Presentation is loading. Please wait.

Presentation is loading. Please wait.

Secure Sockets Layer (SSL) Protocol by Steven Giovenco.

Similar presentations


Presentation on theme: "Secure Sockets Layer (SSL) Protocol by Steven Giovenco."— Presentation transcript:

1 Secure Sockets Layer (SSL) Protocol by Steven Giovenco

2 Overview History History SSL SSL SSL Roles SSL Roles Protocol Stack Protocol Stack The 4 Protocols The 4 Protocols The Record Layer The Record Layer Message Authentication Code Message Authentication Code Handshaking ChangeCipherSpec Protocol More Handshaking Alert and Application Protocols Benefits and Drawbacks

3 History Need for secure web communication Need for secure web communication Netscape Netscape Worried especially about credit card transaction over the web Worried especially about credit card transaction over the web Also worried about ease of implementation since they wanted this to be industry-standard, not proprietary Also worried about ease of implementation since they wanted this to be industry-standard, not proprietary SSLv1 - 1994 SSLv1 - 1994

4 SSLv2 SSLv2 also released in 1994 SSLv2 also released in 1994 SSLv1 wasn’t widely implemented SSLv1 wasn’t widely implemented Rules for establishing secure connection Rules for establishing secure connection Rules for public key encryption Rules for public key encryption Optional certificate-based authentication for servers and even clients Optional certificate-based authentication for servers and even clients Flexible Flexible No specifically required encryption, compression, or key generation algorithm No specifically required encryption, compression, or key generation algorithm

5 SSL Roles Two roles Two roles Client Client Initiates communication, lists possibilities for choices Initiates communication, lists possibilities for choices Server Server Listens for client connections, chooses from possibilities sent from clients Listens for client connections, chooses from possibilities sent from clients Both roles simply add Secure Sockets Layer to protocol stack Both roles simply add Secure Sockets Layer to protocol stack

6 SSL and the Protocol Stack SSL between Transmission Control Protocol (TCP) layer and Application layer SSL between Transmission Control Protocol (TCP) layer and Application layer Actually 2 layers Actually 2 layers Record Record Secure Application Secure Application Can run under any protocol that relies on TCP, including HTTP, LDAP, POP3, FTP Can run under any protocol that relies on TCP, including HTTP, LDAP, POP3, FTP

7 The Four Upper Layer Protocols Handshaking Protocol Handshaking Protocol Establish communication variables Establish communication variables ChangeCipherSpec Protocol ChangeCipherSpec Protocol Alert to a change in communication variables Alert to a change in communication variables Alert Protocol Alert Protocol Messages important to SSL connections Messages important to SSL connections Application Encryption Protocol Application Encryption Protocol Encrypt/Decrypt application data Encrypt/Decrypt application data

8 Record Layer Frames and encrypts upper level data into one protocol for transport through TCP Frames and encrypts upper level data into one protocol for transport through TCP 5 byte frame 5 byte frame 1 st byte protocol indicator 1 st byte protocol indicator 2 nd byte is major version of SSL 2 nd byte is major version of SSL 3 rd byte is minor version of SSL 3 rd byte is minor version of SSL Last two bytes indicate length of data inside frame, up to 2 14 Last two bytes indicate length of data inside frame, up to 2 14 Message Authentication Code (MAC) Message Authentication Code (MAC)

9 Message Authentication Code MAC secures connection in two ways MAC secures connection in two ways Ensure Client and Server are using same encryption and compression methods Ensure Client and Server are using same encryption and compression methods Ensure messages sent were received without error or interference Ensure messages sent were received without error or interference Both sides compute MACs to match them Both sides compute MACs to match them No match = error or attack No match = error or attack

10 Handshaking Messages ClientHello ClientHello ServerHello ServerHello *Certificate *Certificate ServerKeyExchange ServerKeyExchange *CertificateRequest *CertificateRequest ServerHelloDone ServerHelloDone *Certificate *Certificate *CertificateVerify *CertificateVerify ClientKeyExchange ClientKeyExchange ChangeCipherSpec ChangeCipherSpec Finished Finished *=optional

11 The Process Begins Client Sends ClientHello Client Sends ClientHello Highest SSL version supported Highest SSL version supported 32-byte random number 32-byte random number SessionID SessionID List of supported encryption methods List of supported encryption methods List of supported compression methods List of supported compression methods

12 The Server Responds Server Sends ServerHello Server Sends ServerHello SSL version that will be used SSL version that will be used 32-byte random number 32-byte random number SessionID SessionID Encryption method that will be used Encryption method that will be used Compression method that will be used Compression method that will be used

13 Server Authentication To authenticate Server, Server sends Certificate To authenticate Server, Server sends Certificate Server’s public key certificate Server’s public key certificate Issuing authority’s root certificate Issuing authority’s root certificate When Client receives Certificate, it decides whether or not to trust Server When Client receives Certificate, it decides whether or not to trust Server This is the only step that might involve User if User never specified whether or not to trust issuing authority before This is the only step that might involve User if User never specified whether or not to trust issuing authority before

14 Still Shaking Hands Server Sends ServerKeyExchange Server Sends ServerKeyExchange Any information necessary for public key encryption system Any information necessary for public key encryption system If Sever wishes Client to be authenticated, Server sends CertificateRequest message If Sever wishes Client to be authenticated, Server sends CertificateRequest message The client would respond to this with a Certificate message encrypted with Server’s public key The client would respond to this with a Certificate message encrypted with Server’s public key Server sends ServerHelloDone Server sends ServerHelloDone

15 Client Responds Client sends ClientKeyExchange Client sends ClientKeyExchange Information necessary for public key encryption system Information necessary for public key encryption system Encrypted with Server’s public key Encrypted with Server’s public key Compute secret keys using Key Derivation Function such as Diffie-Hellman Compute secret keys using Key Derivation Function such as Diffie-Hellman If Client is being authenticated, Client sends CertificateVerify If Client is being authenticated, Client sends CertificateVerify Digest of previous messages encrypted with Client’s private key Digest of previous messages encrypted with Client’s private key

16 ChangeCipherSpec Protocol Special protocol with only one message Special protocol with only one message When Client processes encryption information, it sends ChangeCipherSpec message When Client processes encryption information, it sends ChangeCipherSpec message Signals all following messages will be encrypted Signals all following messages will be encrypted ChangeCipherSpec is always followed by Finished message ChangeCipherSpec is always followed by Finished message

17 The End of the Beginning Upon receipt of ChangeCipherSpec, Server sends its own ChangeCipherSpec and Finished messages Upon receipt of ChangeCipherSpec, Server sends its own ChangeCipherSpec and Finished messages After both Client and Server receive Finish messages, Handshaking phase is over After both Client and Server receive Finish messages, Handshaking phase is over All following communication is encrypted All following communication is encrypted Encryption and compression methods can be changed with new ChangeCipherSpec messages Encryption and compression methods can be changed with new ChangeCipherSpec messages

18 Alert and Application Protocols Alert protocol always two byte message Alert protocol always two byte message First byte indicates severity of message First byte indicates severity of message Warning or Fatal Warning or Fatal A Fatal alert will terminate the connection A Fatal alert will terminate the connection Second byte indicate preset error code Second byte indicate preset error code Secure connection end alert not always used Secure connection end alert not always used Application Protocol is HTTP, POP3, SMTP, or whatever application is being used Application Protocol is HTTP, POP3, SMTP, or whatever application is being used Simply give a datagram to the Record Layer Simply give a datagram to the Record Layer

19 Benefits Ease of implementation Ease of implementation For network application developers For network application developers As easy as implementing unsecured Sockets As easy as implementing unsecured Sockets For network implementation developers For network implementation developers Simply add layer to established network protocol stack Simply add layer to established network protocol stack For Users For Users Only need to authorize certificates Only need to authorize certificates

20 Drawbacks More bandwidth needed More bandwidth needed Slower Slower Needs a dedicated port – 443 for HTTPS Needs a dedicated port – 443 for HTTPS Assumes reliable transport for underlying transport protocol Assumes reliable transport for underlying transport protocol No UDP No UDP Implications for streaming media, VoIP Implications for streaming media, VoIP

21 Summary Need for secure communication Need for secure communication Netscape issues SSL spec Netscape issues SSL spec The 4 SSL protocols The 4 SSL protocols Message Authentication Code Message Authentication Code Handshaking Handshaking Alert and Application messages Alert and Application messages Benefits and Drawbacks Benefits and Drawbacks

22 References Rescorla, Eric. SSL and TLS. Boston: Addison-Wesley, 2001 Rescorla, Eric. SSL and TLS. Boston: Addison-Wesley, 2001 “Secure Sockets Layer.” Netscape Network. 2004. Netscape Communications Corporation. 2 Nov 2004 “Secure Sockets Layer.” Netscape Network. 2004. Netscape Communications Corporation. 2 Nov 2004 “Secure Socket Layer.” WindowSecurity.com. 22 July 2004. WindowSecurity.com. 2 Nov 2004 “Secure Socket Layer.” WindowSecurity.com. 22 July 2004. WindowSecurity.com. 2 Nov 2004 Thomas, Stephen A. SSL and TLS Essentials. New York: Wiley Computer Publishing, 2000 Thomas, Stephen A. SSL and TLS Essentials. New York: Wiley Computer Publishing, 2000 “Transport Layer Security.” Wikipedia the Free Encyclopedia. 1 Nov 2004. Wikipedia. 2 Nov 2004 “Transport Layer Security.” Wikipedia the Free Encyclopedia. 1 Nov 2004. Wikipedia. 2 Nov 2004


Download ppt "Secure Sockets Layer (SSL) Protocol by Steven Giovenco."

Similar presentations


Ads by Google