Bradley Cowie, Barry Irwin and Richard Barnett Security and Networks Research Group Department of Computer Science Rhodes University MANAGEMENT, PROCESSING.

Slides:

Advertisements

Similar presentations

Chapter 17: WEB COMPONENTS

Advertisements

Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

1 Lecture 17: SSL/TLS history, architecture basic handshake session initiation/resumption key computation negotiating cipher suites application: SET.

1 Lecture 12 SSL/TLS (Secure Sockets Layer / Transport Layer Security) CIS CIS 5357 Network Security.

TLS Introduction 14.2 TLS Record Protocol 14.3 TLS Handshake Protocol 14.4 Summary.

Cryptography and Network Security

Secure Socket Layer.

SSL CS772 Fall Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.

Unifying the conceptual levels of network security through use of patterns Ph.D Dissertation Proposal Candidate: Ajoy Kumar, Advisor: Dr Eduardo B. Fernandez.

Socket Layer Security. In this Presentation: need for web security SSL/TLS transport layer security protocols HTTPS secure shell (SSH)

An Introduction to Secure Sockets Layer (SSL). Overview Types of encryption SSL History Design Goals Protocol Problems Competing Technologies.

Efficient Public Key Infrastructure Implementation in Wireless Sensor Networks Wireless Communication and Sensor Computing, ICWCSC International.

1 Network Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Chapter 19: Computer and Network Security Techniques Business Data Communications, 6e.

Transport Layer Security (TLS) Protocol Introduction to networks and communications(CS555) Prof : Dr Kurt maly Student:Abhinav y.

Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.

CSE 461 Section. “Transport Layer Security” protocol Standard protocol for encrypting Internet traffic Previously known as SSL (Secure Sockets Layer),

By: Hassan Waqar.  A PROTOCOL for securely transmitting data via the internet.  NETWORK LAYER application.  Developed by NETSCAPE.

BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.

Cryptography and Network Security

CMSC 414 Computer (and Network) Security Lecture 26 Jonathan Katz.

19.1 Silberschatz, Galvin and Gagne ©2003 Operating System Concepts with Java Chapter 19: Security The Security Problem Authentication Program Threats.

1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.

© 2004, The Technology Firm SSL Packet Decodes From Wikipedia, the free encyclopedia.  Secure Sockets Layer (SSL) is a cryptographic.

Java Security Model Lab#1 I. Omaima Al-Matrafi. Safety features built into the JVM Type-safe reference casting Structured memory access (no pointer arithmetic)

Cryptography and Network Security Chapter 17

Wired Equivalent Privacy (WEP)

How Clients and Servers Work Together. Objectives Learn about the interaction of clients and servers Explore the features and functions of Web servers.

Chapter 8 Web Security.

Bradley Cowie Supervised by Barry Irwin Security and Networks Research Group Department of Computer Science Rhodes University MANAGEMENT, PROCESSING AND.

SSL / TLS in ITDS Arun Vishwanathan 23 rd Dec 2003.

Lesson 20-Wireless Security. Overview Introduction to wireless networks. Understanding current wireless technology. Understanding wireless security issues.

Behzad Akbari Spring 2012 (These slides are based on lecture slides by Lawrie Brown)

Cosc 4765 SSL/TLS and VPN. SSL and TLS We can apply this generally, but also from a prospective of web services. Multi-layered: –S-http (secure http),

569 Semantic Web. Dr. J. Lu University of windsor, Project Presentation Encrypted Web service application Encrypted Web Application Presented by:

Protecting Internet Communications: Encryption  Encryption: Process of transforming plain text or data into cipher text that cannot be read by anyone.

Cryptography, Authentication and Digital Signatures

Introduction to Secure Sockets Layer (SSL) Protocol Based on:

Security Protocols and E-commerce University of Palestine Eng. Wisam Zaqoot April 2010 ITSS 4201 Internet Insurance and Information Hiding.

Encryption and Security Dylan Anderson Michael Huffman Julie Rothacher Dylan Anderson Michael Huffman Julie Rothacher.

Network Security Essentials Chapter 5

Cryptography and Network Security (CS435) Part Fourteen (Web Security)

Cryptography and Network Security (SSL)

WEP Protocol Weaknesses and Vulnerabilities

Network Security. 2 SECURITY REQUIREMENTS Privacy (Confidentiality) Data only be accessible by authorized parties Authenticity A host or service be able.

1 SSL - Secure Sockets Layer The Internet Engineering Task Force (IETF) standard called Transport Layer Security (TLS) is based on SSL.

1 Security Protocols in the Internet Source: Chapter 31 Data Communications & Networking Forouzan Third Edition.

SEC835 Runtime authentication Secure session management Secure use of cryptomaterials.

Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.

Cryptography and Network Security (CS435) Part One (Introduction)

CS 4244: Internet Programming Security 1.0. Introduction Client identification and cookies Basic Authentication Digest Authentication Secure HTTP.

Introduction1-1 Data Communications and Computer Networks Chapter 6 CS 3830 Lecture 28 Omar Meqdadi Department of Computer Science and Software Engineering.

SSL (TLS) Part 2 Generating the Premaster and Master Secrets + Encryption.

Topic 1 – Introduction Huiqun Yu Information Security Principles & Applications.

Lesson 19-E-Commerce Security Needs. Overview Understand e-commerce services. Understand the importance of availability. Implement client-side security.

S imple O bject A ccess P rotocol Karthikeyan Chandrasekaran & Nandakumar Padmanabhan.

IPSec and TLS Lesson Introduction ●IPSec and the Internet key exchange protocol ●Transport layer security protocol.

Network and Internet Security Prepared by Dr. Lamiaa Elshenawy

SSL(HandShake) Protocol By J.STEPHY GRAFF IIM.SC(C.S)

Lecture 6 (Chapter 16,17,18) Network and Internet Security Prepared by Dr. Lamiaa M. Elshenawy 1.

Cryptography CSS 329 Lecture 13:SSL.

APACHE Apache is generally recognized as the world's most popular Web server (HTTP server). Originally designed for Unix servers, the Apache Web server.

SSL: Secure Socket Layer By: Mike Weissert. Overview Definition History & Background SSL Assurances SSL Session Problems Attacks & Defenses.

PRESENTATION ON SECURE SOCKET LAYER (SSL) BY: ARZOO THAKUR M.E. C.S.E (REGULAR) BATCH

Network security Presentation AFZAAL AHMAD ABDUL RAZAQ AHMAD SHAKIR MUHAMMD ADNAN WEB SECURITY, THREADS & SSL.

The Secure Sockets Layer (SSL) Protocol

Presentation transcript:

Bradley Cowie, Barry Irwin and Richard Barnett Security and Networks Research Group Department of Computer Science Rhodes University MANAGEMENT, PROCESSING AND ANALYSIS OF CRYPTOGRAPHIC PROTOCOLS

I NTRODUCTION Agenda Introduction Problem Statement Background Applications of Research Relevance and Background Existing Tool Suites Research Objectives Research Design SSL Handshake Objectives and progress

I NTRODUCTION Problem Statement Cryptographic protocols have become incredibly popular in recent times and have a variety of application such as securing web based communications. We have a reliance on these protocols to provide authentication, integrity and confidentiality to our communications. However, we note that it is rather difficult to perform legitimate analysis, intrusion detection and debugging on cryptographic protocols, as the data that passes through is encrypted.

I NTRODUCTION Problem Statement (cont.) So it would be nice if a set of tools existed for dealing with these problems. We approach this problem statement from the prospective of having legitimate access to encrypted traffic for doing analysis, debugging or data collection. We are looking at building a system to decrypt encrypted traffic that is easy to managed, cross platform and can be extended to implement a number of different protocols.

B ACKGROUND Applications of Research ISP's are often served with court orders to provide logs of clients activity; this data is often encrypted. Attacks that use HTTPS as their means of entry are harder to detect once again as they are encrypted. While tools do exist to do this, they aren’t sufficiently generic. Its often difficult to debug errors related to cryptographic protocols once again due to the encrypted nature of the data.

B ACKGROUND Relevance and Background SANS one of the most respected Information Security trainers and certifiers released a list of the top 10 security menaces for 2008 (compiled by 10 security veterans). The number 1 security menace for 2008 was : “Increasingly Sophisticated Web Site Attacks - Especially On Trusted Web Sites” “..web site attacks have migrated from simple ones based one or two exploits posted on a web site to more sophisticated attacks based on scripts.. attackers are actively placing exploit code on popular, trusted web sites where users have an expectation of effective security” Source:

B ACKGROUND Existing Tool Suites The CSUR Project CSUR is a project about automatic analysis of cryptographic protocols written in C. However its distributed under copyright and is still in its beta phase. HTTP Analyzer 4 HTTP Analyzer is a utility that allows you to capture HTTP/HTTPS traffic in real-time. It can trace and display a wide range of information. However its not sufficiently generic. SSLDump A tool that can be used to decrypt live SSL encrypted traffic

R ESEARCH O BJECTIVES Objectives of Research Given encrypted data in the form of stored pcap files, extending to live pcap streams, be able to determine the algorithm used and then together with the recovered session key to decrypt to plain-text. Once the plain has be derived we can continue on to provide some analysis on data that may be useful for detection of possible attacks or for debugging purposes. Investigate sensible means to store symmetric keys for later use. Initially provide implementation for SSL then TLS following up with possible implementation for SSH.

R ESEARCH O BJECTIVES Prototype Design Start Load PCAP file or stream Obtain crypto suite used Get Session key Remove packet header DecryptAnalysis

SSL H ANDSHAKE SSL Handshake (cont.) ClientServer Authentic- ation Handshake phase Bootstrap Client Hello Server Hello Client Hello Server Auth Client Hello Server Hello

SSL Handshake (cont.) ClientServer Cipher Change Data exchange phase Server Finish Client Finish

Project Goals Capture traffic using libpcap [Complete] Obtain the parameters used in the SSL Handshake [Complete] Get back the session keys from Client.random and Hello.Random [In progress] Use the keys together with OpenSSL and the information from the traffic capture to decrypt the traffic [No progress of yet] Build Webfront for tools [No progress] Perform the same process for TLS and potentially SSH [No progress] Analyze solution built [No progress]

Screenshots!

QUESTIONS AND COMMENTS ?