Presentation is loading. Please wait.

Presentation is loading. Please wait.

Intro to SSL/TLS Network Security Gene Itkis. 6/14/2015 Gene Itkis: CS558 Network Security 2 Origins Internet Engineering Task Force (IETF) –www.ietf.orgwww.ietf.org.

Similar presentations


Presentation on theme: "Intro to SSL/TLS Network Security Gene Itkis. 6/14/2015 Gene Itkis: CS558 Network Security 2 Origins Internet Engineering Task Force (IETF) –www.ietf.orgwww.ietf.org."— Presentation transcript:

1 Intro to SSL/TLS Network Security Gene Itkis

2 6/14/2015 Gene Itkis: CS558 Network Security 2 Origins Internet Engineering Task Force (IETF) –www.ietf.orgwww.ietf.org –Documents: RFC 2246 ANSI –X9.42 ITU –X.509 Netscape

3 6/14/2015 Gene Itkis: CS558 Network Security 3 History 1993 – Mosaic (“browser #1”) 1994 – Netscape Browser released –SSL v1 design complete – never released –SSL v2 released in Navigator 1.1 Badly broken (bad seeds for PRNG) 1995 – Explorer released –PCT (MS), SSL v3 (Netscape) 1996-1999 – TLS 1.0 1999 – WTLS

4 6/14/2015 Gene Itkis: CS558 Network Security 4 Architecture IP TCP SSL Application (HTTP)

5 6/14/2015 Gene Itkis: CS558 Network Security 5 Alternative architectures Separate Layer –Over TCP: SSL –Over IP: IPSec Application-Specific –SHTTP Parallel –Kerberos; Kerberos with TLS?

6 6/14/2015 Gene Itkis: CS558 Network Security 6 SSL choices Connection-oriented –SSL, TLS do not support UDP –But WTLS does No non-repudiation –But signatures are used for AKE “Only protects the pipe” –Attacks are mounted on data before and after “the pipe”

7 6/14/2015 Gene Itkis: CS558 Network Security 7 SSL security services Server authentication –Client authentication is optional Encryption Message integrity

8 6/14/2015 Gene Itkis: CS558 Network Security 8 SSL phases Handshake Set protocol details –Authenticate server –Establish keys Data transfer

9 6/14/2015 Gene Itkis: CS558 Network Security 9 Handshake ClientHello –Supported options ServerHello –Options to be used ServerCertificate (ServerKeyExchange) ServerHelloDone ClientKeyExchange Finished (sent by client)


Download ppt "Intro to SSL/TLS Network Security Gene Itkis. 6/14/2015 Gene Itkis: CS558 Network Security 2 Origins Internet Engineering Task Force (IETF) –www.ietf.orgwww.ietf.org."

Similar presentations


Ads by Google