Presentation is loading. Please wait.

Presentation is loading. Please wait.

Seguridad en Sistemas de Información Francisco Rodríguez Henríquez SSL/TLS: An Introduction.

Published byJayson Boyd Modified over 9 years ago

Similar presentations

Presentation on theme: "Seguridad en Sistemas de Información Francisco Rodríguez Henríquez SSL/TLS: An Introduction."— Presentation transcript:

1 Seguridad en Sistemas de Información Francisco Rodríguez Henríquez SSL/TLS: An Introduction

2 Seguridad en Sistemas de Información Francisco Rodríguez Henríquez TLS Overview

3 Seguridad en Sistemas de Información Francisco Rodríguez Henríquez Problem Problem: Creating applications which can communicate securely over the Internet TLS: Transport Layer Security (SSL) Certificates Related technology: S-HTTP, IPSec, SET, SASL References

4 Seguridad en Sistemas de Información Francisco Rodríguez Henríquez What is SSL/TLS SSL (Secure Socket Layer) is an encryption protocol designed by Netscape, and TLS (Transport Level Security) is the successor protocol designed by the IETF. The protocols are designed to fit between the TCP/IP layer and the application layer(HTTP, SMTP). The most common uses of SSL/TLS are HTTP(web) and SMTP(mail), and like PGP, SSL/TLS uses public key cryptography.

5 Seguridad en Sistemas de Información Francisco Rodríguez Henríquez TLS: Overview Establish a session –Agree on algorithms –Perform authentication –Share secrets Transfer application data –Ensure privacy and integrity

6 Seguridad en Sistemas de Información Francisco Rodríguez Henríquez What is TLS? Protocol layer Requires reliable transport layer (e.g. TCP) Supports any application protocols IP TCP TLS HTTPTelnetFTPLDAP

7 Seguridad en Sistemas de Información Francisco Rodríguez Henríquez Changes from SSL 3.0 to TLS Additional Alerts added Modification to hash calculations Protocol version 3.1 in ClientHello, ServerHello

8 Seguridad en Sistemas de Información Francisco Rodríguez Henríquez TLS: HTTP Application HTTP most common TLS application –https:// Requires TLS-capable web server Requires TLS-capable web browser –Netscape Navigator –Internet Explorer –Cryptozilla Netscape Mozilla sources with SSLeay

9 Seguridad en Sistemas de Información Francisco Rodríguez Henríquez TLS Architecture

10 Seguridad en Sistemas de Información Francisco Rodríguez Henríquez TLS: Record Protocol

11 Seguridad en Sistemas de Información Francisco Rodríguez Henríquez TLS Handshake Protocol

12 Seguridad en Sistemas de Información Francisco Rodríguez Henríquez TLS Handshake: Three Goals 1.Negotiate Cipher-Suite Algorithms –Symmetric cipher to use –Key exchange method –Message digest function 2.Optionally authenticate server and/or client 3.Establish and share master secret

13 Seguridad en Sistemas de Información Francisco Rodríguez Henríquez Handshake Phases Hello messages Certificate and Key Exchange messages Change CipherSpec and Finished messages

14 Seguridad en Sistemas de Información Francisco Rodríguez Henríquez TLS: Hello Client “ Hello ” - initiates session –Propose protocol version –Propose cipher suite –Server chooses protocol and suite Client may request use of cached session –Server chooses whether to honor request

15 Seguridad en Sistemas de Información Francisco Rodríguez Henríquez References http://www.openssl.org/ http://www.openssl.org/docs/ http://httpd.apache.org/docs-2.0/ssl/ Stallings, William Cryptography and Network Security: Principles and Practice, 2nd Edition, Prentice Hall, 1999. Wagner, David, Schneier, Bruce “Analysis of the SSL 3.0 Protocol” Internet Drafts and RFCs.

Download ppt "Seguridad en Sistemas de Información Francisco Rodríguez Henríquez SSL/TLS: An Introduction."

Similar presentations

Cryptography and Network Security Chapter 16

Cryptography and Network Security Chapter 16
Spring 2012: CS419 Computer Security Vinod Ganapathy SSL, etc.

Spring 2012: CS419 Computer Security Vinod Ganapathy SSL, etc.
1 Lecture 17: SSL/TLS history, architecture basic handshake session initiation/resumption key computation negotiating cipher suites application: SET.

1 Lecture 17: SSL/TLS history, architecture basic handshake session initiation/resumption key computation negotiating cipher suites application: SET.
TLS. 14.1 Introduction 14.2 TLS Record Protocol 14.3 TLS Handshake Protocol 14.4 Summary.

TLS Introduction 14.2 TLS Record Protocol 14.3 TLS Handshake Protocol 14.4 Summary.
Cryptography and Network Security

Cryptography and Network Security
Secure Socket Layer.

Secure Socket Layer.
Socket Layer Security. In this Presentation: need for web security SSL/TLS transport layer security protocols HTTPS secure shell (SSH)

Socket Layer Security. In this Presentation: need for web security SSL/TLS transport layer security protocols HTTPS secure shell (SSH)
J. Wang. Computer Network Security Theory and Practice. Springer 2009 Chapter 5 Network Security Protocols in Practice Part II.

J. Wang. Computer Network Security Theory and Practice. Springer 2009 Chapter 5 Network Security Protocols in Practice Part II.
Working Connection Computer and Network Security - SSL, IPsec, Firewalls – (Chapter 17, 18, 19, and 23)

Working Connection Computer and Network Security - SSL, IPsec, Firewalls – (Chapter 17, 18, 19, and 23)
An Introduction to SSL/TLS and Certificates Providing secure communication over the Internet Frederick J. Hirsch

An Introduction to SSL/TLS and Certificates Providing secure communication over the Internet Frederick J. Hirsch
Module 5: TLS and SSL 1. Overview Transport Layer Security Overview Secure Socket Layer Overview SSL Termination SSL in the Hosted Environment Load Balanced.

Module 5: TLS and SSL 1. Overview Transport Layer Security Overview Secure Socket Layer Overview SSL Termination SSL in the Hosted Environment Load Balanced.
ITA, 2.11.2011, 8-TLS.pptx 1 Internet Security 1 (IntSi1) Prof. Dr. Andreas Steffen Institute for Internet Technologies and Applications (ITA) 8 Transport.

ITA, , 8-TLS.pptx 1 Internet Security 1 (IntSi1) Prof. Dr. Andreas Steffen Institute for Internet Technologies and Applications (ITA) 8 Transport.
December 2006Prof. Reuven Aviv, SSL1 Web Security with SSL Prof. Reuven Aviv Dept. of Computer Science Tel Hai Academic College.

December 2006Prof. Reuven Aviv, SSL1 Web Security with SSL Prof. Reuven Aviv Dept. of Computer Science Tel Hai Academic College.
BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.

BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.
Securing Network Communication. 2 Security Issues in Communication Privacy  Anyone can see content Integrity  Someone might alter content Authentication.

Securing Network Communication. 2 Security Issues in Communication Privacy  Anyone can see content Integrity  Someone might alter content Authentication.
Cryptography and Network Security Chapter 17

Cryptography and Network Security Chapter 17
Intro to SSL/TLS Network Security Gene Itkis. 6/14/2015 Gene Itkis: CS558 Network Security 2 Origins Internet Engineering Task Force (IETF) –www.ietf.orgwww.ietf.org.

Intro to SSL/TLS Network Security Gene Itkis. 6/14/2015 Gene Itkis: CS558 Network Security 2 Origins Internet Engineering Task Force (IETF) –
Intro to SSL/TLS Network Security Gene Itkis. 6/23/2015 cs458-658 Network Security (Gene Itkis) 2 Origins Internet Engineering Task Force (IETF) –www.ietf.orgwww.ietf.org.

Intro to SSL/TLS Network Security Gene Itkis. 6/23/2015 cs Network Security (Gene Itkis) 2 Origins Internet Engineering Task Force (IETF) –
CSCE 790: Computer Network Security Chin-Tser Huang University of South Carolina.

CSCE 790: Computer Network Security Chin-Tser Huang University of South Carolina.
Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Similar presentations

Ads by Google