Intro to SSL/TLS Network Security Gene Itkis. 6/14/2015 Gene Itkis: CS558 Network Security 2 Origins Internet Engineering Task Force (IETF) –www.ietf.orgwww.ietf.org.

Slides:



Advertisements
Similar presentations
SSL/TLS Protocol Network Security Gene Itkis. Basic paradigmatic application: on-line purchase Client contacts Server (possibly for the first time) Spontaneity.
Advertisements

Spring 2012: CS419 Computer Security Vinod Ganapathy SSL, etc.
1 Lecture 17: SSL/TLS history, architecture basic handshake session initiation/resumption key computation negotiating cipher suites application: SET.
CS470, A.SelcukSSL/TLS & SET1 CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.
1 Lecture 12 SSL/TLS (Secure Sockets Layer / Transport Layer Security) CIS CIS 5357 Network Security.
TLS Introduction 14.2 TLS Record Protocol 14.3 TLS Handshake Protocol 14.4 Summary.
SMUCSE 5349/49 SSL/TLS. SMUCSE 5349/7349 Layers of Security.
Cryptography and Network Security
SSL CS772 Fall Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.
Web security (Spoofing & TLS & DNS) Ge Zhang. Web surfing yahoo IP of yahoo? Get index.htm from Response from
Socket Layer Security. In this Presentation: need for web security SSL/TLS transport layer security protocols HTTPS secure shell (SSH)
Working Connection Computer and Network Security - SSL, IPsec, Firewalls – (Chapter 17, 18, 19, and 23)
Slide 1 Vitaly Shmatikov CS 378 SSL/TLS. slide 2 What is SSL / TLS? uTransport Layer Security protocol, version 1.0 De facto standard for Internet security.
1 SSL/TLS 2 Web security Security requirements Secrecy to prevent eavesdroppers to learn sensitive information Entity authentication Message authentication.
Internet Security CS457 Seminar Zhao Cheng. Security attacks interruption, interception, modification, fabrication passive attack, active attack.
Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.
Slides by Kent Seamons and Tim van der Horst Last Updated: Nov 8, 2013.
ITA, , 8-TLS.pptx 1 Internet Security 1 (IntSi1) Prof. Dr. Andreas Steffen Institute for Internet Technologies and Applications (ITA) 8 Transport.
BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.
Mar 19, 2002Mårten Trolin1 This lecture On the assignment Certificates and key management SSL/TLS –Introduction –Phases –Commands.
Apr 2, 2002Mårten Trolin1 Previous lecture On the assignment Certificates and key management –Obtaining a certificate –Verifying a certificate –Certificate.
Lesson 12 Cryptography for E-Commerce. Approaches to Network Security Separate Security Protocol--SSL Application-Specific Security--SHTTP Security with.
A Survey of WAP Security Architecture Neil Daswani
Intro to SSL/TLS Network Security Gene Itkis. 6/23/2015 cs Network Security (Gene Itkis) 2 Origins Internet Engineering Task Force (IETF) –
Chapter 8 Web Security.
Seguridad en Sistemas de Información Francisco Rodríguez Henríquez SSL/TLS: An Introduction.
_______________________________________________________________________________________________________________ E-Commerce: Fundamentals and Applications1.
11 Secure Sockets Layer (SSL) Protocol (SSL) Protocol Saturday, University of Palestine Applied and Urban Engineering College Information Security.
32.1 Chapter 32 Security in the Internet: IPSec, SSL/TLS, PGP, VPN, and Firewalls Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction.
Secure Socket Layer (SSL)
Behzad Akbari Spring 2012 (These slides are based on lecture slides by Lawrie Brown)
Cosc 4765 SSL/TLS and VPN. SSL and TLS We can apply this generally, but also from a prospective of web services. Multi-layered: –S-http (secure http),
_______________________________________________________________________________________________________________ E-Commerce: Fundamentals and Applications1.
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
Proposed Transport Layer Security (TLS) Evidence Extensions Russ Housley IETF 67 – TLS WG Session.
Cryptography and Network Security (CS435) Part Fourteen (Web Security)
Cryptography and Network Security (SSL)
December 2008Prof. Reuven Aviv, SSL1 Web Security with SSL Network Security Prof. Reuven Aviv King Mongkut’s University of Technology Faculty of information.
Web Security Network Systems Security
8-1 Chapter 8 Security Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012 part 3: Securing TCP.
1 Security Protocols in the Internet Source: Chapter 31 Data Communications & Networking Forouzan Third Edition.
SARVAJANIK COLLEGE OF ENGINEERING & TECHNOLOGY. Secure Sockets Layer (SSL) Protocol Presented By Shivangi Modi Presented By Shivangi ModiCo-M(Shift-1)En.No
SMUCSE 5349/7349 SSL/TLS. SMUCSE 5349/7349 Layers of Security.
Secure Sockets Layer (SSL) Protocol by Steven Giovenco.
Cryptography and Network Security Chapter 16 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.
Understand Internet Security LESSON Security Fundamentals.
1 SSL/TLS. 2 Web security Security requirements Secrecy to prevent eavesdroppers to learn sensitive information Entity authentication Message authentication.
Encryption protocols Monil Adhikari. What is SSL / TLS? Transport Layer Security protocol, ver 1.0 De facto standard for Internet security “The primary.
Mar 28, 2003Mårten Trolin1 This lecture Certificates and key management Non-interactive protocols –PGP SSL/TLS –Introduction –Phases –Commands.
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
8-1 CSE 4707/5850 Network Security (2) SSL/TLS. 8-2 Think about Google or YouTube  Desired properties  Indeed the other side is Google or YouTube server.
Lecture 6 (Chapter 16,17,18) Network and Internet Security Prepared by Dr. Lamiaa M. Elshenawy 1.
Secure Socket Layer Protocol Dr. John P. Abraham Professor, UTRGV.
@Yuan Xue CS 285 Network Security Secure Socket Layer Yuan Xue Fall 2013.
TLS/SSL Protocol Presented by: Vivek Nelamangala Includes slides presented by Miao Zhang on April Course: CISC856 - TCP/IP and Upper Layer Protocols.
IT443 – Network Security Administration Instructor: Bo Sheng
Network Security Gene Itkis
Secure Sockets Layer (SSL)
Internet Security CS457 Seminar Zhao Cheng
CSCE 715: Network Systems Security
Visit for more Learning Resources
Cryptography and Network Security Chapter 16
CSE 4095 Transport Layer Security TLS
SSL Protocol Figures used in the presentation
Unit 8 Network Security.
Presentation transcript:

Intro to SSL/TLS Network Security Gene Itkis

6/14/2015 Gene Itkis: CS558 Network Security 2 Origins Internet Engineering Task Force (IETF) – –Documents: RFC 2246 ANSI –X9.42 ITU –X.509 Netscape

6/14/2015 Gene Itkis: CS558 Network Security 3 History 1993 – Mosaic (“browser #1”) 1994 – Netscape Browser released –SSL v1 design complete – never released –SSL v2 released in Navigator 1.1 Badly broken (bad seeds for PRNG) 1995 – Explorer released –PCT (MS), SSL v3 (Netscape) – TLS – WTLS

6/14/2015 Gene Itkis: CS558 Network Security 4 Architecture IP TCP SSL Application (HTTP)

6/14/2015 Gene Itkis: CS558 Network Security 5 Alternative architectures Separate Layer –Over TCP: SSL –Over IP: IPSec Application-Specific –SHTTP Parallel –Kerberos; Kerberos with TLS?

6/14/2015 Gene Itkis: CS558 Network Security 6 SSL choices Connection-oriented –SSL, TLS do not support UDP –But WTLS does No non-repudiation –But signatures are used for AKE “Only protects the pipe” –Attacks are mounted on data before and after “the pipe”

6/14/2015 Gene Itkis: CS558 Network Security 7 SSL security services Server authentication –Client authentication is optional Encryption Message integrity

6/14/2015 Gene Itkis: CS558 Network Security 8 SSL phases Handshake Set protocol details –Authenticate server –Establish keys Data transfer

6/14/2015 Gene Itkis: CS558 Network Security 9 Handshake ClientHello –Supported options ServerHello –Options to be used ServerCertificate (ServerKeyExchange) ServerHelloDone ClientKeyExchange Finished (sent by client)

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.