Securing Network Communication. 2 Security Issues in Communication Privacy  Anyone can see content Integrity  Someone might alter content Authentication.

Slides:



Advertisements
Similar presentations
Cryptography and Network Security Chapter 16
Advertisements

Spring 2012: CS419 Computer Security Vinod Ganapathy SSL, etc.
CP3397 ECommerce.
TLS Introduction 14.2 TLS Record Protocol 14.3 TLS Handshake Protocol 14.4 Summary.
Cryptography and Network Security
Secure Socket Layer.
SSL CS772 Fall Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.
WTLS (Wireless Transport Layer Security) Youngho Choung
Socket Layer Security. In this Presentation: need for web security SSL/TLS transport layer security protocols HTTPS secure shell (SSH)
Working Connection Computer and Network Security - SSL, IPsec, Firewalls – (Chapter 17, 18, 19, and 23)
7-1 Chapter 7 – Web Security Use your mentality Wake up to reality —From the song, "I've Got You under My Skin“ by Cole Porter.
An Introduction to Secure Sockets Layer (SSL). Overview Types of encryption SSL History Design Goals Protocol Problems Competing Technologies.
An Introduction to SSL/TLS and Certificates Providing secure communication over the Internet Frederick J. Hirsch
Module 5: TLS and SSL 1. Overview Transport Layer Security Overview Secure Socket Layer Overview SSL Termination SSL in the Hosted Environment Load Balanced.
SSL : An Overview Bruhadeshwar Bezawada International Institute of Information Technology, Hyderabad.
Transport Layer Security (TLS) Protocol Introduction to networks and communications(CS555) Prof : Dr Kurt maly Student:Abhinav y.
Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.
BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.
1 Supplement III: Security Controls What security services should network systems provide? Confidentiality Access Control Integrity Non-repudiation Authentication.
Cryptography and Network Security Chapter 17
Apr 22, 2003Mårten Trolin1 Agenda Course high-lights – Symmetric and asymmetric cryptography – Digital signatures and MACs – Certificates – Protocols Interactive.
CSCE 790: Computer Network Security Chin-Tser Huang University of South Carolina.
Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Chapter 8 Web Security.
Seguridad en Sistemas de Información Francisco Rodríguez Henríquez SSL/TLS: An Introduction.
Announcement Final exam: Wed, June 9, 9:30-11:18 Scope: materials after RSA (but you need to know RSA) Open books, open notes. Calculators allowed. 1.
Principles of Computer Security: CompTIA Security + ® and Beyond, Third Edition © 2012 Principles of Computer Security: CompTIA Security+ ® and Beyond,
SSL and https for Secure Web Communication CSCI 5857: Encoding and Encryption.
Secure Socket Layer (SSL)
Behzad Akbari Spring 2012 (These slides are based on lecture slides by Lawrie Brown)
Cosc 4765 SSL/TLS and VPN. SSL and TLS We can apply this generally, but also from a prospective of web services. Multi-layered: –S-http (secure http),
Introduction to Secure Sockets Layer (SSL) Protocol Based on:
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
Network Security Essentials Chapter 5
ECE Prof. John A. Copeland fax Office: Klaus 3362.
Cryptography and Network Security (CS435) Part Fourteen (Web Security)
Web Security : Secure Socket Layer Secure Electronic Transaction.
Cryptography and Network Security (SSL)
Tunneling and Securing TCP Services Nathan Green.
Web Security Web now widely used by business, government, individuals but Internet & Web are vulnerable have a variety of threats – integrity – confidentiality.
Cryptography and Network Security Chapter 16 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.
Gold Coast Campus School of Information Technology 2003/16216/3112INT Network Security 1Copyright © Griffith University, INT / 3112INT Network.
Encryption protocols Monil Adhikari. What is SSL / TLS? Transport Layer Security protocol, ver 1.0 De facto standard for Internet security “The primary.
1 Chapter 7 WEB Security. 2 Outline Web Security Considerations Secure Socket Layer (SSL) and Transport Layer Security (TLS) Secure Electronic Transaction.
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
Chapter 7 : Web Security Lecture #1-Week 12 Dr.Khalid Dr. Mohannad Information Security CIT 460 Information Security Dr.Khalid Dr. Mohannad 1.
Lecture 6 (Chapter 16,17,18) Network and Internet Security Prepared by Dr. Lamiaa M. Elshenawy 1.
@Yuan Xue CS 285 Network Security Secure Socket Layer Yuan Xue Fall 2013.
Cryptography CSS 329 Lecture 13:SSL.
Page 1 of 17 M. Ufuk Caglayan, CmpE 476 Spring 2000, SSL and SET Notes, March 29, 2000 CmpE 476 Spring 2000 Notes on SSL and SET Dr. M. Ufuk Caglayan Department.
- Richard Bhuleskar “At the end of the day, the goals are simple: safety and security” – Jodi Rell.
Henric Johnson1 Chapter 7 WEB Security Henric Johnson Blekinge Institute of Technology, Sweden
or call for office visit, or call Kathy Cheek,
Cryptography and Network Security
Secure Sockets Layer (SSL)
Cryptography and Network Security
Cryptography and Network Security
The Secure Sockets Layer (SSL) Protocol
Unit 8 Network Security.
Electronic Payment Security Technologies
Cryptography and Network Security
Presentation transcript:

Securing Network Communication

2 Security Issues in Communication Privacy  Anyone can see content Integrity  Someone might alter content Authentication  Not clear who you are talking with

Issues Capturing passwords Sniffing browsing sessions Hijacking TCP sessions Phishing

Solutions Securing existing applications without modifying them  Tunneling Developing secure applications  Using openSSL library

Tunneling Tunneling allows a secure connection between a client and server to be made first, then other network connections are forwarded or tunneled over that single connection.  openSSH  Stunnel

OpenSSH SSH protocol for accessing remote shell securely It uses password or public/private keys for authentication. One can set up a secure connection with a SSH daemon.

OpenSSH

Stunnel Uses openSSL library Works on top of TCP

9 TLS: Transport Layer Security Previously known as SSL: Secure Sockets Layer Addresses issues of privacy, integrity and authentication  What is it?  How does it address the issues?  How is it used

10 What is TLS? Protocol layer Requires reliable transport layer (e.g. TCP) Supports any application protocols IP TCP TLS HTTPTelnetFTPLDAP

11 TLS: Privacy Encrypts message so that it cannot be read Uses conventional cryptography with shared key  DES, 3DES  RC2, RC4  IDEA A Message B

12 TLS:Key Exchange Needs secure method to exchange secret key Use public key encryption for this  “key pair” is used - either one can encrypt and then the other can decrypt  slower than conventional cryptography  share one key, keep the other private Choices are RSA or Diffie-Hellman

13 TLS: Integrity Compute fixed-length Message Authentication Code (MAC)  Includes hash of message  Includes a shared secret  Include sequence number Transmit MAC with message

14 TLS: Integrity Receiver creates new MAC  should match transmitted MAC TLS allows MD5, SHA-1 AB Message’ MAC’ MAC =? Message MAC

15 TLS: Authentication Verify identities of participants Client authentication is optional Certificate is used to associate identity with public key and other attributes A Certificate B

16 TLS: Overview Establish a session  Agree on algorithms  Share secrets  Perform authentication Transfer application data  Ensure privacy and integrity

17 TLS: Architecture TLS defines Record Protocol to transfer application and TLS information A session is established using a Handshake Protocol TLS Record Protocol Handshake Protocol Alert Protocol Change Cipher Spec

18 TLS “Alternatives” S-HTTP: secure HTTP protocol, shttp:// IPSec: secure IP SET: Secure Electronic Transaction  Protocol and infrastructure for bank card payments SASL: Simple Authentication and Security Layer (RFC 2222)

19 TLS: Record Protocol

20 OpenSSL Open source, based on SSLeay Structures  SSL_METHOD: encryption method  SSL_CTX:context of communication  SSL: maintains info. About a given connection. One to one correspondence with sockets.

OpenSSL SSLv2_client_method() ctx=SSL_CTX_new(method) ssl=SSL_new(ctx) SSL_set_fd(ssl, fd) SSL_connect() SSL_read(ssl, buf, sizeof(buf)) SSL_write()

OpenSSL SSLv2_server_method() ctx=SSL_CTX_new(method) SSL_CTX_use_certficate_file() SSL_CTX_use_Privatekey_file() SSL_CTX_check_private_key() SSL ssl=SSL_new(ctx) SSL_set_fd(ssl, fd) SSL_accept() SSL_read(ssl, buf, sizeof(buf)) SSL_write()

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.