Secure Socket Layer/ Transport Layer Security (SSL/TLS)

Similar documents

Network Security Essentials Chapter 5

Communication Systems SSL

Transport Layer Security Protocols

Web Security Considerations

Communication Systems 16 th lecture. Chair of Communication Systems Department of Applied Sciences University of Freiburg 2009

Real-Time Communication Security: SSL/TLS. Guevara Noubir CSU610

Chapter 7 Transport-Level Security

3.2: Transport Layer: SSL/TLS Secure Socket Layer (SSL) Transport Layer Security (TLS) Protocol

Transport Level Security

The Secure Sockets Layer (SSL)

Chapter 17. Transport-Level Security

Network Security Part II: Standards

Security Engineering Part III Network Security. Security Protocols (I): SSL/TLS

Secure Socket Layer (SSL) and Transport Layer Security (TLS)

How To Understand And Understand The Ssl Protocol ( And Its Security Features (Protocol)

Web Security. Introduction: Understand applicable laws, legal issues and ethical issues regarding computer crime

Cryptography and Network Security Sicurezza delle reti e dei sistemi informatici SSL/TSL

Security Protocols/Standards

CSC Network Security

Announcement. Final exam: Wed, June 9, 9:30-11:18 Scope: materials after RSA (but you need to know RSA) Open books, open notes. Calculators allowed.

CSC 474 Information Systems Security

Secure Socket Layer (SSL) and Trnasport Layer Security (TLS)

Security Protocols HTTPS/ DNSSEC TLS. Internet (IPSEC) Network (802.1x) Application (HTTP,DNS) Transport (TCP/UDP) Transport (TCP/UDP) Internet (IP)

Communication Security for Applications

Managing and Securing Computer Networks. Guy Leduc. Chapter 4: Securing TCP. connections. connections. Chapter goals: security in practice:

Authentication applications Kerberos X.509 Authentication services E mail security IP security Web security

Network Security - Secure upper layer protocols - Background. Security. Question from last lecture: What s a birthday attack? Dr.

SECURE SOCKETS LAYER (SSL) SECURE SOCKETS LAYER (SSL) SSL ARCHITECTURE SSL/TLS DIFFERENCES SSL ARCHITECTURE. INFS 766 Internet Security Protocols

INF3510 Information Security University of Oslo Spring Lecture 9 Communication Security. Audun Jøsang

Secure Socket Layer. Security Threat Classifications

SECURE SOCKETS LAYER (SSL)

Secure Sockets Layer

Web Security (SSL) Tecniche di Sicurezza dei Sistemi 1

Secure Socket Layer. Carlo U. Nicola, SGI FHNW With extracts from publications of : William Stallings.

Overview of SSL. Outline. CSC/ECE 574 Computer and Network Security. Reminder: What Layer? Protocols. SSL Architecture

WEB Security & SET. Outline. Web Security Considerations. Web Security Considerations. Secure Socket Layer (SSL) and Transport Layer Security (TLS)

Web Security. Mahalingam Ramkumar

HTTPS: Transport-Layer Security (TLS), aka Secure Sockets Layer (SSL)

, SNMP, Securing the Web: SSL

Overview SSL/TLS HTTPS SSH. TLS Protocol Architecture TLS Handshake Protocol TLS Record Protocol. SSH Protocol Architecture SSH Transport Protocol

Other VPNs TLS/SSL, PPTP, L2TP. Advanced Computer Networks SS2005 Jürgen Häuselhofer

Secure Sockets Layer (SSL ) / Transport Layer Security (TLS) Network Security Products S31213

Secure Socket Layer. Introduction Overview of SSL What SSL is Useful For

T Cryptography and Data Security

Security. Contents. S Wireless Personal, Local, Metropolitan, and Wide Area Networks 1

Einführung in SSL mit Wireshark

Lecture 7: Transport Level Security SSL/TLS. Course Admin

SSL Secure Socket Layer

Outline. Transport Layer Security (TLS) Security Protocols (bmevihim132)

Outline. INF3510 Information Security. Lecture 10: Communications Security. Communication Security Analogy. Network Security Concepts

Lecture 10: Communications Security

mod_ssl Cryptographic Techniques

SSL A discussion of the Secure Socket Layer

Secure Socket Layer (TLS) Carlo U. Nicola, SGI FHNW With extracts from publications of : William Stallings.

ms-help://ms.technet.2005mar.1033/winnetsv/tnoffline/prodtechnol/winnetsv/plan/ssl...

SSL/TLS. What Layer? History. SSL vs. IPsec. SSL Architecture. SSL Architecture. IT443 Network Security Administration Instructor: Bo Sheng

Using etoken for SSL Web Authentication. SSL V3.0 Overview

Security Protocols and Infrastructures. h_da, Winter Term 2011/2012

CS 356 Lecture 27 Internet Security Protocols. Spring 2013

Network Security Web Security and SSL/TLS. Angelos Keromytis Columbia University

Part III-b. Universität Klagenfurt - IWAS Multimedia Kommunikation (VK) M. Euchner; Mai Siemens AG 2001, ICN M NT

SSL Secure Socket Layer

SSL: Secure Socket Layer

Lecture 4: Transport Layer Security (secure Socket Layer)

, ) I Transport Layer Security

Cryptography and Network Security IPSEC

ERserver. iseries. Securing applications with SSL

Information Security

SSL Handshake Analysis

Three attacks in SSL protocol and their solutions

ENHANCED SECURITY IN SECURE SOCKET LAYER 3.0 SPECIFICATION

SSL/TLS: The Ugly Truth

Introduction. Haroula Zouridaki Mohammed Bin Abdullah Waheed Qureshi

ERserver. iseries. Secure Sockets Layer (SSL)

TLS and SRTP for Skype Connect. Technical Datasheet

Web Security: Encryption & Authentication

T Cryptography and Data Security

Overview. SSL Cryptography Overview CHAPTER 1

CS549: Cryptography and Network Security

Software Engineering 4C03 Research Project. An Overview of Secure Transmission on the World Wide Web. Sean MacDonald

Learning Network Security with SSL The OpenSSL Way

Authenticity of Public Keys

Spirent Abacus. SIP over TLS Test 编号版本修改时间说明

POODLE. Yoshiaki Kasahara Kyushu University 2015/3/3 APAN 39th in Fukuoka 1

TLS/SSL in distributed systems. Eugen Babinciuc

Chapter 51 Secure Sockets Layer (SSL)

Network Security [2] Plain text Encryption algorithm Public and private key pair Cipher text Decryption algorithm. See next slide

Lab Exercise SSL/TLS. Objective. Step 1: Open a Trace. Step 2: Inspect the Trace

ISA 562 Information System Security

Chapter 34 Secure Sockets Layer (SSL)

SSL and TLS. An Overview of A Secure Communications Protocol. Simon Horman aka Horms. horms@valinux.co.jp horms@verge.net.au horms@debian.

Managing SSL certificates in the ServerView Suite

As enterprises conduct more and more

Chapter 27 Secure Sockets Layer (SSL)

SECURE INTERNET ACCESSIBLE MATHEMATICAL COMPUTATION FRAMEWORK

Savitribai Phule Pune University

Protocol Rollback and Network Security

Using BroadSAFE TM Technology 07/18/05

Computer and Network Security

7 Network Security. 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework. 7.5 Absolute Security?

Transcription:

Secure Socket Layer/ Transport Layer Security (SSL/TLS) David Sánchez Universitat Pompeu Fabra

World Wide Web (www) Client/server services running over the Internet or TCP/IP Intranets nets widely used by business, government, individuals http://news.netcraft netcraft.com/archives/2003/04/09/.com/archives/2003/04/09/netcraft_ssl_survey.html Internet & Web are vulnerable

Some Web Threats

Web Security Approaches

TLS Client/Server Model

SSL Introduction transport layer security service originally developed by Netscape SSLvn 3 designed with public review and industry input subsequently became Internet standard known as TLS

SSL Goals Cryptographic security Interoperability Extensibility Relative efficiency

SSL Security Services Server authentication Client authentication or anonymous (for anonymous servers) Data integrity Data confidentiality

SSL Protocol Stack

SSL Key Concepts SSL session an association between client & server created by the Handshake Protocol define a set of cryptographic parameters may be shared by multiple SSL connections SSL connection a transient, peer-to to-peer, communications link associated with 1 SSL session

Session Parameters Session identifier Peer certificate Compression method Cipher spec Master secret Is resumable

Connection Parameters Server and client random Server write MAC secret Client write MAC secret Server write key Client write key Initialization vectors Sequence numbers

Keying Material Client/server PU certificate, PR Pre-master secret S Master secret K Connection IV s, MAC key and encryption keys

SSL Record Protocol Services message integrity using a MAC with shared secret key similar to HMAC but with different padding confidentiality using symmetric encryption with a shared secret key defined by Handshake Protocol AES, IDEA, RC2-40, DES-40, DES, 3DES, Fortezza,, RC4-40, 40, RC4-128 message is compressed before encryption

SSL Record Protocol Operation

SSL Handshake Protocol allows server & client to: authenticate each other to negotiate encryption & MAC algorithms to negotiate cryptographic keys to be used comprises a series of messages in 4 phases 1. Establish Security Capabilities 2. Server Authentication and Key Exchange 3. Client Authentication and Key Exchange 4. Finish

SSL Handshake Protocol

SSL Change Cipher Spec Protocol a single message updates the cipher suite to be used for a connection after the handshake protocol

SSL Alert Protocol conveys SSL-related alerts to peer entity Severity Fatal Warning Specific alerts Fatal: unexpected message, bad record mac, decompression failure, handshake failure, illegal parameter Warning: close notify, no certificate, bad certificate, unsupported certificate, certificate revoked, certificate expired, certificate unknown compressed & encrypted like all SSL data

TLS TLS 1.0 IETF standard RFC 2246 similar to SSLv3 record format version number uses HMAC for MAC a pseudo-random function expands secrets additional alert codes some changes in supported ciphers changes in certificate types & negotiations changes in crypto computations & padding TLS 1.1 RFC 4346 (April 2006)