Communication Security for Applications



Similar documents
Web Security Considerations

Communication Systems SSL

Communication Systems 16 th lecture. Chair of Communication Systems Department of Applied Sciences University of Freiburg 2009

How To Understand And Understand The Ssl Protocol ( And Its Security Features (Protocol)

CSC 474 Information Systems Security

CSC Network Security

Overview of SSL. Outline. CSC/ECE 574 Computer and Network Security. Reminder: What Layer? Protocols. SSL Architecture

Announcement. Final exam: Wed, June 9, 9:30-11:18 Scope: materials after RSA (but you need to know RSA) Open books, open notes. Calculators allowed.

Chapter 17. Transport-Level Security

SECURE SOCKETS LAYER (SSL)

Chapter 7 Transport-Level Security

Secure Socket Layer. Security Threat Classifications

The Secure Sockets Layer (SSL)

Real-Time Communication Security: SSL/TLS. Guevara Noubir CSU610

CS 356 Lecture 27 Internet Security Protocols. Spring 2013

Cryptography and Network Security Sicurezza delle reti e dei sistemi informatici SSL/TSL

Network Security Essentials Chapter 5

SECURE SOCKETS LAYER (SSL) SECURE SOCKETS LAYER (SSL) SSL ARCHITECTURE SSL/TLS DIFFERENCES SSL ARCHITECTURE. INFS 766 Internet Security Protocols

SSL Secure Socket Layer

Network Security Part II: Standards

3.2: Transport Layer: SSL/TLS Secure Socket Layer (SSL) Transport Layer Security (TLS) Protocol

Network Security Web Security and SSL/TLS. Angelos Keromytis Columbia University

SSL/TLS. What Layer? History. SSL vs. IPsec. SSL Architecture. SSL Architecture. IT443 Network Security Administration Instructor: Bo Sheng

Outline. Transport Layer Security (TLS) Security Protocols (bmevihim132)

Managing and Securing Computer Networks. Guy Leduc. Chapter 4: Securing TCP. connections. connections. Chapter goals: security in practice:

Secure Sockets Layer

Secure Socket Layer/ Transport Layer Security (SSL/TLS)

Secure Socket Layer (SSL) and Trnasport Layer Security (TLS)

Security Engineering Part III Network Security. Security Protocols (I): SSL/TLS

Web Security (SSL) Tecniche di Sicurezza dei Sistemi 1

WEB Security & SET. Outline. Web Security Considerations. Web Security Considerations. Secure Socket Layer (SSL) and Transport Layer Security (TLS)

Security Protocols and Infrastructures. h_da, Winter Term 2011/2012

SSL Secure Socket Layer

Computer and Network Security

Transport Layer Security Protocols

Secure Sockets Layer (SSL ) / Transport Layer Security (TLS) Network Security Products S31213

Transport Level Security

Lecture 4: Transport Layer Security (secure Socket Layer)

HTTPS: Transport-Layer Security (TLS), aka Secure Sockets Layer (SSL)

Security Protocols HTTPS/ DNSSEC TLS. Internet (IPSEC) Network (802.1x) Application (HTTP,DNS) Transport (TCP/UDP) Transport (TCP/UDP) Internet (IP)

Overview of CSS SSL. SSL Cryptography Overview CHAPTER

Lecture 7: Transport Level Security SSL/TLS. Course Admin

Web Security. Mahalingam Ramkumar

Network Security [2] Plain text Encryption algorithm Public and private key pair Cipher text Decryption algorithm. See next slide

Information Security

, ) I Transport Layer Security

Security Protocols/Standards

Overview. SSL Cryptography Overview CHAPTER 1

Authenticity of Public Keys

Secure Socket Layer. Carlo U. Nicola, SGI FHNW With extracts from publications of : William Stallings.

INF3510 Information Security University of Oslo Spring Lecture 9 Communication Security. Audun Jøsang

Lab 7. Answer. Figure 1

Authentication applications Kerberos X.509 Authentication services E mail security IP security Web security

Secure Socket Layer (TLS) Carlo U. Nicola, SGI FHNW With extracts from publications of : William Stallings.

Using etoken for SSL Web Authentication. SSL V3.0 Overview

T Cryptography and Data Security

Security. Contents. S Wireless Personal, Local, Metropolitan, and Wide Area Networks 1

Secure Socket Layer (SSL) and Transport Layer Security (TLS)

Chapter 11 Security Protocols. Network Security Threats Security and Cryptography Network Security Protocols Cryptographic Algorithms

Chapter 32 Internet Security

Part III-b. Universität Klagenfurt - IWAS Multimedia Kommunikation (VK) M. Euchner; Mai Siemens AG 2001, ICN M NT

Chapter 10. Network Security

Protocol Rollback and Network Security

Outline. INF3510 Information Security. Lecture 10: Communications Security. Communication Security Analogy. Network Security Concepts

Cryptography and Network Security IPSEC

Lecture 10: Communications Security

SSL: Secure Socket Layer

7 Network Security. 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework. 7.5 Absolute Security?

Overview SSL/TLS HTTPS SSH. TLS Protocol Architecture TLS Handshake Protocol TLS Record Protocol. SSH Protocol Architecture SSH Transport Protocol

Lab Exercise SSL/TLS. Objective. Step 1: Open a Trace. Step 2: Inspect the Trace

Today s Topics SSL/TLS. Certification Authorities VPN. Server Certificates Client Certificates. Trust Registration Authorities

Einführung in SSL mit Wireshark

ISA 562 Information System Security

Software Engineering 4C03 Research Project. An Overview of Secure Transmission on the World Wide Web. Sean MacDonald

Introduction. Haroula Zouridaki Mohammed Bin Abdullah Waheed Qureshi

Bit Chat: A Peer-to-Peer Instant Messenger

, SNMP, Securing the Web: SSL

Other VPNs TLS/SSL, PPTP, L2TP. Advanced Computer Networks SS2005 Jürgen Häuselhofer

SSL A discussion of the Secure Socket Layer

Lecture 9 - Network Security TDTS (ht1)

Certificates and network security

Network Security - Secure upper layer protocols - Background. Security. Question from last lecture: What s a birthday attack? Dr.

Three attacks in SSL protocol and their solutions

APNIC elearning: IPSec Basics. Contact: esec03_v1.0

Binding Security Tokens to TLS Channels. A. Langley, Google Inc. D. Balfanz, Google Inc. A. Popov, Microsoft Corp.

SSL Protect your users, start with yourself

T Cryptography and Data Security

Internet Security. Internet Security Voice over IP. Introduction. ETSF10 Internet Protocols ETSF10 Internet Protocols 2011

Transport Layer Security (TLS)

Security. Learning Objectives. This module will help you...

EXAM questions for the course TTM Information Security May Part 1

TLS/SSL in distributed systems. Eugen Babinciuc

INTERNET SECURITY: FIREWALLS AND BEYOND. Mehernosh H. Amroli

CS 393 Network Security. Nasir Memon Polytechnic University Module 11 Secure

Network Security Protocols

ETSF10 Part 3 Lect 2

mod_ssl Cryptographic Techniques

MatrixSSL Developer s Guide

Transcription:

Communication Security for Applications Antonio Carzaniga Faculty of Informatics University of Lugano March 10, 2008 c 2008 Antonio Carzaniga 1 Intro to distributed computing: -server computing Transport-layer security Secure socket layer Outline c 2008 Antonio Carzaniga 2

Simple -server architecture: Client-Server Computing application request response server Examples: X11 (remote display) databases web... c 2008 Antonio Carzaniga 3 Anatomy of the Client-Server Architecture connection application server session application server proxy application server tunnel c 2008 Antonio Carzaniga 4

Anatomy of the Client-Server Architecture Connection: request/response Session: sequence of connections Proxy: active relay may modify parts of the protocol may redirect requests to different servers or even serve them locally (e.g., a proxy cache) Tunnel: passive relay c 2008 Antonio Carzaniga 5 We can secure different communication layers Security Across Layers PGP SMTP transport (TCP) network (IP) HTTP SSL TCP IP SMTP HTTP TCP IP/IPSec Examples: PGP application-level security SSL transport-level security IPSec network-level security c 2008 Antonio Carzaniga 6

SSL Originally developed by Netscape Corp. although the main ideas had been around for a while Version 3 designed with public review/input, published as an Internet draft IETF working group: transport layer security (TSL) c 2008 Antonio Carzaniga 7 SSL is made of two layers of protocols SSL Architecture SSL handshake protocol SSL change SSL cipher spec alert HTTP protocol protocol SSL Record Protocol TCP IP c 2008 Antonio Carzaniga 8

SSL Record Protocol Provides basic security services to higher-level protocols Connections transient peer-to-peer relationships every connection is associated with a session Session association between a and a server may span multiple connections created by the Handshake Protocol define a set of cryptographic security parameters c 2008 Antonio Carzaniga 9 Session Parameters Session identifier an arbitrary sequence chosen by the server Peer certificate an X509.v3 certificate of the peer (may be null) Compression method algorithm used to compress data before encryption Cipher spec bulk encryption algorithm (e.g., DES, AES, etc., or null) Master secret 48-byte secret shared between and server Is resumable flag indicating whether this session can be used to initiate new connections c 2008 Antonio Carzaniga 10

Connection Parameters Server and random byte sequences chosen by server and Server write MAC secret secret key used to verify MACs for data sent by the server Client write MAC secret secret key used to verify MACs for data sent by the Server write key key for conventional (bulk) encryption of data sent by the server Client write key key for conventional (bulk) encryption of data sent by the Initialization vector init vector for CBC data encryption mode. Initialized by the Handshake Protocol Sequence number 64 bit record (block) identifier c 2008 Antonio Carzaniga 11 SSL Record Protocol higher level data <16Kb 0000 1111 0000 1111 0000 111100 0000 111100 0000 111100 MAC 00000 11111 00000 11111 00000 11111 00000 11111 00000 11111 fragmentation compression add MAC encryption SSL Record header Confidentiality shared key used for conventional encryption Integrity shared key used for MACs c 2008 Antonio Carzaniga 12

SSL Record Header 0000 1111 0000 1111 0000 1111 content major minor compressed type version version length c 2008 Antonio Carzaniga 13 SSL Handshake Protocol Run before any application data is transmitted Provides mutual authentication Establishes secret encryption keys Establishes secret MAC keys c 2008 Antonio Carzaniga 14

SSL Handshake Protocol _hello server_hello server phase 1 certificate server_key_exchange certificate_request phase 2 server_hello_done certificate _key_exchange certificate_verify phase 3 change_cipher_spec finished change_cipher_spec phase 4 finished c 2008 Antonio Carzaniga 15 SSL Handshake Protocol: Phase 1 Phase 1 initiates protocol and establishes security capabilities. The sends a hello message with the following parameters: version: highest SSL version understood by random 32-bit timestamp and 28 bytes generated by a secure random number generator (these values are nonces used during key exchange) session id variable-length identifier: 0 means that s wants to initiate a new session; = 0 means that wants to update parameters of existing connection... c 2008 Antonio Carzaniga 16

SSL Handshake Protocol: Phase 1... continued cipher suite list of combinations of crypto algorithms supported by, in decreasing order of preference: key exchange methods (e.g., RSA, fixed Diffie-Hellman, anonymous Diffie-Hellman, etc.) bulk encryption and MAC specification, including specifications for cipher algorithm (3DES, IDEA, etc.), MAC algorithm (MD5 or SHA1), cipher type, is-exportable, hash size (bytes: 0, 16 for MD5, or 20 for SHA1), init vector. compression methods list of compression algorithms supported by Server replies with a server hello message with the same parameters. c 2008 Antonio Carzaniga 17 SSL Handshake Protocol: Phase 2 Phase 2 performs server authentication and key exchange: Server sends a certificate message containing a chain of X.509 certificates (optional, not necessary for anonymous Diffie-Hellman) server sends a server key exchange message. Not necessary for fixed Diffie-Hellman or RSA key exchange. A non anonymous server sends a certificate request message, specifying the signature schema as well as a list of accepted certification authorities Server sends a server done message to close up this phase c 2008 Antonio Carzaniga 18

SSL Handshake Protocol: Phase 3 Phase 3 performs authentication and key exchange: sends a certificate message, if server asked sends a key exchange message sends certificate verify message c 2008 Antonio Carzaniga 19 Phase 3 wraps up. SSL Handshake Protocol: Phase 4 Client sends a change cipher spec message Client sends a finished message to verify that the key-exchange and authentication process was successful server sends a change cipher spec message server sends a finished message Finished message are essentially hashes of the secret keys and of the whole handshake protocol (excluding this message, of course) c 2008 Antonio Carzaniga 20

The first step is to set up keys and certificates SSL in Practice: Setup Creating your own certification authority Creating a key pair and a certification request Creating certificate: signing c 2008 Antonio Carzaniga 21

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information