Lab Exercise SSL/TLS. Objective. Step 1: Open a Trace. Step 2: Inspect the Trace

Similar documents
Lab Exercise SSL/TLS. Objective. Requirements. Step 1: Capture a Trace

The Secure Sockets Layer (SSL)

3.2: Transport Layer: SSL/TLS Secure Socket Layer (SSL) Transport Layer Security (TLS) Protocol

Chapter 17. Transport-Level Security

Web Security Considerations

Lecture 7: Transport Level Security SSL/TLS. Course Admin

TLS and SRTP for Skype Connect. Technical Datasheet

Chapter 7 Transport-Level Security

Secure Sockets Layer (SSL ) / Transport Layer Security (TLS) Network Security Products S31213

Overview of SSL. Outline. CSC/ECE 574 Computer and Network Security. Reminder: What Layer? Protocols. SSL Architecture

Transport Layer Security Protocols

Einführung in SSL mit Wireshark

Secure Socket Layer (SSL) and Trnasport Layer Security (TLS)

Network Security Essentials Chapter 5

CSC Network Security

CSC 474 Information Systems Security

Lab 7. Answer. Figure 1

SSL/TLS. What Layer? History. SSL vs. IPsec. SSL Architecture. SSL Architecture. IT443 Network Security Administration Instructor: Bo Sheng

WEB Security & SET. Outline. Web Security Considerations. Web Security Considerations. Secure Socket Layer (SSL) and Transport Layer Security (TLS)

TLS/SSL in distributed systems. Eugen Babinciuc

DNS (Domain Name System) is the system & protocol that translates domain names to IP addresses.

Communication Security for Applications

Web Security (SSL) Tecniche di Sicurezza dei Sistemi 1

INF3510 Information Security University of Oslo Spring Lecture 9 Communication Security. Audun Jøsang

SECURE SOCKETS LAYER (SSL) SECURE SOCKETS LAYER (SSL) SSL ARCHITECTURE SSL/TLS DIFFERENCES SSL ARCHITECTURE. INFS 766 Internet Security Protocols

Network Configuration Settings

Security Engineering Part III Network Security. Security Protocols (I): SSL/TLS

, SNMP, Securing the Web: SSL

Transport Level Security

HW/Lab 3: SSL/TLS. CS 336/536: Computer Network Security DUE 11am on Nov 16 (Monday)

SSL Handshake Analysis

DMZ Network Visibility with Wireshark June 15, 2010

Solution of Exercise Sheet 5

Security Protocols HTTPS/ DNSSEC TLS. Internet (IPSEC) Network (802.1x) Application (HTTP,DNS) Transport (TCP/UDP) Transport (TCP/UDP) Internet (IP)

Web Security: Encryption & Authentication

Announcement. Final exam: Wed, June 9, 9:30-11:18 Scope: materials after RSA (but you need to know RSA) Open books, open notes. Calculators allowed.

Internet Security. Internet Security Voice over IP. Introduction. ETSF10 Internet Protocols ETSF10 Internet Protocols 2011

Network Security [2] Plain text Encryption algorithm Public and private key pair Cipher text Decryption algorithm. See next slide

Security Protocols/Standards

Instructions on TLS/SSL Certificates on Yealink Phones

SECURE SOCKETS LAYER (SSL)

Topics in Network Security

SSL DOES NOT MEAN SOL What if you don t have the server keys?

Using etoken for SSL Web Authentication. SSL V3.0 Overview

Network Security Web Security and SSL/TLS. Angelos Keromytis Columbia University

Internet Privacy Options

EINTE LAB EXERCISES LAB EXERCISE #5 - SIP PROTOCOL

Communication Systems 16 th lecture. Chair of Communication Systems Department of Applied Sciences University of Freiburg 2009

CS 3251: Computer Networking 1 Security Protocols I

Managing and Securing Computer Networks. Guy Leduc. Chapter 4: Securing TCP. connections. connections. Chapter goals: security in practice:

SSL EXPLAINED SSL EXPLAINED

How To Understand And Understand The Ssl Protocol ( And Its Security Features (Protocol)

TCP Packet Tracing Part 1

Computer Networking LAB 2 HTTP

Whitepaper : Using Unsniff Network Analyzer to analyze SSL / TLS

Three attacks in SSL protocol and their solutions

Network Security Part II: Standards

Communication Systems SSL

Setting Up SSL on IIS6 for MEGA Advisor

CS 356 Lecture 27 Internet Security Protocols. Spring 2013

As enterprises conduct more and more

Early Recognition of Encrypted Applications

Cornerstones of Security

Decryption. Palo Alto Networks. PAN-OS Administrator s Guide Version 6.0. Copyright Palo Alto Networks

Lab Exercise Objective. Requirements. Step 1: Fetch a Trace

, ) I Transport Layer Security

Overview. Securing TCP/IP. Introduction to TCP/IP (cont d) Introduction to TCP/IP

Secure Transfers. Contents. SSL-Based Services: HTTPS and FTPS 2. Generating A Certificate 2. Creating A Self-Signed Certificate 3

Virtual Private Networks

Network-Enabled Devices, AOS v.5.x.x. Content and Purpose of This Guide...1 User Management...2 Types of user accounts2

HTTPS Inspection with Cisco CWS

Outline. Transport Layer Security (TLS) Security Protocols (bmevihim132)

Security. Contents. S Wireless Personal, Local, Metropolitan, and Wide Area Networks 1

ENABLING RPC OVER HTTPS CONNECTIONS TO M-FILES SERVER

Other VPNs TLS/SSL, PPTP, L2TP. Advanced Computer Networks SS2005 Jürgen Häuselhofer

Cleaning Encrypted Traffic

How to configure SSL proxying in Zorp 3 F5

Secure Socket Layer/ Transport Layer Security (SSL/TLS)

Overview SSL/TLS HTTPS SSH. TLS Protocol Architecture TLS Handshake Protocol TLS Record Protocol. SSH Protocol Architecture SSH Transport Protocol

Web Security. Mahalingam Ramkumar

Enabling Security Features in Firmware DGW v2.0 June 22, 2011

How the Great Firewall discovers hidden circumvention servers. Roya Ensafi David Fifield Philipp Winter Nick Weaver Nick Feamster Vern Paxson

Computer Networks. Secure Systems

Oracle Discoverer 4i Plus Firewall and SSL Tips. An Oracle White Paper February 2002

Lab Module 3 Network Protocol Analysis with Wireshark

ProxyCap Help. Table of contents. Configuring ProxyCap Proxy Labs

Part III-b. Universität Klagenfurt - IWAS Multimedia Kommunikation (VK) M. Euchner; Mai Siemens AG 2001, ICN M NT

Dynamic DNS How-To Guide

Session Hijacking Exploiting TCP, UDP and HTTP Sessions

Implementing Secure Sockets Layer on iseries

Apache Security with SSL Using Linux

Single Pass Load Balancing with Session Persistence in IPv6 Network. C. J. (Charlie) Liu Network Operations Charter Communications

Spirent Abacus. SIP over TLS Test 编 号 版 本 修 改 时 间 说 明

Application Detection

Websense Content Gateway HTTPS Configuration

ISM/ISC Middleware Module

Websense Web Security Gateway: What to do when a Web site does not load as expected

Snoopy. Objective: Equipment Needed. Background. Procedure. Due Date: Nov 1 Points: 25 Points

SSL/TLS: The Ugly Truth

Transcription:

Lab Exercise SSL/TLS Objective To observe SSL/TLS (Secure Sockets Layer / Transport Layer Security) in action. SSL/TLS is used to secure TCP connections, and it is widely used as part of the secure web: HTTPS is SSL over HTTP. Step 1: Open a Trace Proceed as follows to capture a trace of SSL traffic; alternatively, you may use a supplied trace. The easiest way for us to produce SSL traffic is to fetch web pages with HTTPS. Any URL with HTTPS will do, e.g., https://www.google.com. 1. Close all unnecessary browser tabs and windows. 2. Launch Wireshark and start a capture with a filter of tcp port 443. We use this filter because there is no shorthand for SSL, but is normally carried on port 443 in case of secure pages. 3. Open Wireshark trace http://scisweb.ulster.ac.uk/~kevin/com320/labs/wireshark/trace-ssl.pcap Step 2: Inspect the Trace Now we are ready to look at the details of some SSL messages. To begin, enter and apply a display filter of ssl. This filter will help to simplify the display by showing only SSL and TLS messages. It will exclude other TCP segments that are part of the trace, such as Acks and connection open/close. Figure 3: Trace of SSL traffic showing the details of the SSL header 1

Select a TLS message somewhere in the middle of your trace for which the Info reads Application Data, and expand its Secure Sockets Layer block (by using the + expander or icon). Application Data is a generic TLS message carrying contents for the application, such as the web page. It is a good place for us to start looking at TLS messages. Look for the following protocol blocks and fields in the message: The lower layer protocol blocks are TCP and IP because SSL runs on top of TCP/IP. The SSL layer contains a TLS Record Layer. This is the foundational sublayer for TLS. All messages contain records. Expand this block to see its details. Each record starts with a Content Type field. This tells us what is in the contents of the record. Then comes a Version identifier. It will be a constant value for the SSL connection. It is followed by a Length field giving the length of the record. Last comes the contents of the record. Application Data records are sent after SSL has secured the connection, so the contents will show up as encrypted data. To see within this block, we could configure Wireshark with the decryption key. This is possible, but outside of our scope. Note that, unlike other protocols we will see such as DNS, there may be multiple records in a single message. Each record will show up as its own block. Look at the Info column, and you will see messages with more than one block. Questions (Answers are below) Answer the following questions to show your understanding of SSL records: 1. What is the Content-Type for a record containing Application Data? 2. What version constant is used in your trace, and which version of TLS does it represent? 3. Does the Length cover the Record Layer header as well as payload, or only the payload? Answers 1. A Content-Type value of 23 indicates Application Data. 2. For our trace, the version constant 0x0301 represents TLS 1.0 3. The Length covers only the payload of the Record Layer. 2

Step 3: The SSL Handshake An important part of SSL is the initial handshake that establishes a secure connection. The handshake proceeds in several phases. There are slight differences for different versions of TLS and depending on the encryption scheme that is in use. The usual outline for a brand new connection is: a. Client (the browser) and Server (the web server) both send their Hellos b. Server sends its certificate to Client to authenticate (and optionally asks for Client Certificate) c. Client sends keying information and signals a switch to encrypted data. d. Server signals a switch to encrypted data. e. Both Client and Server send encrypted data. f. An Alert is used to tell the other party that the connection is closing. Note that there is also a mechanism to resume sessions for repeat connections between the same client and server to skip most of steps b and c. However, we will not study session resumption. Hello Messages Find and inspect the details of the Client Hello and Server Hello messages, including expanding the Handshake protocol block within the TLS Record. For these initial messages, an encryption scheme is not yet established so the contents of the record are visible to us. They contain details of the secure connection setup in a Handshake protocol format. Questions Answer the following questions (answers are below). 1. How long in bytes is the random data in the Hellos? Both the Client and Server include this random data (a nonce) to allow the establishment of session keys. 2. How long in bytes is the session identifier sent by the server? This identifier allows later resumption of the session with an abbreviated handshake when both the client and server indicate the same value. In our case, the client likely sent no session ID as there was nothing to resume. 3. What Cipher method is chosen by the Server? Give its name and value. The Client will list the different cipher methods it supports, and the Server will pick one of these methods to use. Answers 1. The random data is 28 bytes long for both client and server. (It does not include the timestamp, which is not random.) 2. The session ID sent by the server is 32 bytes long. 3. For our trace, the cipher method is TLS_RSA_WITH_RC4_128_SHA (0x0005). 3

Certificate Messages Next, find and inspect the details of the Certificate message, including expanding the Handshake protocol block within the TLS Record. As with the Hellos, the contents of the Certificate message are visible because an encryption scheme is not yet established. It should come after the Hello messages. Answer the following questions: 1. Who sends the Certificate, the client, the server, or both? A certificate is sent by one party to let the other party authenticate that it is who it claims to be. Based on this usage, you should be able to guess who sends the certificate and check the messages in your trace. Answer 1. The server sends a certificate to the client, since it is the browser that wants to verify the identity of the server. It is also possible for the server to request certificates from the client, but this behavior is not normally used by web applications. A Certificate message will contain one or more certificates, as needed for one party to verify the identity of the other party from its roots of trust certificates. You can inspect those certificates in your browser. Client Key Exchange and Change Cipher Messages Find and inspect the details of the Client Key Exchange and Change Cipher messages, expanding their various details. The key exchange message is sent to pass keying information so that both sides will have the same secret session key. The change cipher message signal a switch to a new encryption scheme to the other party. This means that it is the last unencrypted message sent by the party. Answer the following questions (note, answers are on next page): 1. At the Record Layer, what Content-Type values are used to indicate each of these messages? Say whether the values are the same or different than that used for the Hello and Certificate messages. Note that this question is asking you to look at the Record Layer and not an inner Handshake Protocol. 2. Who sends the Change Cipher Spec message, the client, the server, or both? 3. What are the contents carried inside the Change Cipher Spec message? Look past the Content- Type and other headers to see the message itself. 4

Answers 1. The Client Key Exchange has a Content-Type of 22, indicating the Handshake protocol. This is the same as for the Hello and Certificate messages, as they are part of the Handshake protocol. The Change Cipher Spec message has a Content-Type of 20, indicating the Change Cipher Spec protocol. That is, this message is part of its own protocol and not the Handshake protocol. 2. Both sides send the Change Cipher Spec message immediately before they switch to sending encrypted contents. The message is an indication to the other side. 3. The contents of the Change Cipher Spec message are simply the value 1 as a single byte. Actually, it is the value 1 encrypted under the current scheme, which uses no encryption for the handshake so that we can see it. Alert Message Finally, find and inspect the details of an Alert message at the end of the trace. The Alert message is sent to signal a condition, such as notification that one party is closing the connection. You should find an Alert after the Application Data messages that make up the secure web fetch. Answer the following questions: 1. At the Record Layer, what Content-Type value is used to signal an alert? 2. Tell us whether the contents of the alert are encrypted or sent in the clear? To check this, see whether you can read the contents of the alert to see what kind of alert has been sent. Answers to Alert Message 1. The Content-Type value is 21 for Alert. This is a new protocol, different from the Handshake, Change Cipher Spec and Application Data values that we have already seen. 2. The alert is encrypted; we cannot see its contents. Wireshark also describes the message as an Encrypted Alert. Presumably is it a close_notify alert to signal that the connection is ending, but we cannot be certain. 5

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information