Download presentation
Presentation is loading. Please wait.
1
Intro to SSL/TLS Network Security Gene Itkis
2
6/14/2015 Gene Itkis: CS558 Network Security 2 Origins Internet Engineering Task Force (IETF) –www.ietf.orgwww.ietf.org –Documents: RFC 2246 ANSI –X9.42 ITU –X.509 Netscape
3
6/14/2015 Gene Itkis: CS558 Network Security 3 History 1993 – Mosaic (“browser #1”) 1994 – Netscape Browser released –SSL v1 design complete – never released –SSL v2 released in Navigator 1.1 Badly broken (bad seeds for PRNG) 1995 – Explorer released –PCT (MS), SSL v3 (Netscape) 1996-1999 – TLS 1.0 1999 – WTLS
4
6/14/2015 Gene Itkis: CS558 Network Security 4 Architecture IP TCP SSL Application (HTTP)
5
6/14/2015 Gene Itkis: CS558 Network Security 5 Alternative architectures Separate Layer –Over TCP: SSL –Over IP: IPSec Application-Specific –SHTTP Parallel –Kerberos; Kerberos with TLS?
6
6/14/2015 Gene Itkis: CS558 Network Security 6 SSL choices Connection-oriented –SSL, TLS do not support UDP –But WTLS does No non-repudiation –But signatures are used for AKE “Only protects the pipe” –Attacks are mounted on data before and after “the pipe”
7
6/14/2015 Gene Itkis: CS558 Network Security 7 SSL security services Server authentication –Client authentication is optional Encryption Message integrity
8
6/14/2015 Gene Itkis: CS558 Network Security 8 SSL phases Handshake Set protocol details –Authenticate server –Establish keys Data transfer
9
6/14/2015 Gene Itkis: CS558 Network Security 9 Handshake ClientHello –Supported options ServerHello –Options to be used ServerCertificate (ServerKeyExchange) ServerHelloDone ClientKeyExchange Finished (sent by client)
Similar presentations
© 2025 SlidePlayer.com. Inc.
All rights reserved.