8.4 – 8.5 Securing E-mail & Securing TCP connections with SSL By: Amanda Porter.

Slides:

Advertisements

Similar presentations

Cryptography and Network Security Chapter 16

Advertisements

Spring 2012: CS419 Computer Security Vinod Ganapathy SSL, etc.

Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.

TLS Introduction 14.2 TLS Record Protocol 14.3 TLS Handshake Protocol 14.4 Summary.

Cryptography and Network Security

SSL CS772 Fall Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.

Socket Layer Security. In this Presentation: need for web security SSL/TLS transport layer security protocols HTTPS secure shell (SSH)

Security S Wireless Personal, Local, Metropolitan, and Wide Area Networks1 Contents Security requirements Public key cryptography Key agreement/transport.

Working Connection Computer and Network Security - SSL, IPsec, Firewalls – (Chapter 17, 18, 19, and 23)

7-1 Chapter 7 – Web Security Use your mentality Wake up to reality —From the song, "I've Got You under My Skin“ by Cole Porter.

8-1 Chapter 8 Security Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012 A note on the use of these.

Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.

BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.

Network Security Chapter 8. Cryptography Introduction to Cryptography Substitution Ciphers Transposition Ciphers One-Time Pads Two Fundamental Cryptographic.

Lecture 25 Secure Communications CPE 401 / 601 Computer Network Systems slides are modified from Jim Kurose & Keith Ross and Dave Hollinger.

Cryptography and Network Security Chapter 17

8-1 Internet security threats Mapping: m before attacking: gather information – find out what services are implemented on network  Use ping to determine.

Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

TCP/IP Protocol Suite 1 Chapter 28 Upon completion you will be able to: Security Differentiate between two categories of cryptography schemes Understand.

Chapter 8 Network Security 4/17/2017

Seguridad en Sistemas de Información Francisco Rodríguez Henríquez SSL/TLS: An Introduction.

Network Security. Contents Security Requirements and Attacks Confidentiality with Conventional Encryption Message Authentication and Hash Functions Public-Key.

Announcement Final exam: Wed, June 9, 9:30-11:18 Scope: materials after RSA (but you need to know RSA) Open books, open notes. Calculators allowed. 1.

Computer Networks NYUS FCSIT Spring 2008 Milos STOLIC, Bs.C. Teaching Assistant

Network Security. An Introduction to Cryptography The encryption model (for a symmetric-key cipher).

Chapter 14 Encryption: A Matter Of Trust. Awad –Electronic Commerce 2/e © 2004 Pearson Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic.

Principles of Computer Security: CompTIA Security + ® and Beyond, Third Edition © 2012 Principles of Computer Security: CompTIA Security+ ® and Beyond,

Secure r How do you do it? m Need to worry about sniffing, modifying, end- user masquerading, replaying. m If sender and receiver have shared secret.

Secure connections.

32.1 Chapter 32 Security in the Internet: IPSec, SSL/TLS, PGP, VPN, and Firewalls Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction.

Secure Socket Layer (SSL)

Network Security. Information secrecy-only specified parties know the information exchanged. Provided by criptography. Information integrity-the information.

1 TCP/IP Applications. 2 NNTP: Network News Transport Protocol NNTP is a TCP/IP protocol based upon text strings sent bidirectionally over 7 bit ASCII.

SECURING Presented by: Digvijay Singh Dudi Graduate Student Old Dominion University.

ICT 6621 : Advanced NetworkingKhaled Mahbub, IICT, BUET, 2008 Lecture 12 Network Security (2)

©The McGraw-Hill Companies, Inc., 2000© Adapted for use at JMU by Mohamed Aboutabl, 2003Mohamed Aboutabl1 1 Chapter 29 Internet Security.

Network Security Essentials Chapter 5

Cryptography and Network Security (CS435) Part Fourteen (Web Security)

Web Security : Secure Socket Layer Secure Electronic Transaction.

Cryptography and Network Security (SSL)

Internet Security. 2 PGP is a security technology which allows us to send that is authenticated and/or encrypted. Authentication confirms the identity.

Secure Sockets Layer (SSL) and Transport layer security (TLS)

8-1 Chapter 8 Security Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012 part 3: Securing TCP.

1 Security Protocols in the Internet Source: Chapter 31 Data Communications & Networking Forouzan Third Edition.

Network Security David Lazăr.

8: Network Security8-1 Chapter 8 Network Security A note on the use of these ppt slides: We’re making these slides freely available to all (faculty, students,

Network Security Chapter 8 12/13/ Cryptography Introduction to Cryptography Substitution Ciphers Transposition Ciphers One-Time Pads Two Fundamental.

Security in many layers  Application Layer –  Transport Layer - Secure Socket Layer  Network Layer – IPsec (VPN)  Link Layer – Wireless Communication.

1 Chapter 7 WEB Security. 2 Outline Web Security Considerations Secure Socket Layer (SSL) and Transport Layer Security (TLS) Secure Electronic Transaction.

Chapter 7 : Web Security Lecture #1-Week 12 Dr.Khalid Dr. Mohannad Information Security CIT 460 Information Security Dr.Khalid Dr. Mohannad 1.

@Yuan Xue CS 285 Network Security Secure Socket Layer Yuan Xue Fall 2013.

Cryptography CSS 329 Lecture 13:SSL.

Chapter 8 Security Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012 A note on the use of these ppt.

Network Security Chapter 8 Institute of Information Science and Technology. Chengdu University YiYong 2008 年 2 月 25 日.

Henric Johnson1 Chapter 7 WEB Security Henric Johnson Blekinge Institute of Technology, Sweden

Network Security Chapter 8 roadmap 8.1 What is network security? 8.2 Principles of cryptography (confidentiality) 8.3 Message integrity 8.4 End-point authentication.

The Secure Sockets Layer (SSL) Protocol

Secure Sockets Layer (SSL)

NET 536 Network Security Networks and Communication Department

The Secure Sockets Layer (SSL) Protocol

Lecture 5: Transport layer (TLS / SSL) and Security ( PGP )

Transport Layer Security (TLS)

Unit 8 Network Security.

Security at the Transport Layer

Presentation transcript:

8.4 – 8.5 Securing & Securing TCP connections with SSL By: Amanda Porter

8.4 Securing 4 Layers in Protocol Stack Application Layer ▫ Transport Layer ▫ SSL Protocol Network Layer ▫ IPSec Link Layer ▫ IEEE

8.4 Securing Why have multiple-layer security? To provide user level security It is easier to deploy security services at higher layers in protocol stack

8.4 Securing 4 Security Features Confidentiality Sender Authentication Message Integrity Receiver Authentication

8.4 Securing Confidentiality Public Key Cryptography ▫ RSA Symmetric Key Technology ▫ DES or AES

8.4 Securing Sender Authentication & Message Integrity Without Confidentiality ▫ Digital Signatures and Message Digests

8.4 Securing Sender Authentication & Message Integrity With Confidentiality

8.4 Securing Pretty Good Privacy (PGP) ---BEGIN PGP SIGNED MESSAGE--- Hash: SHA1 Bob: My husband is out of town tonight. Passionately yours, Alice ---BEGIN PGP SIGNATURE--- Version: PGP 5.0 Charset: noconv yhHJRHhGJGhgg/12EpJ+lo8gE4vB3mqJhFEvZP9t6n7G6m5Gw2 ---END PGP SIGNATURE BEGIN PGP MESSAGE--- Version: PGP 5.0 u4g9fh0KJF03hjdoe./jehfiwoefwehg032rskjclnvbiol -----END PGP MESSAGE

8.5 Securing TCP Connections: SSL SSL Secure Sockets Layer ▫ Enhanced version of TCP Transport Layer Security ▫ Slightly modified version of SSL (version 3) Https

8.5 Securing TCP Connections: SSL Why SSL? Provides confidentiality Provides data integrity Provides server authentication

8.5 Securing TCP Connections: SSL Three Phases Handshake Key Derivation Data Transfer (Connection Closure)

8.5 Securing TCP Connections: SSL SSL Handshake Server authentication ▫ Master Secret (MS) ▫ Encrypted Master Secret (EMS)

8.5 Securing TCP Connections: SSL SSL Key Derivation Generate Four Keys: ▫ E B = encryption ▫ M B = MAC ▫ E A = encryption ▫ M A = MAC

8.5 Securing TCP Connections: SSL SSL Data Transfer Break data stream into records: DataMAC VersionLengthType Encrypted with E B

8.5 Securing TCP Connections: SSL Real SSL Server authentication Negotiation: agree on crypto algorithms Establish keys Client authentication (optional)

8.5 Securing TCP Connections: SSL Closing Connection TCP FIN Type field

Bibliography [1] J. Kurose and K. Ross, Computer Networking: A top-down approach, 5 th edition. New York: Pearson Education, Inc., [2] M.S.Bhiogade, “Secure Socket Layer”, in InSITE - “Where Parallels Intersect,” June 2002, pp [3]A. Weaver, “How Things Work Secure Sockets Layer,” in Computer – Innovative Technology for Computing Professionals, April [4] R. Bazile and O. Wong, “Pretty Good Privacy Network Security and Cryptography, CS682,” November 4, [5] D.V. Bhatt, S. Schulze, G.P. Hancke, L. Horvath, “Secure Internet access to gateway using secure socket layer,” in Virtual Environments, Human- Computer Interfaces and Measurement Systems, July 2003, pp [6] S. Garfinkel and G. Spafford, Web Security and Commerce. Sebastopol, CA : O'Reilly & Associates, Inc., [7] A. Levi and Ç. K. Koç, “Risks in Security,” in Inside Risks, [8] M. Sunner, “ Security,” in Network Security, Volume 2005, Issue 12, December 2005, pp. 4-7.