1 SSL - Secure Sockets Layer The Internet Engineering Task Force (IETF) standard called Transport Layer Security (TLS) is based on SSL.

Slides:

Advertisements

Similar presentations

1 Lecture 17: SSL/TLS history, architecture basic handshake session initiation/resumption key computation negotiating cipher suites application: SET.

Advertisements

SSL Protocol By Oana Dini. Overview Introduction to SSL SSL Architecture SSL Limitations.

TLS Introduction 14.2 TLS Record Protocol 14.3 TLS Handshake Protocol 14.4 Summary.

Cryptography and Network Security

Presented by Fengmei Zou Date: Feb. 10, 2000 The Secure Sockets Layer (SSL) Protocol.

Secure Socket Layer.

SSL CS772 Fall Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.

Unifying the conceptual levels of network security through use of patterns Ph.D Dissertation Proposal Candidate: Ajoy Kumar, Advisor: Dr Eduardo B. Fernandez.

Internet Security Protocols

7-1 Chapter 7 – Web Security Use your mentality Wake up to reality —From the song, "I've Got You under My Skin“ by Cole Porter.

An Introduction to Secure Sockets Layer (SSL). Overview Types of encryption SSL History Design Goals Protocol Problems Competing Technologies.

SSL : An Overview Bruhadeshwar Bezawada International Institute of Information Technology, Hyderabad.

Transport Layer Security (TLS) Protocol Introduction to networks and communications(CS555) Prof : Dr Kurt maly Student:Abhinav y.

CSE 461 Section. “Transport Layer Security” protocol Standard protocol for encrypting Internet traffic Previously known as SSL (Secure Sockets Layer),

BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.

1 Supplement III: Security Controls What security services should network systems provide? Confidentiality Access Control Integrity Non-repudiation Authentication.

Cryptography and Network Security Chapter 17

EECC694 - Shaaban #1 lec #16 Spring Properties of Secure Network Communication Secrecy: Only the sender and intended receiver should be able.

Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Chapter 8 Web Security.

SSL (Secure Socket Layer) and Secure Web Pages Rob Sodders, University of Florida CIS4930 “Advanced Web Design” Spring 2004

CSCI 6962: Server-side Design and Programming

OPeNDAP Hyrax Back-End Server (BES) Authentication and Authorization Patrick West

Chapter 14 Encryption: A Matter Of Trust. Awad –Electronic Commerce 2/e © 2004 Pearson Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic.

SYSTEM ADMINISTRATION Chapter 13 Security Protocols.

SSL and https for Secure Web Communication CSCI 5857: Encoding and Encryption.

32.1 Chapter 32 Security in the Internet: IPSec, SSL/TLS, PGP, VPN, and Firewalls Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction.

SSL / TLS in ITDS Arun Vishwanathan 23 rd Dec 2003.

Protecting Internet Communications: Encryption  Encryption: Process of transforming plain text or data into cipher text that cannot be read by anyone.

Introduction to Secure Sockets Layer (SSL) Protocol Based on:

E-Commerce Security Professor: Morteza Anvari Student: Xiaoli Li Student ID: March 10, 2001.

Security Protocols and E-commerce University of Palestine Eng. Wisam Zaqoot April 2010 ITSS 4201 Internet Insurance and Information Hiding.

Cryptography and Network Security (CS435) Part Fourteen (Web Security)

Web Security : Secure Socket Layer Secure Electronic Transaction.

Types of Electronic Infection

Chapter 21 Distributed System Security Copyright © 2008.

Digital Envelopes, Secure Socket Layer and Digital Certificates By: Anthony and James.

Internet Security. 2 PGP is a security technology which allows us to send that is authenticated and/or encrypted. Authentication confirms the identity.

1 Security Protocols in the Internet Source: Chapter 31 Data Communications & Networking Forouzan Third Edition.

Network and Internet Security Prepared by Dr. Lamiaa Elshenawy

Encryption protocols Monil Adhikari. What is SSL / TLS? Transport Layer Security protocol, ver 1.0 De facto standard for Internet security “The primary.

SSL(HandShake) Protocol By J.STEPHY GRAFF IIM.SC(C.S)

1 Chapter 7 WEB Security. 2 Outline Web Security Considerations Secure Socket Layer (SSL) and Transport Layer Security (TLS) Secure Electronic Transaction.

CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.

Lecture 6 (Chapter 16,17,18) Network and Internet Security Prepared by Dr. Lamiaa M. Elshenawy 1.

@Yuan Xue CS 285 Network Security Secure Socket Layer Yuan Xue Fall 2013.

Cryptography CSS 329 Lecture 13:SSL.

Page 1 of 17 M. Ufuk Caglayan, CmpE 476 Spring 2000, SSL and SET Notes, March 29, 2000 CmpE 476 Spring 2000 Notes on SSL and SET Dr. M. Ufuk Caglayan Department.

Henric Johnson1 Chapter 7 WEB Security Henric Johnson Blekinge Institute of Technology, Sweden

SSL: Secure Socket Layer By: Mike Weissert. Overview Definition History & Background SSL Assurances SSL Session Problems Attacks & Defenses.

PRESENTATION ON SECURE SOCKET LAYER (SSL) BY: ARZOO THAKUR M.E. C.S.E (REGULAR) BATCH

The Secure Sockets Layer (SSL) Protocol

Cryptography and Network Security

Secure Sockets Layer (SSL)

Visit for more Learning Resources

Cryptography and Network Security

Cryptography and Network Security

Web Security (TRANSPORT-LEVEL SECURITY)

Web Security (TRANSPORT-LEVEL SECURITY)

The Secure Sockets Layer (SSL) Protocol

Cryptography and Network Security

Presentation transcript:

1 SSL - Secure Sockets Layer The Internet Engineering Task Force (IETF) standard called Transport Layer Security (TLS) is based on SSL.

2 TCP/IP Protocol Suite zThe Transmission Control Protocol/Internet Protocol (TCP/IP) governs the transport and routing of data over the Internet. zOther protocols, such as the HyperText Transport Protocol (HTTP), Lightweight Directory Access Protocol (LDAP), or Internet Messaging Access Protocol (IMAP), run "on top of" TCP/IP in the sense that they all use TCP/IP to support typical application tasks such as displaying web pages or running servers.

3 TCP/IP Protocol Suite and Security

4 The SSL protocol runs above TCP/IP and below higher-level protocols such as HTTP or IMAP. It uses TCP/IP on behalf of the higher-level protocols, and in the process allows an SSL- enabled server to authenticate itself to an SSL-enabled client, allows the client to authenticate itself to the server, and allows both machines to establish an encrypted connection.

5 Services Provided by SSL zSSL encrypts data so that no one who intercepts is able to read it. zSSL can assure a client that they are dealing with the real server they intended to connect to. zSSL can prevent any unauthorized clients from connecting to the server.

6 Services Provided by SSL zThese capabilities address fundamental concerns about communication over the Internet and other TCP/IP networks: zSSL server authentication zSSL client authentication zAn encrypted SSL connection

7 SSL Server Authentication zSSL server authentication allows a user to confirm a server's identity. zSSL-enabled client software can use standard techniques of public-key cryptography to check that a server's certificate and public ID are valid and have been issued by a certificate authority (CA) listed in the client's list of trusted CAs. zThis confirmation might be important if the user, for example, is sending a credit card number over the network and wants to check the receiving server's identity.

8 SSL Client Authentication zSSL client authentication allows a server to confirm a user's identity. zUsing the same techniques as those used for server authentication, SSL-enabled server software can check that a client's certificate and public ID are valid and have been issued by a certificate authority (CA) listed in the server's list of trusted CAs. zThis confirmation might be important if the server, for example, is a bank sending confidential financial information to a customer and wants to check the recipient's identity.

9 An encrypted SSL connection zAn encrypted SSL connection requires all information sent between a client and a server to be encrypted by the sending software and decrypted by the receiving software, thus providing a high degree of confidentiality. zConfidentiality is important for both parties to any private transaction. zIn addition, all data sent over an encrypted SSL connection is protected with a mechanism for detecting tampering--that is, for automatically determining whether the data has been altered in transit.

10 SSL Sub-protocols zThe SSL protocol includes two major sub- protocols: zthe SSL record protocol zthe SSL handshake protocol

11 The SSL Record Protocol zThe SSL record protocol defines the format used to transmit data zThe SSL record protocols provides two services for SSL connections: yConfidentiality: The Handshake Protocol defines a shared secret key that is used for conventional encryption of SSL payloads yMessage Integrity: The Handshake Protocol also defines a shared secret key that is used to form a message authentication code (MAC)

12 SSL Record Protocol Operation

13 SSL Record Format Content Type (8 bits): The higher-layer protocol used to process the enclosed fragment. Major Version (8 bits): Indicates the major version of SSL in use. E.g. 3 Minor Version (8 bits): e.g. 0 Compressed length (16 bits): The length in bytes of the plain text fragment. The maximum value is 2^

14 The SSL Handshake protocol zThe SSL handshake protocol involves using the SSL record protocol to exchange a series of messages between an SSL-enabled server and an SSL-enabled client when they first establish an SSL connection. This exchange of messages is designed to facilitate the following actions: yAuthenticate the server to the client. yAllow the client and server to select the cryptographic algorithms, or ciphers, that they both support. yOptionally authenticate the client to the server. yUse public-key encryption techniques to generate shared secrets. yEstablish an encrypted SSL connection.

15