Presentation is loading. Please wait.

Presentation is loading. Please wait.

The Secure Sockets Layer (SSL) Protocol

Published byEdwin Warren Modified over 6 years ago

Similar presentations

Presentation on theme: "The Secure Sockets Layer (SSL) Protocol"— Presentation transcript:

1 The Secure Sockets Layer (SSL) Protocol
Presented by Fengmei Zou Date: Feb. 10, 2000

2 Overview What is SSL? How does SSL work? How to implement SSL?
Summary and Comments.

3 What is SSL? A protocol developed by Netscape.
It is a whole new layer of protocol which operates above the Internet TCP protocol and below high-level application protocols.

4 What is SSL?

5 What Can SSL Do? SSL uses TCP/IP on behalf of the higher-level protocols. Allows an SSL-enabled server to authenticate itself to an SSL-enabled client; Allows the client to authenticate itself to the server; Allows both machines to establish an encrypted connection.

6 What Does SSL Concern? SSL server authentication.
SSL client authentication. (optional) An encrypted SSL connection or Confidentiality. This protects against electronic eavesdropper. Integrity. This protects against hackers.

7 SSL includes two sub-protocols: the SSL Record Protocol and the SSL Handshake Protocol.
Record Protocol -- defines the format used to transmit data. Handshake Protocol -- using the Record protocol to exchange messages b/t an SSL-enable server and an SSL-enable client.

8 The exchange of messages facilitates the following actions: Authenticate the server to the client; Allows the client and server to select a cipher that they both support; Optionally authenticate the client to the server; Use public-key encryption techniques to generate share secrets; Establish an encrypted SSL conn.

9 Two Useful Terms A certificate.
A certificate has the following content: 1. The certificate issuer’s name 2. The entity for whom the certificate is being issued (aka the subject) 3. The public key of the subject 4. Some time stamps

10 Two useful Terms A digit signature -- A message digest derived from the original one, has following important properties: 1. The digest is difficult to reverse 2. It is hard to find a different message that computed to the same digest value.

11 How does SSL Work? How a client and a server create a secure connection? The SSL protocol uses RSA public key cryptography for Internet Security. Public key encryption uses a pair of asymmetric keys for encryption and decryption.

12 How does SSL Work? Each pair of keys consists of a public key and a private key. The public key is made public by distributing it widely; the private key is always kept secret. Data encrypted with the public key can be decrypted only with the private key, and vice versa.

13 How SSL Works: the Handshake in Detail

14 How SSL Works: the Handshake in Detail
Client hello - The client sends the server information including the highest version of SSL it supports and a list of the cipher suites it supports. Server hello - The server chooses the highest version of SSL and the best cipher suite that both the client and server support and sends this information to the client. Certificate - If server authentication is required then the server sends the client a certificate or a certificate chain. Certificate request - If the server needs to authenticate the client, it sends the client a certificate request. Server key exchange - The server sends the client a server key exchange message when the public key information sent in 3) above is not sufficient for key exchange. Server hello done - The server tells the client it is finished with its initial negotiation messages.

15 How SSL Works: the Handshake in Detail
Certificate - If the server requests a certificate from the client in Message 4, the client sends its certificate chain, like the server did in Message 3. Client key exchange - The client generates information used to create a key to use for symmetric encryption. For RSA, the client then encrypts this key information with the server's public key and sends it to the server. Certificate verify – If the server is authenticating the client, the client sends a random number that it digitally signs. When the server decrypts number with the client's public key, the server authenticates the client. Change cipher spec - The client tells the server to change to encrypted mode. Finished - The client sends the server a hash of the handshake messages. Change cipher spec - The server tells the client to change to encrypted mode. Finished - The server sends the client a hash of the handshake messages. Encrypted data - The client and the server communicate using the symmetric encryption algorithm and the cryptographic hash function negotiated in Messages 1 and 2, using the secret key that the client sent to the server in Message 8.

16 The SSL handshake is now complete. The server and the
client use the session keys to encrypt and decrypt the data they send to each other and to validate its integrity. Note that both client and server authentication involve encrypting some pieces of data with one key of a public- private key pair and decrypting it with the other key.

Download ppt "The Secure Sockets Layer (SSL) Protocol"

Similar presentations

Security and Privacy over the Internet Chan Hing Wing, Anthony Mphil Yr. 1, CSE, CUHK Oct 19, 1998.

Security and Privacy over the Internet Chan Hing Wing, Anthony Mphil Yr. 1, CSE, CUHK Oct 19, 1998.
Computer Science CSC 474Dr. Peng Ning1 CSC 474 Information Systems Security Topic 4.5 Transport Layer Security.

Computer Science CSC 474Dr. Peng Ning1 CSC 474 Information Systems Security Topic 4.5 Transport Layer Security.
Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.

Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.
1 Lecture 17: SSL/TLS history, architecture basic handshake session initiation/resumption key computation negotiating cipher suites application: SET.

1 Lecture 17: SSL/TLS history, architecture basic handshake session initiation/resumption key computation negotiating cipher suites application: SET.
SSL Protocol By Oana Dini. Overview Introduction to SSL SSL Architecture SSL Limitations.

SSL Protocol By Oana Dini. Overview Introduction to SSL SSL Architecture SSL Limitations.
TLS. 14.1 Introduction 14.2 TLS Record Protocol 14.3 TLS Handshake Protocol 14.4 Summary.

TLS Introduction 14.2 TLS Record Protocol 14.3 TLS Handshake Protocol 14.4 Summary.
Cryptography and Network Security

Cryptography and Network Security
Presented by Fengmei Zou Date: Feb. 10, 2000 The Secure Sockets Layer (SSL) Protocol.

Presented by Fengmei Zou Date: Feb. 10, 2000 The Secure Sockets Layer (SSL) Protocol.
Secure Socket Layer.

Secure Socket Layer.
SSL CS772 Fall 2011. Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.

SSL CS772 Fall Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.
7-1 Chapter 7 – Web Security Use your mentality Wake up to reality —From the song, I've Got You under My Skin“ by Cole Porter.

7-1 Chapter 7 – Web Security Use your mentality Wake up to reality —From the song, "I've Got You under My Skin“ by Cole Porter.
An Introduction to Secure Sockets Layer (SSL). Overview Types of encryption SSL History Design Goals Protocol Problems Competing Technologies.

An Introduction to Secure Sockets Layer (SSL). Overview Types of encryption SSL History Design Goals Protocol Problems Competing Technologies.
SSL : An Overview Bruhadeshwar Bezawada International Institute of Information Technology, Hyderabad.

SSL : An Overview Bruhadeshwar Bezawada International Institute of Information Technology, Hyderabad.
Mar 19, 2002Mårten Trolin1 This lecture On the assignment Certificates and key management SSL/TLS –Introduction –Phases –Commands.

Mar 19, 2002Mårten Trolin1 This lecture On the assignment Certificates and key management SSL/TLS –Introduction –Phases –Commands.
Apr 2, 2002Mårten Trolin1 Previous lecture On the assignment Certificates and key management –Obtaining a certificate –Verifying a certificate –Certificate.

Apr 2, 2002Mårten Trolin1 Previous lecture On the assignment Certificates and key management –Obtaining a certificate –Verifying a certificate –Certificate.
Mar 12, 2002Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities SSL/TLS.

Mar 12, 2002Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities SSL/TLS.
Cryptography and Network Security Chapter 17

Cryptography and Network Security Chapter 17
Encryption An Overview. Fundamental problems Internet traffic goes through many networks and routers Many of those networks are broadcast media Sniffing.

Encryption An Overview. Fundamental problems Internet traffic goes through many networks and routers Many of those networks are broadcast media Sniffing.
EECC694 - Shaaban #1 lec #16 Spring2000 5-4-2000 Properties of Secure Network Communication Secrecy: Only the sender and intended receiver should be able.

EECC694 - Shaaban #1 lec #16 Spring Properties of Secure Network Communication Secrecy: Only the sender and intended receiver should be able.
Chapter 8 Web Security.

Chapter 8 Web Security.

Similar presentations

Ads by Google