Presentation is loading. Please wait.

Presentation is loading. Please wait.

SSL/TLS How to send your credit card number securely over the internet.

Published byHubert Hines Modified over 9 years ago

Similar presentations

Presentation on theme: "SSL/TLS How to send your credit card number securely over the internet."— Presentation transcript:

1 SSL/TLS How to send your credit card number securely over the internet

2 Breno de MedeirosFlorida State University Fall 2005 The security provided by SSL  SSL is implemented at level 4  The transport control layer  In practice, SSL uses TCP sockets  The underlying TCP implementation handles robustness of communication, such as replay of lost packets, buffering packets to re-order them correctly, etc.  SSL extends TCP interface for security

3 Breno de MedeirosFlorida State University Fall 2005 What does it entail?  To use SSL, applications must change.  They have to use the SSL API (application programming interface) and use SSL calls instead of TCP calls. Applications’ networking code must change  SSL may be deployed without making changes to the underlying Operating System, because it does not alter the implementation of the TCP protocol.

4 Breno de MedeirosFlorida State University Fall 2005 The rogue packet problem (1)  TCP uses checksums to ensure correctness of data.  but this checksum prevents only against random errors.  Suppose an attacker to SSL:  Forges the next TCP packet (in a TCP connection, packets are numbered).  Re-computes the TCP checksum  The TCP protocol accepts the corrupt packet, mark the packet number as delivered/received.

5 Breno de MedeirosFlorida State University Fall 2005 The rogue packet problem (2)  TCP relays the corrupted packet to SSL  SSL checks its cryptographic checksum -- a message authentication code (MAC) -- and realizes that the packet has been forged  TCP receives true packet from legitimate sender, sees that it has an already used number, and discards the packet as bad.  SSL cannot tell TCP to change its behavior, because it has not changed the TCP code. Only option for SSL is to hang up the connection.  The result is as if the connection had been cut, and the attacker does not need to be “in the middle.”

6 Breno de MedeirosFlorida State University Fall 2005 SSL as software only  Implementing SSL in hardware is unwieldy  It requires a TCP implementation to function  Therefore TCP has to be implemented in the same hardware  But TCP uses long buffers to ensure communication reliability. That means your hardware will require a lot of memory and be costly.  If SSL worked at a lower level, say level 3/ network layer, it could be coded in a net card.

7 Breno de MedeirosFlorida State University Fall 2005 Advantages of SSL  Allows for portable implementation, because it is an application-level process  Suitable for bundling with applications such as browsers, can be installed with user-privileges only, and minimum expertise in anything.  SSL can authenticate users (end-to-end authentication), not only machines or IP addresses (link-to-link authentication)

8 Breno de MedeirosFlorida State University Fall 2005 SSL/TLS: First Ingredients  SSL supports several “cipher suites”:  Algorithm sets for public key encryption, symmetric key encryption, and authentication (MACs).  Flexibility was needed because of export restrictions.  Client and Server must negotiate which algorithms are used in a session.  Client and server agree on a common secret:  Negotiated using public key cryptography  Incorporating challenges (nonces) from both parties.  From this common secret the symmetric keys are derived.

9 Breno de MedeirosFlorida State University Fall 2005 SSL/TLS: Ingredients (2)  SSL uses directional symmetric keys. After agreeing on common secret:  Client and server derive from it two IVs, encrypt and decrypt keys, as well as authentication and verification keys. A total of six secrets are derived from the agreed secret (pre-key).  Client read keys = Server write keys  Server IV = part of Server encryption parameters = part of client decryption parameters  Server encryption key = Client decryption key  Server authentication key = Client verification key  Client write keys = Server read keys  Client IV = part of Client encryption parameters = part of server decryption parameters  Client encryption key = Server decryption key  Client authentication key = Server verification key

10 Breno de MedeirosFlorida State University Fall 2005 SSL/TLS Basic Protocol Client Server Cipher suites supported, R 1 = R Client Create S; Derive K as f(S,R 1,R 2 ) Get S; Derive K as f(S,R 1,R 2 ) Choice of cipher suite, R 2 = R Server {S} Server, MAC CAK (handshake) MAC SAK (handshake) Enc., auth. data

Download ppt "SSL/TLS How to send your credit card number securely over the internet."

Similar presentations

Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.

Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.
1 Lecture 12 SSL/TLS (Secure Sockets Layer / Transport Layer Security) CIS 4362 - CIS 5357 Network Security.

1 Lecture 12 SSL/TLS (Secure Sockets Layer / Transport Layer Security) CIS CIS 5357 Network Security.
TLS. 14.1 Introduction 14.2 TLS Record Protocol 14.3 TLS Handshake Protocol 14.4 Summary.

TLS Introduction 14.2 TLS Record Protocol 14.3 TLS Handshake Protocol 14.4 Summary.
Cryptography and Network Security

Cryptography and Network Security
Secure Socket Layer.

Secure Socket Layer.
SSL CS772 Fall 2011. Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.

SSL CS772 Fall Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.
Working Connection Computer and Network Security - SSL, IPsec, Firewalls – (Chapter 17, 18, 19, and 23)

Working Connection Computer and Network Security - SSL, IPsec, Firewalls – (Chapter 17, 18, 19, and 23)
An Introduction to Secure Sockets Layer (SSL). Overview Types of encryption SSL History Design Goals Protocol Problems Competing Technologies.

An Introduction to Secure Sockets Layer (SSL). Overview Types of encryption SSL History Design Goals Protocol Problems Competing Technologies.
CMSC 414 Computer and Network Security Lecture 26 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 26 Jonathan Katz.
Module 5: TLS and SSL 1. Overview Transport Layer Security Overview Secure Socket Layer Overview SSL Termination SSL in the Hosted Environment Load Balanced.

Module 5: TLS and SSL 1. Overview Transport Layer Security Overview Secure Socket Layer Overview SSL Termination SSL in the Hosted Environment Load Balanced.
Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.

Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.
BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.

BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.
CS470, A.SelcukReal-Time Communication Issues1 Real-Time Communication Security IPsec & SSL Issues CS 470 Introduction to Applied Cryptography Instructor:

CS470, A.SelcukReal-Time Communication Issues1 Real-Time Communication Security IPsec & SSL Issues CS 470 Introduction to Applied Cryptography Instructor:
Cryptography and Network Security Chapter 17

Cryptography and Network Security Chapter 17
WEB SECURITY. WEB ATTACK TYPES Buffer OverflowsXML InjectionsSession Hijacking Attacks WEB Attack Types.

WEB SECURITY. WEB ATTACK TYPES Buffer OverflowsXML InjectionsSession Hijacking Attacks WEB Attack Types.
Apr 22, 2003Mårten Trolin1 Agenda Course high-lights – Symmetric and asymmetric cryptography – Digital signatures and MACs – Certificates – Protocols Interactive.

Apr 22, 2003Mårten Trolin1 Agenda Course high-lights – Symmetric and asymmetric cryptography – Digital signatures and MACs – Certificates – Protocols Interactive.
IEEE 802.11 Wireless Local Area Networks (WLAN’s).

IEEE Wireless Local Area Networks (WLAN’s).
May 21, 2002Mårten Trolin1 Agenda Course high-lights – Symmetric and asymmetric cryptography – Digital signatures and MACs – Certificates – Protocols Interactive.

May 21, 2002Mårten Trolin1 Agenda Course high-lights – Symmetric and asymmetric cryptography – Digital signatures and MACs – Certificates – Protocols Interactive.
Chapter 8 Web Security.

Chapter 8 Web Security.
Seguridad en Sistemas de Información Francisco Rodríguez Henríquez SSL/TLS: An Introduction.

Seguridad en Sistemas de Información Francisco Rodríguez Henríquez SSL/TLS: An Introduction.

Similar presentations

Ads by Google