Cryptography and Network Security (SSL)

Slides:



Advertisements
Similar presentations
Computer Science CSC 474Dr. Peng Ning1 CSC 474 Information Systems Security Topic 4.5 Transport Layer Security.
Advertisements

Cryptography and Network Security Chapter 16
Web security: SSL and TLS
Spring 2012: CS419 Computer Security Vinod Ganapathy SSL, etc.
Lecture 6: Web security: SSL
TLS Introduction 14.2 TLS Record Protocol 14.3 TLS Handshake Protocol 14.4 Summary.
Cryptography and Network Security
Secure Socket Layer.
Computer Security: Principles and Practice EECS710: Information Security Professor Hossein Saiedian Fall 2014 Chapter 22: Internet Security Protocols and.
17.1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 17 Security at the Transport Layer: SSL and TLS.
Socket Layer Security. In this Presentation: need for web security SSL/TLS transport layer security protocols HTTPS secure shell (SSH)
Web Security (SSL / TLS)
7-1 Chapter 7 – Web Security Use your mentality Wake up to reality —From the song, "I've Got You under My Skin“ by Cole Porter.
Chapter 7 Web Security MSc. NGUYEN CAO DAT Dr. TRAN VAN HOAI.
Transport Layer Security (TLS) Protocol Introduction to networks and communications(CS555) Prof : Dr Kurt maly Student:Abhinav y.
Cryptography and Network Security Chapter 17
CSCE 790: Computer Network Security Chin-Tser Huang University of South Carolina.
Lecture 22 Internet Security Protocols and Standards modified from slides of Lawrie Brown.
Chapter 8 Web Security.
Seguridad en Sistemas de Información Francisco Rodríguez Henríquez SSL/TLS: An Introduction.
Announcement Final exam: Wed, June 9, 9:30-11:18 Scope: materials after RSA (but you need to know RSA) Open books, open notes. Calculators allowed. 1.
Behzad Akbari Spring 2012 (These slides are based on lecture slides by Lawrie Brown)
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
Network Security Essentials Chapter 5
Cryptography and Network Security (CS435) Part Fourteen (Web Security)
Arab Academy for Science & Technology and Maritime Transport e Represented By : Ahmed Eldemallawy Ahmed Madani.
Web Security : Secure Socket Layer Secure Electronic Transaction.
Web Security Network Systems Security
Computer Security: Principles and Practice First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown Chapter 21 – Internet Security.
IP Securty 1. Overview 2. Architecture 3. Authentication Header 4. Encapsulating Security Payload 5. Combining security Associations 6. Internet Key Exchange.
Web Security Web now widely used by business, government, individuals but Internet & Web are vulnerable have a variety of threats – integrity – confidentiality.
Cryptography and Network Security Chapter 16 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.
Gold Coast Campus School of Information Technology 2003/16216/3112INT Network Security 1Copyright © Griffith University, INT / 3112INT Network.
Network and Internet Security Prepared by Dr. Lamiaa Elshenawy
Encryption protocols Monil Adhikari. What is SSL / TLS? Transport Layer Security protocol, ver 1.0 De facto standard for Internet security “The primary.
1 Chapter 7 WEB Security. 2 Outline Web Security Considerations Secure Socket Layer (SSL) and Transport Layer Security (TLS) Secure Electronic Transaction.
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
Chapter 7 : Web Security Lecture #1-Week 12 Dr.Khalid Dr. Mohannad Information Security CIT 460 Information Security Dr.Khalid Dr. Mohannad 1.
CSEN 1001 Computer and Network Security Amr El Mougy Mouaz ElAbsawi.
Lecture 6 (Chapter 16,17,18) Network and Internet Security Prepared by Dr. Lamiaa M. Elshenawy 1.
@Yuan Xue CS 285 Network Security Secure Socket Layer Yuan Xue Fall 2013.
Cryptography CSS 329 Lecture 13:SSL.
Page 1 of 17 M. Ufuk Caglayan, CmpE 476 Spring 2000, SSL and SET Notes, March 29, 2000 CmpE 476 Spring 2000 Notes on SSL and SET Dr. M. Ufuk Caglayan Department.
Network security Presentation AFZAAL AHMAD ABDUL RAZAQ AHMAD SHAKIR MUHAMMD ADNAN WEB SECURITY, THREADS & SSL.
Computer and Network Security
Cryptography and Network Security
UNIT.4 IP Security.
CSCE 715: Network Systems Security
Visit for more Learning Resources
Cryptography and Network Security Chapter 16
BINF 711 Amr El Mougy Sherif Ismail
Public-Key Cryptography
Cryptography and Network Security
Cryptography and Network Security Chapter 16
Cryptography and Network Security
Web Security (TRANSPORT-LEVEL SECURITY)
SSL (Secure Socket Layer)
Web Security (TRANSPORT-LEVEL SECURITY)
Security at the Transport Layer: SSL and TLS
Cryptography and Network Security Chapter 16
Transport Layer Security (TLS)
Cryptography and Network Security
Presentation transcript:

Cryptography and Network Security (SSL) Third Edition by William Stallings Lecture slides by Lawrie Brown (Changed by Somesh Jha)

Web Security Web now widely used by business, government, individuals but Internet & Web are vulnerable have a variety of threats integrity confidentiality denial of service authentication need added security mechanisms

SSL (Secure Socket Layer) transport layer security service originally developed by Netscape version 3 designed with public input subsequently became Internet standard known as TLS (Transport Layer Security) uses TCP to provide a reliable end-to-end service SSL has two layers of protocols SSL probably most widely used Web security mechanism. Its implemented at the Transport layer; cf IPSec at Network layer; or various Application layer mechanisms eg. S/MIME & SET (later).

SSL Architecture Stallings Fig 17-2.

SSL Architecture SSL session SSL connection an association between client & server created by the Handshake Protocol define a set of cryptographic parameters may be shared by multiple SSL connections SSL connection a transient, peer-to-peer, communications link associated with 1 SSL session

SSL Record Protocol confidentiality message integrity using symmetric encryption with a shared secret key defined by Handshake Protocol IDEA, RC2-40, DES-40, DES, 3DES, Fortezza, RC4-40, RC4-128 message is compressed before encryption message integrity using a MAC with shared secret key similar to HMAC but with different padding SSL Record Protocol defines these two services for SSL connections.

SSL Change Cipher Spec Protocol one of 3 SSL specific protocols which use the SSL Record protocol a single message causes pending state to become current hence updating the cipher suite in use

SSL Alert Protocol conveys SSL-related alerts to peer entity severity warning or fatal specific alert unexpected message, bad record mac, decompression failure, handshake failure, illegal parameter close notify, no certificate, bad certificate, unsupported certificate, certificate revoked, certificate expired, certificate unknown compressed & encrypted like all SSL data

SSL Handshake Protocol allows server & client to: authenticate each other to negotiate encryption & MAC algorithms to negotiate cryptographic keys to be used comprises a series of messages in phases Establish Security Capabilities Server Authentication and Key Exchange Client Authentication and Key Exchange Finish

SSL Handshake Protocol Stallings Fig 17-6.

TLS (Transport Layer Security) IETF standard RFC 2246 similar to SSLv3 with minor differences in record format version number uses HMAC for MAC a pseudo-random function expands secrets has additional alert codes some changes in supported ciphers changes in certificate negotiations changes in use of padding

Summary have considered: need for web security SSL/TLS transport layer security protocols

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.