1 Understanding Secure Socket Layer (SSL) Advisor Advisor Prof. Tzonelih Hwang Presenter Prosanta Gope

Flash Back 2

3 Agenda SSL Basics SSL Basics Authentication in SSL Authentication in SSL

4 SSL Usage Authenticate the server to the clientAuthenticate the server to the client Allow the client and server to select cryptographic algorithms, or ciphers, that they both support using CipherSuites in Hello messageAllow the client and server to select cryptographic algorithms, or ciphers, that they both support using CipherSuites in Hello message E.g. SSL_RSA_With_RC4_128_MD5 Optionally authenticate the client to the serverOptionally authenticate the client to the server Use public key encryption techniques to generate shared secretUse public key encryption techniques to generate shared secret Establish an encrypted SSL connectionEstablish an encrypted SSL connection

5 Secure Socket Layer SSL is a secure protocol which runs above TCP/IP and allows users to encrypt data and authenticate servers/vendors identity securely Application layer Transport layer TCP/IP layer SMTPSFTPSHTTPS SECURE SOCKET LAYER

6 SSL Stack

7 SSL Handshake SSL handshake verifies the server and allows client and server to agree on an encryption set before any data is sent out

8 SSL Handshake

Understanding the Concept of Public Key Certificate 9

Public Key Certificates 10

11 SSL Handshake Server Client Public key Private key Client request Public key

Precisely 12

13 SSL Handshake SSL version number client supported (v2, v3) Ciphers supported client (DES, RC2, RC4) Client Random Number SSL version number server picked (v2, v3) Ciphers server picked (DES, RC2, RC4) Server Random Number Server Client Public key Private key Public key Certificate

14 Verify Certificate Checking Server Client Public key Private key Client request Certificate Valid Public key Certificate is Good and Valid Server/vendor has been verified and authenticated Client has vendor’s public key and can now encrypt pre-master to send to server/vendor

15 Verify Server Certificate

16 Not-recognizable Certificate

17 SSL Session Key Server Client Public key Private key Public keyPre-Master Session key

18 Secure Data on Network Server Client Public key Private key Session key Data Session key Data Session key Data

SSL Handshake - details Client Server Generate Challenge Return Server Certificate Decrypt pre-master session key Generates pre-master session key Encyrpt: pre-master session key Verify server certificate Encrypt random challenge phrase Decrypt and verify challenge phrase Hello, Challenge Server Cert {pre-master session Key} Server's public key {Client's Challenge}sessionKey Server Authentication

SSL Handshake Client Server Decrypt challenge Decrypt Message Digest Verify Client certificate and recompute message digest Done Calculate message digest on Challenge and Server certificate (Challenge phrase) Server private key [Message Digest ] Client private key Client Certificate (Session Identifier) sessionKey Client Authentication Generate new challenge Requests Client certificate

21 Client Certificate (optional) Client only sends a certificate upon the receipt of a certificate request –Sends after receiving server hello done –If the client does not have a suitable certificate, it sends a no certificate alert Server will respond with a fatal handshake failure if a client certificate is necessaryServer will respond with a fatal handshake failure if a client certificate is necessary

22 Verify Client Certificate

23 SSL Architecture

24 Change Cipher Spec Protocol The change cipher spec protocol is used to change the encryption being used by the client and server. It is normally used as part of the handshake process to switch to symmetric key encryption.The change cipher spec protocol is used to change the encryption being used by the client and server. It is normally used as part of the handshake process to switch to symmetric key encryption. Before the Finished messageBefore the Finished message

25 SSL Architecture

26 Alert Layer Explain severity of the message and a descriptionExplain severity of the message and a description –fatal Immediate terminationImmediate termination Other connections in session may continueOther connections in session may continue Session ID invalidated to prevent failed session to open new sessionsSession ID invalidated to prevent failed session to open new sessions Alerts are compressed same as other dataAlerts are compressed same as other data

27 SSL Architecture

28 SSL Record Protocol Operation

29 Record Layer Compression and decompressionCompression and decompression A MAC is applied to each record using the MAC algorithm defined in the current cipher specA MAC is applied to each record using the MAC algorithm defined in the current cipher spec Encryption occurs after compressionEncryption occurs after compression May need fragmentationMay need fragmentation

30 Review the SSL Handshake

31 SSL Handshake Client hello Server hello Present Server Certificate *Request Client Certificate Server Key Exchange Client Finish *Present Client Certificate Client Key Exchange *Certificate Verify Change Cipher Spec Server Finish Change Cipher Spec Client Server Application Data

For any Query Please me: 32

33 古早密碼學 古典密碼學 資安號 Privacy Integrit y Authentication Network Security Services Authentication

34 Thanks!