Network and Internet Security Prepared by Dr. Lamiaa Elshenawy Computer Security Lecture 8 Ch.16 Network and Internet Security Prepared by Dr. Lamiaa Elshenawy

Outline Transport-level security Web Security Considerations Secure Socket Layer and Transport Layer Security Transport Layer Security (TLS) HTTPS Secure Shell (SSH)

Transport-level security Key Points Internet security : is a branch of computer security browser security Secure Socket Layer (SSL) security services between TCP (Transmission Control Protocol) and applications use TCP Transport Layer Service (TLS) SSL/TLS confidentiality & data integrity symmetric encryption & message authentication code (MAC) HTTPS (HTTP over SSL) combination of HTTP and SSL secure communication between Web browser & web server involves provides by provides by Refers to implement

Transport-level security Web Security Considerations Internet is two-way Web is vulnerable to attacks Business transactions Reputations damaged and money lost Web servers subverted Web software hide many potential security flaws vulnerable to a variety of security attacks

Transport-level security Web Security Considerations Web server launching pad attacker access data systems connected to server at local site Untrained (in security matters) users are common clients Web-based services not have tools or knowledge to effective countermeasures

Transport-level security Threats on Web

Transport-level security Secure Socket Layer and Transport Layer Security SSL provides basic security services to various higher layer protocols (Hypertext Transfer Protocol (HTTP)), which provides the transfer service for Web client/server interaction SSL architecture

Transport-level security Handshake Protocol Most complex part of SSL Used before any application data is transmitted Allows the server and client to authenticate each other Negotiate an encryption & MAC algorithm & cryptographic keys to protect data Handshake Protocol

Transport-level security Handshake Protocol Type (1 byte) Indicates one of 10 messages Length (3 bytes) length of the message in bytes Content (≥ 0 bytes) parameters associated with this message

Transport-level security Handshake Protocol

Transport-level security Change Cipher Spec Protocol Least complex part of SSL Consists of a single message (single byte with the value 1) Updates cipher suite to be used on this connection Change Cipher Spec Protocol

Transport-level security Alert Protocol Convey SSL-related alerts to the peer entity Alert messages are compressed and encrypted Each message in this protocol consists of two bytes 1 Unexpected_ message warning fatal An appropriate message was received 2

Transport-level security SSL Record Protocol SSL Record Protocol provides two security services Confidentiality: Handshake Protocol defines a shared secret key that is used for conventional encryption Message Integrity: Handshake Protocol defines a shared secret key that is used to form a message authentication code (MAC)

Transport-level security SSL Record Protocol SSL Record protocol Operation

Transport-level security SSL Record Protocol Content Type (8 bits): Higher-layer protocol used to process the enclosed fragment. Major Version (8 bits): Indicates major version of SSL in use (SSLv3--- value= 3) Minor Version (8 bits): Indicates minor version of SSL in use (SSLv3--- value= 0) Compressed Length (16 bits): The length of the plaintext fragment (Max= 214+2048)

Transport-level security: HTTPS What is HTTPS? HTTPS built into all modern Web browsers URL (uniform resource locator) https:// port 443 http:// port 80

Transport-level security: SSH What is SSH? Secure Shell (SSH) is a protocol for secure network communications designed to be simple and inexpensive What are versions of SSH? SSH1 email/file transfer SSH2 fixes security flaws of SSH1

Transport-level security: SSH SSH Protocol Stack

Thank you for your attention