Presentation is loading. Please wait.

Presentation is loading. Please wait.

CS 142 Lecture Notes: Network Security

Published byIrma Esser Modified over 5 years ago

Similar presentations

Presentation on theme: "CS 142 Lecture Notes: Network Security"— Presentation transcript:

1 CS 142 Lecture Notes: Network Security
Certificates CS 142 Lecture Notes: Network Security

2 SSL/TLS Overview Most common: only the server is authenticated Browser
client-hello server-hello + {server-cert}SKCA Key exchange (several options) Random key K client-key-exchange: {K}PKServer K {HTTP data}K Most common: only the server is authenticated CS 142 Lecture Notes: Network Security

3 SSL Stripping Replace https:// with http:// Active Attacker Browser
HTTP request HTTP request Modified response HTTP response HTTP request HTTPS request HTTP response HTTPS response Browser Server Attacker opens HTTPS session, forwards requests and responses Attacker observes private info CS 142 Lecture Notes: Network Security

4 CS 142 Lecture Notes: Network Security
HTTPS Indicators HTTP HTTPS Firefox 10 IE 8 Click on fav icon gives pop-up on bottom. Chrome 17 CS 142 Lecture Notes: Network Security 4

5 Mixed Content Indicators
Silly dialogs Firefox 10: no SSL indicator Chrome 17: caution sign IE 8: warning dialog, no SSL lock CS 142 Lecture Notes: Network Security

6 CS 142 Lecture Notes: Network Security

Download ppt "CS 142 Lecture Notes: Network Security"

Similar presentations

SSL/TLS Protocol Network Security Gene Itkis. Basic paradigmatic application: on-line purchase Client contacts Server (possibly for the first time) Spontaneity.

SSL/TLS Protocol Network Security Gene Itkis. Basic paradigmatic application: on-line purchase Client contacts Server (possibly for the first time) Spontaneity.
HTTPS and the Lock Icon Dan Boneh. Goals for this lecture Brief overview of HTTPS: How the SSL/TLS protocol works (very briefly) How to use HTTPS Integrating.

HTTPS and the Lock Icon Dan Boneh. Goals for this lecture Brief overview of HTTPS: How the SSL/TLS protocol works (very briefly) How to use HTTPS Integrating.
1 Lecture 17: SSL/TLS history, architecture basic handshake session initiation/resumption key computation negotiating cipher suites application: SET.

1 Lecture 17: SSL/TLS history, architecture basic handshake session initiation/resumption key computation negotiating cipher suites application: SET.
CS470, A.SelcukSSL/TLS & SET1 CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.

CS470, A.SelcukSSL/TLS & SET1 CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.
SSL CS772 Fall 2011. Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.

SSL CS772 Fall Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.
Hands-On Ethical Hacking and Network Defense Lecture 15 Man in the Middle Attack to get Passwords from HTTPS Sessions.

Hands-On Ethical Hacking and Network Defense Lecture 15 Man in the Middle Attack to get Passwords from HTTPS Sessions.
SSL Spoofing Man-In-The-Middle attack on SSL Duane Peifer.

SSL Spoofing Man-In-The-Middle attack on SSL Duane Peifer.
Online Security Tuesday April 8, 2003 Maxence Crossley.

Online Security Tuesday April 8, 2003 Maxence Crossley.
CIS 1310 – HTML & CSS 12 E-Commerce Overview. CIS 1310 – HTML & CSS Learning Outcomes  Define E-commerce  Identify Benefits & Risks of E-Commerce 

CIS 1310 – HTML & CSS 12 E-Commerce Overview. CIS 1310 – HTML & CSS Learning Outcomes  Define E-commerce  Identify Benefits & Risks of E-Commerce 
Internet-Based Client Access

Internet-Based Client Access
Lectures and Practicals Mon 8-10 SC1222 TUE 13-15 SC1222 Office: SC1421 Website: mis.csit.sci.tsu.ac.th/kanida.

Lectures and Practicals Mon 8-10 SC1222 TUE SC1222 Office: SC Website: mis.csit.sci.tsu.ac.th/kanida.
Implementing ISA Server Publishing. Introduction What Are Web Publishing Rules? ISA Server uses Web publishing rules to make Web sites on protected networks.

Implementing ISA Server Publishing. Introduction What Are Web Publishing Rules? ISA Server uses Web publishing rules to make Web sites on protected networks.
System settings for e-tendering portal HTTPS://ISPRL.EPROC.IN.

System settings for e-tendering portal
An Empirical Study of Visual Security Cues to Prevent the SSLstripping Attack Dongwan Shin and Rodrigo Lopes In Proc. 27 th Annual Computer Security Applications.

An Empirical Study of Visual Security Cues to Prevent the SSLstripping Attack Dongwan Shin and Rodrigo Lopes In Proc. 27 th Annual Computer Security Applications.
Secure Socket Layer (SSL) and Secure Electronic Transactions (SET) Network Security Fall 2014 Dr. Faisal Kakar

Secure Socket Layer (SSL) and Secure Electronic Transactions (SET) Network Security Fall Dr. Faisal Kakar
Certificate-Based Operations. Module Objectives By the end of this module participants will be able to: Define how cryptography is used to secure information.

Certificate-Based Operations. Module Objectives By the end of this module participants will be able to: Define how cryptography is used to secure information.
CS 241 Section (04/19/12). MP8  Web Server  Due: Tuesday, May 1 st, 11:59pm  What will you be doing?  Creating a web-server in C that serves HTML.

CS 241 Section (04/19/12). MP8  Web Server  Due: Tuesday, May 1 st, 11:59pm  What will you be doing?  Creating a web-server in C that serves HTML.
Ram Santhanam Application Level Attacks - Session Hijacking & Defences

Ram Santhanam Application Level Attacks - Session Hijacking & Defences
The Distribution Online Vending Pilot Project Demo Testing Certificate Management Kennedy P Subramoney 23 July 2004.

The Distribution Online Vending Pilot Project Demo Testing Certificate Management Kennedy P Subramoney 23 July 2004.
Lecture 16 Page 1 CS 236 Online Web Security CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.

Lecture 16 Page 1 CS 236 Online Web Security CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.

Similar presentations

Ads by Google