2. SSL/PKI/SET CIS345 Spring 2003

3. OSI – Open Systems Interconnection

4. Security Review – where is SET and SSL

5. Security Objectives – Reasons (1) Protect traffic between trusted hosts from forgery or eavesdropping. It is because traffic between end pairs over the Internet might pass through hostile hosts. Attackers could do damage. Protect the whole range of Internet software currently in use. The services include such as e-mail, HTTP, Remote access that relies on TCP/IP must be protected. (too expensive to replace it.)

6. Example of protecting traffic

7. Security Objectives – Reasons (2) An untrusted network is in place. In many cases, the untrusted network is the public Internet and is too expensive to replace by an a trusted network between two end pairs. Protection is automatic. Individual users do not need to modify the protocol. Internet Public Network Untrusted

8. SSL- Secure Sockets Layer Secure Sockets Layer (SSL) is the dominant protocol for encrypting general communications between browser and server

9. What is Secure Socket Layer – SSL? It is a flexible, general-purpose encryption system. It was introduced in 1994 in the Netscape Navigator browser. There have been three versions of SSL

10. SSL Purpose l Provides security between WEB Server and Browser to pass sensitive information.  Social Security Number (SSN)  Secret information, etc  Padlock at bottom of screen.  Open  Closed

11. What is the benefit of SSL? If you want to send a message through an untrusted network, you have to encrypt it prior to sending, as you fear that your data will be modified/tapped by unauthorised users. With the SSL, it provides the built-in data encryption, which means that you DON”T need to encrypt it. No need to encrypt

12. SSL History l Developed by Netscape in 1994 –v1.  SSLv2 released in 1995  SSL v3 also released in 1995 due to bugs in v2.  In 1996 the Internet Engineering Task Force (IETF) formed the:  Transport Layer Security (TLS) committee.  TLSv1 was based upon SSLv3 l Both Netscape and Microsoft support TLSv1.

13. SSL Characteristics SSL protocol operates at TCP/IP transport layer, TCP layer (or layer 4 in ISO/OSI model). It works with NTTP (news), HTTP (web) and SMTP (e-mail) This gives SSL flexibility and protocol independence.

14. SSL Functions l SSL serves four basic functions: 4Authentication between the Web Server and client. 4Encryption between Web server and client. 4 Integrity between Web Server and Client. 4 Key Exchange between Web Server and Client.

15. SSL/TLS It is now the focal point of Internet Standards activity by the Internet Engineering Task Force (IETF). The proposed Transport layer security (TLS v1) protocol is based on SSL version 3. How about the current status?

16. SSL Encryption: SSL uses two different encryption technologies:  Public Key encryption (asymmetric) is used to authenticate the server and/or client and to exchange a private session key between the server and the client.  Private Key encryption (symmetric) is used to encrypt the data between the server and client.

17. SSL Cracked In 1995, a French used a cipherpunk using a brute force attack to attack the secret message.  In 9/1995, two Berkey students found that the session keys were predictable. Yes In 10/1995, some students used packet sniffer technology to modify the binary as it passed through the newtrok.  It uses 40 bits and is not secure, as it takes 3.5 hours using brute force (try all combinations).

18. Features of SSL SSL was put at the transport layer so that it is not specifically for the HTTP protocol. It is not as efficient for Web browsing. SSL connection must use TCP/IP socket. However, SSL is flexible to use any DES, cipher block, triple DES, RC2 or RC4

19. The cipher suite descriptions that follow refer to these algorithms: DES. Data Encryption Standard, an encryption algorithm used by the U.S. Government. DSA. Digital Signature Algorithm, part of the digital authentication standard used by the U.S. Government. KEA. Key Exchange Algorithm, an algorithm used for key exchange by the U.S. Government. MD5. Message Digest algorithm developed by Rivest. RC2 and RC4. Rivest encryption ciphers developed for RSA Data Security. RSA. A public-key algorithm for both encryption and authentication. Developed by Rivest, Shamir, and Adleman. (The Rivest-Shamir-Adleman (RSA) algorithm was the first realization of a public key system, and has also become the most widely used public-key system. We will see that the security is conjectured to be as hard as factoring large integers. ) RSA key exchange. A key-exchange algorithm for SSL based on the RSA algorithm. SHA-1. Secure Hash Algorithm, a hash function used by the U.S. Government. SKIPJACK. A classified symmetric-key algorithm implemented in FORTEZZA- compliant hardware used by the U.S. Government.

20. Data Encryption Standard (DES) US standard Symmetrical Encryption 64 bit plain text blocks 56 bit key Declared insecure in 1998 Electronic Frontier Foundation DES Cracker machine DES now worthless Alternatives include TDEA

21. PKI – Public Key Infrastructure A PKI enables users of a basically unsecure public network such as the Internet to securely and privately exchange data and money through the use of a public and a private cryptographic key pair that is obtained and shared through a trusted authority. The public key infrastructure provides for a digital certificate that can identify an individual or an organization and directory services that can store and, when necessary, revoke the certificates.digital certificate

22. Functions of a PKI Generate public/private key pairs Identify and authenticate key subscribers Bind public keys to subscriber by digital certificate Issue, maintain, administer, revoke, suspend, reinstate, and renew digital certificates Create and manage a public key repository

23. PKI - Authentication PKi provides the basic security required to carry out electronic business so that users, who do not know each other, or are widely distributed, can communicate securly. PKI is based on digital certificates which bind the user’s digital signature to their public key. PKI should consist of  A security policy  Certificate Authority (CA)  Registration Authority (RA)  Certificate Distribution System  PKI enabled applications

24. Certification Authority A certificate authority (CA) is an authority in a network that issues and manages security credentials and public keys for message encryption. As part of a public key infrastructure (PKI), a CA checks with a registration authority (RA) to verify information provided by the requestor of a digital certificate. If the RA verifies the requestor's information, the CA can then issue a certificate.public keyencryptionPKIRAdigital certificate Depending on the public key infrastructure implementation, the certificate includes the owner's public key, the expiration date of the certificate, the owner's name, and other information about the public key owner.

25. Certification Authority – cont. Public key of sender is required to be distributed. But how can we ensure that the receiver gets a trusted copy of the public key of the sender?  Use certificates.  The trustworthy institution is usually called Certification Authority (CA). The CA must be trusted by all parties.

26. Certificates: digital documents binding a public key to a name (individual or organization) issued by a certificate authority (CA). X.509 standard. Certificates have expiry dates can be revoked. Hierarchy of CA’s. Certification Authorities – cont.

27. Digital Certificate 1. USE CA’S PUBLIC KEY TO VERIFY CERTIFICATE IS GENUINE AND HAS NOT BEEN ALTERED. 2. VERIFY THAT CA NAME MATCHES. 3. VERIFY IDENTITY OF SENDER. 4. DECRYPT SENDER’S MESSAGE USING SENDER’S PUBLIC KEY 0. CA AUTHENTICATES SENDER, DIGITALLY SIGNS CERTIFICATE

28. An entity generates a public private key pair and sends the public key to CA. Based on the level of assurance (low, medium, high) of the certificate, the CA may go through differing degrees of effort to validate identity (physical visit, notarized document etc). Verisign (www.verisign.com) is an example of a CA Thawte (www.thawte.com) is another example, they offer free e-mail certificate at current time. Certification Authorities –cont.

29. SSL handshake SSL handshake means the communication between client and server nine It consists of nine steps that authenticate the two parties and create a shared session key. The goal of the protocol is to authenticate the server and optionally the client using a secret symmetric key that both used for encryption.

30. 1.Client sends client-hello message  2.  server acknowledges with server- hello message 3.  Server sends its certificates 4.  Server requestsclients’ certificate 5.Client sends its certificate  6.Client sends ClientKeyExchange message  7.Client sends a Certificate Verify message  8.  Both send ChangeCipherSpec messages  9.  Both send Finished messages  SSL Handshake – cont.

31. Something to remember Once both the client and server switch into encrypted mode, both will use the session key to symmetrically encrypt subsequent transmissions in both direction. The session key only lasts for this transaction and will be different for the next transaction It use symmetric encryption (note that public/private is asymmetric key).

32. Secure Electronic Transactions (SET) It is a specialised protocol for safeguarding credit-card-based transaction.

33. SET uses a system of locks and keys along with certified account IDs for both consumers and merchants. Then, through a unique process of "encrypting" or scrambling the information exchanged between the shopper and the online store, SET ensures a payment process that is convenient, private and most of all secure. SET – cont.

34. Credit Card and its relationship Customer Merchant Card issued bankMerchant’s bank Money Pay

35. SET’s services It supports four basic services, namely, 1) authentication, 2) confidentially, 3) message integrity and 4) linkage. It handles real-time transactions, batch transaction and installment payments.

36. Set’s four services Authentication: It means all the parties (card holder, merchant, merchant bank, card issued bank) in the transaction are authenticated using digital signatures Confidentially: The transaction is encrypted so that other cannot tap/modify the information. Message integrity: The transaction cannot be tampered with by devious individuals to alter the account number or the amount of transaction Linkage: SET allows a message sent to one party to contain an attachment that can be read only by another customer.

37. Summary of SET: Establishes Increases Provides Provides Allows 1.Establishes industry standards to keep your order and payment information confidential. 2.Increases integrity for all transmitted data through encryption. 3.Provides authentication that a cardholder is a legitimate user of a branded payment card account. 4.Provides authentication that a merchant can accept branded payment card transactions through its relationship with an acquiring financial institution. 5.Allows the use of the best security practices and system design techniques to protect all legitimate parties in an electronic commerce transaction.

38. SET product covers Cardholder registration Merchant registration Purchase requests Payment authorisation Payment capture (funds transfer between banks) Chargebacks (refunds to consumers for disputed charges) Credits Credits reversals Debit card

39. Why not use SSL? SSL is a general protocol and it encrypts the message between customer and merchant. However, it cannot resolve the issue between others such as checking the validity of card number, credit/debit the money, actual transaction. This must be handled between bank and customer, bank and merchant and bank to bank etc.

40. SET – how it works 3. Merchant forwards payment information to bank  6. Bank authorizes payment  8. Merchant captures transaction  9. Issuer sends credit card bill information  4. Bank checks with issuer for payment authorization.  5. Issuers authorizes payment.  Customer browses and decides to buy  SET sends order and payment information  7  Merchant completes order

41. Authentication steps in SET SSL uses a pair of keys (private/public keys, 2 keys) for encryption and digital signature. SET uses two pairs of keys (4 keys), one pair for encryption, while the other for digital signature. SET applies to merchant, merchant’s bank and card issuing bank. It uses Secure hash Algorithm (SHA) which produces 160-bit hash, the private/public key uses RSA (1024 bit) algorithm.

42. Other Digital Payments First virtual: it is designed for low- to medium- priced software sales, fee-for-service information purchases over the Internet. The consumer must first signs up for virtual account through on-line application form. Cybercash: a product of the CyberCash Corporations, is a SET like systems for credit/debit card transactions Digicash: A product of Netherlands-based Digicash systems. It is a digital cash system that works for phone cards.

43. The SET Secure Electronic Transaction TM protocol is an open industry standard developed for the secure transmission of payment information over the Internet and other electronic networks. SSL Secure Socket Layer (SSL) (developed by Netscape Communications Company) is a standard that encrypts data between a Web browser and a Web server. SSL does not specify what data is sent or encrypted. In an SSL session, all data sent is encrypted. Summary: SSL vs SET

44. Summary SSL is a general purpose protocol between browser and server, current version is 3. SET is a special protocol among customer, merchant, card issuing bank and merchant’s bank SSL uses a pair of keys for encryption and digital signature SET uses two pairs of keys for separating encryption and digital signature SET’s limitation is that it only works with credit/debit card.