Presentation is loading. Please wait.

Presentation is loading. Please wait.

SSL/TLS.

Published byFelicity Pierce Modified over 5 years ago

Similar presentations

Presentation on theme: "SSL/TLS."— Presentation transcript:

1 SSL/TLS

2 What Ciphers to Use A TLS session negotiates four ciphers
Cipher used for authentication of server and optionally client (RSA DSS- Digital Signature Algorithm(really rare)/ EC-DSA) Cipher used for key exchange (RSA, E-DHE Ephemeral (Key is temporal) Cipher used for symmetric confidentiality (RC4, AES, DES) Cipher used for integrity (HMAC-MD5, HMAC-SHA) Negotiated in a 5-step session initiations protocol

3 TLS Cipher Negotiation
Client Server Supported ciphers, client random

4

5 TLS Cipher Negotiation
Client Server Supported ciphers, client random Chosen ciphers, server random, certificate

6

7 TLS Cipher Negotiation
Client Server Supported ciphers, client random Chosen ciphers, server random, SSL TLS certificate & Public key

8

9

10 TLS Cipher Negotiation
Client Server Supported ciphers, client random Chosen ciphers, server random, SSL TLS certificate & Public key Pre-master session key

11 Session Key

12 TLS Cipher Negotiation
Client Server Supported ciphers, client random Chosen ciphers, server random, SSL TLS certificate & Public key Pre-master session key Message after this are encrypted

13

14

15 Computer The Master Secret from the premaster secret
Premaster secret did not take into account anything from the server. Open to replay attacks: master_secret = PRF(pre_master_secret, "master secret", ClientHello.random + ServerHello.random) The “master secret” is simply a string whose ASCII bytes (e.g. “6d …”) TLS's PRF is created by splitting the secret into two halves and using one half to generate data with P_MD5 and the other half to generate data with P_SHA-1, then exclusive-or'ing the outputs of these two expansion functions together.

16

17

Download ppt "SSL/TLS."

Similar presentations

SSL/TLS Protocol Network Security Gene Itkis. Basic paradigmatic application: on-line purchase Client contacts Server (possibly for the first time) Spontaneity.

SSL/TLS Protocol Network Security Gene Itkis. Basic paradigmatic application: on-line purchase Client contacts Server (possibly for the first time) Spontaneity.
Web security: SSL and TLS

Web security: SSL and TLS
Spring 2012: CS419 Computer Security Vinod Ganapathy SSL, etc.

Spring 2012: CS419 Computer Security Vinod Ganapathy SSL, etc.
Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.

Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.
SSL CS772 Fall 2011. Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.

SSL CS772 Fall Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.
17.1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 17 Security at the Transport Layer: SSL and TLS.

17.1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 17 Security at the Transport Layer: SSL and TLS.
Transport Layer Security (TLS) Bill Burr November 2, 2001.

Transport Layer Security (TLS) Bill Burr November 2, 2001.
Web Security (SSL / TLS)

Web Security (SSL / TLS)
1 SSL/TLS 2 Web security Security requirements Secrecy to prevent eavesdroppers to learn sensitive information Entity authentication Message authentication.

1 SSL/TLS 2 Web security Security requirements Secrecy to prevent eavesdroppers to learn sensitive information Entity authentication Message authentication.
Transport Layer Security (TLS) Protocol Introduction to networks and communications(CS555) Prof : Dr Kurt maly Student:Abhinav y.

Transport Layer Security (TLS) Protocol Introduction to networks and communications(CS555) Prof : Dr Kurt maly Student:Abhinav y.
Slides by Kent Seamons and Tim van der Horst Last Updated: Nov 8, 2013.

Slides by Kent Seamons and Tim van der Horst Last Updated: Nov 8, 2013.
EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 9 Wenbing Zhao Department of Electrical and Computer Engineering.

EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 9 Wenbing Zhao Department of Electrical and Computer Engineering.
Encryption An Overview. Fundamental problems Internet traffic goes through many networks and routers Many of those networks are broadcast media Sniffing.

Encryption An Overview. Fundamental problems Internet traffic goes through many networks and routers Many of those networks are broadcast media Sniffing.
Announcement Final exam: Wed, June 9, 9:30-11:18 Scope: materials after RSA (but you need to know RSA) Open books, open notes. Calculators allowed. 1.

Announcement Final exam: Wed, June 9, 9:30-11:18 Scope: materials after RSA (but you need to know RSA) Open books, open notes. Calculators allowed. 1.
Transport-level and Web Security (SSL / TLS, SSH)

Transport-level and Web Security (SSL / TLS, SSH)
SSL / TLS in ITDS Arun Vishwanathan 23 rd Dec 2003.

SSL / TLS in ITDS Arun Vishwanathan 23 rd Dec 2003.
Behzad Akbari Spring 2012 (These slides are based on lecture slides by Lawrie Brown)

Behzad Akbari Spring 2012 (These slides are based on lecture slides by Lawrie Brown)
Introduction to Secure Sockets Layer (SSL) Protocol Based on: https://developer.mozilla.org/En/Introduction_to_SSL#The_SSL_Protocol.

Introduction to Secure Sockets Layer (SSL) Protocol Based on:
IPsec IPsec (IP security) Security for transmission over IP networks –The Internet –Internal corporate IP networks –IP packets sent over public switched.

IPsec IPsec (IP security) Security for transmission over IP networks –The Internet –Internal corporate IP networks –IP packets sent over public switched.
SSL (TLS) Part 2 Generating the Premaster and Master Secrets + Encryption.

SSL (TLS) Part 2 Generating the Premaster and Master Secrets + Encryption.

Similar presentations

Ads by Google