts C i to get M i ”  Extracts M i ’ and H Kc,HMAC (M i ’)  Verifies the authentication code  Decompress M i ’ to get M i SSL Record Protocol

J. Wang. Computer Network Security Theory and Practice. Springer 2009 SSL record protocol SSL Record Protocol Diagram

J. Wang. Computer Network Security Theory and Practice. Springer 2009 Chapter 5 Outline 5.1 Crypto Placements in Networks 5.2 Public-Key Infrastructure 5.3 IPsec: A Security Protocol at the Network Layer 5.4 SSL/TLS: Security Protocols at the Transport Layer 5.5 PGP and S/MIME: Security Protocols 5.6 Kerberos: An Authentication Protocol 5.7 SSH: Security Protocols for Remote Logins

J. Wang. Computer Network Security Theory and Practice. Springer 2009 Basic Security Mechanisms Should Alice want to prove to Bob that M is from her  Send to Bob for authentication, where denotes public-key encryption (to distinguish conventional encryption E ) Should Alice want M to remain confidential during transmission  Send to Bob  After getting this string, Bob first decrypts to get K A  Bob then decrypt using K A to obtain M

J. Wang. Computer Network Security Theory and Practice. Springer 2009 PGP Pretty Good Privacy  Implements all major cryptographic algorithms, the ZIP compression algorithms, and the Base64 encoding algorithm  Can be used to authenticate or encrypt a message, or both  General format: Authentication ZIP compression Encryption Base64 encoding (for SMTP transmission)

J. Wang. Computer Network Security Theory and Practice. Springer 2009 PGP Message Format Sender: Alice; Receiver: Bob

J. Wang. Computer Network Security Theory and Practice. Springer 2009 S/MIME Secure Multipurpose Internet Mail Extension Created to deal with short comings of PGP  Support for multiple formats in a message, not just ASCII text  Support for IMAP (Internet Mail Access Protocol)  Support for multimedia Similar to PGP, can also do authentication, encryption, or both Use X.509 PKI and public-key certificates Also support standard symmetric-key encryption, public-key encryption, digital signature algorithms, hash functions, and compression functions

J. Wang. Computer Network Security Theory and Practice. Springer 2009 Chapter 5 Outline 5.1 Crypto Placements in Networks 5.2 Public-Key Infrastructure 5.3 IPsec: A Security Protocol at the Network Layer 5.4 SSL/TLS: Security Protocols at the Transport Layer 5.5 PGP and S/MIME: Security Protocols 5.6 Kerberos: An Authentication Protocol 5.7 SSH: Security Protocols for Remote Logins

J. Wang. Computer Network Security Theory and Practice. Springer 2009 Kerberos Basics Goals:  Authenticate users on a local-area network without PKI  Allow users to access to services without re- entering password for each service It uses symmetric-key encryption and electronic passes called tickets It uses two different types of tickets:  TGS-ticket: issued to the user by AS  V-ticket (server ticket): issued to the user by TGS

J. Wang. Computer Network Security Theory and Practice. Springer 2009 Kerberos Servers Requires two special servers to issue tickets to users:  AS: Authentication Server. AS manages users and user authentication  TGS: Ticket Granting Server. TGS manages servers Two Kerberos Protocols ( single network vs. multiple )  Single-Realm Kerberos  Multi-Realm Kerberos

J. Wang. Computer Network Security Theory and Practice. Springer 2009  At first logon, the user provides username and password to AS  AS then authenticates the user and provides a TGS ticket to the user  When the user wants to access a service provided by server V, the user provides the TGS its TGS-ticket  The TGS then authenticates the user’s TGS-ticket and issues a V-ticket (server ticket) to the user  The user provides the V-ticket to server V to obtain service How Does Kerberos Work?

J. Wang. Computer Network Security Theory and Practice. Springer 2009 Kerberos Notations

J. Wang. Computer Network Security Theory and Practice. Springer 2009 Single-Realm Kerberos

J. Wang. Computer Network Security Theory and Practice. Springer 2009 Phase 1: AS Issues a TGS-Ticket to User 1. U  AS: ID U || ID TGS || t 1 2. AS  U: E KU (K U,TGS || ID TGS || t 2 || LT 2 || Ticket TGS ) Ticket TGS = E KTGS (K U,TGS || ID U || AD U || ID TGS || t 2 || LT 2 ) Phase 2: TGS Issues a Server Ticket to User 3. U  TGS: ID V || Ticket TGS || Auth U,TGS Auth U,TGS = E KU,TGS (ID U || AD U || t 3 ) 4.TGS  U: E KU,TGS (K U,V || ID V || t 4 || Ticket V ) Ticket V = E Kv (K U,V || ID U || AD U || ID V || t 4 || LT 4 ) Phase 3: User Requests Service from Sever 5. U  V: Ticket V || Auth U,V Auth U,V = E KU,V (ID U || AD U || t 5 ) 6. V  E KU,V (t 5 +1) Three Phases in Single-Realm Kerberos

J. Wang. Computer Network Security Theory and Practice. Springer 2009 Multi-Realm Kerberos

J. Wang. Computer Network Security Theory and Practice. Springer 2009 Phase 1: Local AS Issues a Local TGS-Ticket to User 1. U  AS: ID U || ID TGS || t 1 2. AS  U: EK U (K U,TGS || ID TGS || t 2 || LT 2 || Ticket TGS ) Ticket TGS = E KTGS (K U,TGS || ID U || AD U || ID TGS || t 2 LT 2 ) Phase 2: Local TGS Issues a Neighbor TGS-Ticket to User 3. U  TGS: ID V || Ticket TGS || Auth U,TGS Auth U,TGS = E KU,TGS (ID U || AD U || t 3 ) 4.TGS  U: E KU,TGS (K U,TGS’ || ID TGS’ || t 4 || Ticket TGS’ ) Ticket TGS’ = E KTGS’ (K U,TGS’ || ID U || AD U || ID TGS’ || t 4 || LT 4 ) Phase 3: Neighbor TGS’ Issues a Server Ticket to User 5. U  TGS’: ID V || Ticket TGS’ || Auth U,TGS’ Auth U,TGS’ = E KU,TGS’ (ID U || AD U || t 5 ) 6. TGS’  U: E KU,TGS’ (K U,V || ID V || t 6 || Ticket V ) Ticket V = E KV (K U,V || ID U || AD U || ID V || t 6 || LT 6 ) Phase 4: User Requests Service from Neighbor Server 7. U  V: Tickey V || Auth U,V Auth U,V = E KU,V (ID U || AD U || t 7 ) 8. V  U: E KU,V (t 7 + 1) Four Phases in Multi-Realm Kerberos

J. Wang. Computer Network Security Theory and Practice. Springer 2009 Chapter 5 Outline 5.1 Crypto Placements in Networks 5.2 Public-Key Infrastructure 5.3 IPsec: A Security Protocol at the Network Layer 5.4 SSL/TLS: Security Protocols at the Transport Layer 5.5 PGP and S/MIME: Security Protocols 5.6 Kerberos: An Authentication Protocol 5.7 SSH: Security Protocols for Remote Logins

J. Wang. Computer Network Security Theory and Practice. Springer 2009 Overview of SSH SSH: Secure Shell Used to replace non-secure login utilities such as RCP, FTP, RSH, Telnet, rlogin Creates a secure connection between two computers using authentication and encryption algorithms Supports data compression Provides security protection for file transfers (SFTP) and file copy (SCP) SSH protocol is broken up into 3 components

J. Wang. Computer Network Security Theory and Practice. Springer Layers of SSH SSH Connection:  Sets up multiple channels for different applications in a single SSH connection SSH User Authentication:  Authenticate user to server  Using password or PKC SSH Transport  Handles initial setup: server authentication, and key exchange  Set up encryption and compression algorithms SSH Connection SSH User Authentication SSH Transport TCP IP Data Link Physical Application Layer SSH architecture

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.