Presentation is loading. Please wait.

Presentation is loading. Please wait.

Transport Layer Security (TLS)

Published byÁngeles Alvarado Modified over 6 years ago

Similar presentations

Presentation on theme: "Transport Layer Security (TLS)"— Presentation transcript:

1 Transport Layer Security (TLS)
Presented by : Kumara Swamy Kallepalli

2 Two protocols are dominant today for providing security at the transport layer
Secure Sockets Layer (SSL) protocol Transport Layer Security (TLS) protocol

3 TLS Definition: Transport Layer Security (TLS) was designed to provide security at the transport layer. TLS was derived from a security protocol called Secure Sockets Layer (SSL). The first difference is the version number (major and minor). The current version of SSL is 3.0; the current version of TLS is 1.0. In other words, SSLv3.0 is compatible with TLSv1.0. Another minor difference between SSL and TLS is the lack of support for the Fortezza method. TLS does not support Fortezza for key exchange or for encryption/decryption. “standardized” by IETF RFC2246.

4 Location of SSL and TSL in the Internet mode
TLS Location of SSL and TSL in the Internet mode End-to-end between a client and server – Sits on top of TCP – Requires reliable connection Most important Internet crypto protocol? – Secure web pages – and LDAP access control

5 TLS layers : Four TLS protocol

6 1. Handshake protocol TLS
Handshake: Responsible for negotiating security, authenticating the server to the browser, and (optionally) defining other communication parameters. Data exchange (record) protocol uses the secret key to encrypt the data for secrecy and to encrypt the message digest for integrity. Phase 1 : Client side version, client random number, session id , compression method Server side Version, server random number, session, selected compression method After Phase I, the client and server know the following: The version of SSL ❏ The algorithms for key exchange, message authentication, and encryption ❏ The compression method ❏ The two random numbers for key generation Phase 2: After Phase II, ❏ The server is authenticated to the client. ❏ The client knows the public key of the server if required. Server sends a certificate message that includes the public key of the server. The public key is certified by some certification authority, which means that the public key is encrypted by a CA private key. Browser has a list of CAs and their public keys. It uses the corresponding key to decrypt the certification and finds the server public key. This also authenticates the server because the public key is certified by the CA. Phase 3: After Phase III, ❏ The client is authenticated for the server. ❏ Both the client and the server know the pre-master secret. Browser sends a secret key, encrypts it with the server public key, and sends it to the server. Phase 4: After Phase IV, the client and server are ready to exchange data. Browser sends a message, encrypted by the secret key, to inform the server that handshaking is terminating from the browser key. Server decrypts the secret key using it private key and decrypts the message using the secret key. It then sends a message, encrypted by the secret key, to inform the browser that handshaking is terminating from the server side.

7 Hash for Certificate Verify message in TLS

8 Hash for Finished message in TLS

9 2. Change Cipher Spec Protocol

10 TLS 3. Alert protocol TLS supports all of the alerts defined in SSL except for NoCertificate. TLS also adds some new ones to the list. Table shows the full list of alerts supported by TLS.

11 4. Record protocol

12

Download ppt "Transport Layer Security (TLS)"

Similar presentations

Computer Science CSC 474Dr. Peng Ning1 CSC 474 Information Systems Security Topic 4.5 Transport Layer Security.

Computer Science CSC 474Dr. Peng Ning1 CSC 474 Information Systems Security Topic 4.5 Transport Layer Security.
Web security: SSL and TLS

Web security: SSL and TLS
1 Lecture 17: SSL/TLS history, architecture basic handshake session initiation/resumption key computation negotiating cipher suites application: SET.

1 Lecture 17: SSL/TLS history, architecture basic handshake session initiation/resumption key computation negotiating cipher suites application: SET.
Lecture 6: Web security: SSL

Lecture 6: Web security: SSL
TLS. 14.1 Introduction 14.2 TLS Record Protocol 14.3 TLS Handshake Protocol 14.4 Summary.

TLS Introduction 14.2 TLS Record Protocol 14.3 TLS Handshake Protocol 14.4 Summary.
Cryptography and Network Security

Cryptography and Network Security
Secure Socket Layer.

Secure Socket Layer.
SSL CS772 Fall 2011. Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.

SSL CS772 Fall Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.
17.1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 17 Security at the Transport Layer: SSL and TLS.

17.1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 17 Security at the Transport Layer: SSL and TLS.
Socket Layer Security. In this Presentation: need for web security SSL/TLS transport layer security protocols HTTPS secure shell (SSH)

Socket Layer Security. In this Presentation: need for web security SSL/TLS transport layer security protocols HTTPS secure shell (SSH)
Internet Security Protocols

Internet Security Protocols
7-1 Chapter 7 – Web Security Use your mentality Wake up to reality —From the song, I've Got You under My Skin“ by Cole Porter.

7-1 Chapter 7 – Web Security Use your mentality Wake up to reality —From the song, "I've Got You under My Skin“ by Cole Porter.
Chapter 7 Web Security MSc. NGUYEN CAO DAT Dr. TRAN VAN HOAI.

Chapter 7 Web Security MSc. NGUYEN CAO DAT Dr. TRAN VAN HOAI.
Transport Layer Security (TLS) Protocol Introduction to networks and communications(CS555) Prof : Dr Kurt maly Student:Abhinav y.

Transport Layer Security (TLS) Protocol Introduction to networks and communications(CS555) Prof : Dr Kurt maly Student:Abhinav y.
BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.

BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.
Cryptography and Network Security Chapter 17

Cryptography and Network Security Chapter 17
K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.

K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.
CSCE 790: Computer Network Security Chin-Tser Huang University of South Carolina.

CSCE 790: Computer Network Security Chin-Tser Huang University of South Carolina.
Chapter 8 Web Security.

Chapter 8 Web Security.
Announcement Final exam: Wed, June 9, 9:30-11:18 Scope: materials after RSA (but you need to know RSA) Open books, open notes. Calculators allowed. 1.

Announcement Final exam: Wed, June 9, 9:30-11:18 Scope: materials after RSA (but you need to know RSA) Open books, open notes. Calculators allowed. 1.

Similar presentations

Ads by Google