Security Protocols/Standards

Similar documents
Security Protocols HTTPS/ DNSSEC TLS. Internet (IPSEC) Network (802.1x) Application (HTTP,DNS) Transport (TCP/UDP) Transport (TCP/UDP) Internet (IP)

3.2: Transport Layer: SSL/TLS Secure Socket Layer (SSL) Transport Layer Security (TLS) Protocol

Secure Socket Layer/ Transport Layer Security (SSL/TLS)

Transport Layer Security Protocols

Web Security (SSL) Tecniche di Sicurezza dei Sistemi 1

Chapter 7 Transport-Level Security

Network Security Essentials Chapter 5

Real-Time Communication Security: SSL/TLS. Guevara Noubir CSU610

Communication Systems SSL

The Secure Sockets Layer (SSL)

Transport Level Security

Communication Systems 16 th lecture. Chair of Communication Systems Department of Applied Sciences University of Freiburg 2009

Web Security Considerations

Network Security Part II: Standards

Chapter 17. Transport-Level Security

Is Your SSL Website and Mobile App Really Secure?

Security. Contents. S Wireless Personal, Local, Metropolitan, and Wide Area Networks 1

Communication Security for Applications

Secure Socket Layer (SSL) and Transport Layer Security (TLS)

INF3510 Information Security University of Oslo Spring Lecture 9 Communication Security. Audun Jøsang

Secure Sockets Layer

Web Security. Mahalingam Ramkumar

Announcement. Final exam: Wed, June 9, 9:30-11:18 Scope: materials after RSA (but you need to know RSA) Open books, open notes. Calculators allowed.

TLS/SSL in distributed systems. Eugen Babinciuc

Information Security

Outline. INF3510 Information Security. Lecture 10: Communications Security. Communication Security Analogy. Network Security Concepts

Lecture 10: Communications Security

How To Understand And Understand The Ssl Protocol ( And Its Security Features (Protocol)

HTTPS: Transport-Layer Security (TLS), aka Secure Sockets Layer (SSL)

Security Engineering Part III Network Security. Security Protocols (I): SSL/TLS

Managing and Securing Computer Networks. Guy Leduc. Chapter 4: Securing TCP. connections. connections. Chapter goals: security in practice:

Network Security Web Security and SSL/TLS. Angelos Keromytis Columbia University

Lecture 7: Transport Level Security SSL/TLS. Course Admin

SSL Handshake Analysis

Outline. Transport Layer Security (TLS) Security Protocols (bmevihim132)

Secure Sockets Layer (SSL ) / Transport Layer Security (TLS) Network Security Products S31213

Secure Socket Layer (SSL) and Trnasport Layer Security (TLS)

Criteria for web application security check. Version

Network Security [2] Plain text Encryption algorithm Public and private key pair Cipher text Decryption algorithm. See next slide

Secure Socket Layer. Carlo U. Nicola, SGI FHNW With extracts from publications of : William Stallings.

Lab Exercise SSL/TLS. Objective. Step 1: Open a Trace. Step 2: Inspect the Trace

Vulnerabilità dei protocolli SSL/TLS

WEB Security & SET. Outline. Web Security Considerations. Web Security Considerations. Secure Socket Layer (SSL) and Transport Layer Security (TLS)

SSL: Secure Socket Layer

Overview of SSL. Outline. CSC/ECE 574 Computer and Network Security. Reminder: What Layer? Protocols. SSL Architecture

Other VPNs TLS/SSL, PPTP, L2TP. Advanced Computer Networks SS2005 Jürgen Häuselhofer

, ) I Transport Layer Security

CSC Network Security

SSL/TLS: The Ugly Truth

CSC 474 Information Systems Security

SECURE SOCKETS LAYER (SSL) SECURE SOCKETS LAYER (SSL) SSL ARCHITECTURE SSL/TLS DIFFERENCES SSL ARCHITECTURE. INFS 766 Internet Security Protocols

Secure Socket Layer. Security Threat Classifications

Savitribai Phule Pune University

Lecture 9 - Network Security TDTS (ht1)

Chapter 10. Network Security

Three attacks in SSL protocol and their solutions

Cryptography and Network Security Sicurezza delle reti e dei sistemi informatici SSL/TSL

CS 356 Lecture 27 Internet Security Protocols. Spring 2013

Part III-b. Universität Klagenfurt - IWAS Multimedia Kommunikation (VK) M. Euchner; Mai Siemens AG 2001, ICN M NT

Secure Socket Layer (TLS) Carlo U. Nicola, SGI FHNW With extracts from publications of : William Stallings.

, SNMP, Securing the Web: SSL

SECURE SOCKETS LAYER (SSL)

Authentication applications Kerberos X.509 Authentication services E mail security IP security Web security

SSL A discussion of the Secure Socket Layer

Lecture 4: Transport Layer Security (secure Socket Layer)

SSL/TLS. What Layer? History. SSL vs. IPsec. SSL Architecture. SSL Architecture. IT443 Network Security Administration Instructor: Bo Sheng

Introduction. Purpose. Background. Details

Chapter 32 Internet Security

Protocol Rollback and Network Security

SSL Secure Socket Layer

CS5008: Internet Computing

Network Security Fundamentals

Learning Network Security with SSL The OpenSSL Way

Topics in Network Security

Differences Between SSLv2, SSLv3, and TLS

Network Security. Abusayeed Saifullah. CS 5600 Computer Networks. These slides are adapted from Kurose and Ross 8-1

APNIC elearning: Network Security Fundamentals. 20 March :30 pm Brisbane Time (GMT+10)

INFORMATION SUPPLEMENT. Migrating from SSL and Early TLS. Version 1.0 Date: April 2015 Author: PCI Security Standards Council

Security Protocols and Infrastructures. h_da, Winter Term 2011/2012

Overview. Securing TCP/IP. Introduction to TCP/IP (cont d) Introduction to TCP/IP

SSL Secure Socket Layer

Chapter 8 Network Security. Slides adapted from the book and Tomas Olovsson

Practical Invalid Curve Attacks on TLS-ECDH

CrashPlan Security SECURITY CONTEXT TECHNOLOGY

Authenticity of Public Keys

Einführung in SSL mit Wireshark

Internet Engineering Task Force (IETF) Request for Comments: Category: Standards Track ISSN: A. Langley Google June 2015

Introduction. Haroula Zouridaki Mohammed Bin Abdullah Waheed Qureshi

CSE/EE 461 Lecture 23

Security vulnerabilities in the Internet and possible solutions

As enterprises conduct more and more

IPSec and SSL Virtual Private Networks

SSL GOOD PRACTICE GUIDE

TLS and SRTP for Skype Connect. Technical Datasheet

EXAM questions for the course TTM Information Security May Part 1

SENSE Security overview 2014

TLS/SSL (Mis)Protecting our Connections Security

Apache Partial HTTP Request Denial of Service Vulnerability - Zero Day. SSL Certificate - Subject Common Name Does Not Match Server FQDN

Transcription:

Security Protocols/Standards

Security Protocols/Standards

Security Protocols/Standards How do we actually communicate securely across a hostile network? Provide integrity, confidentiality, authenticity of communications?

Security Protocols Necessary to communicate securely across untrusted network Provide integrity, confidentiality, authenticity of communications Based on previously discussed cryptographic mechanisms TCP/IP Stack Application (HTTP,SMTP) Transport (TCP/UDP) Internet (IP) Network (Ethernet) Security Protocols HTTPS/ DNSSEC TLS Transport (TCP/UDP) Internet (IPSEC) Network (802.11i) Unsecure Secure

Transport Layer Security (TLS)

TLS Previous Secure Sockets Layer (SSL) Originally designed to support secure HTTP (HTTPS) Runs over TCP Datagram TLS TLS equivalent for UDP Currently used to secure many other protocols Provides: Authentication/Integrity uses MACs Confidentiality encryption of messages

TLS/SSL Versions Older SSL 1.0-2.0 well known security vulnerabilities SSL 3.0 weak key generation Government Approved (based on NIST SP 800-52 rev 1) TLS 1.0 not significantly different than SSLv3 Only when dealing with business/public (not govt only comm.) Browser Exploit Against SSL/TLS (BEAST) vulnerabilitiy TLS 1.1 fixes some issues with CBC mode, other fixes TLS 1.2 specify SHA-2 (256,512 bit) hash functions

TLS Protocol Stack

TLS Record Protocol TLS exchanges records Records is compressed, encrypted, depending on state of the connection Record types: Handshake Application data (HTTP) Alert Cipher change spec

Type: Handshake Stateful connection Handshake used to communicate/agree on various parameters TLS/SSL versions Ciphers Certificates Pre-master secret Master secret Session ID

TLS Handshake Proposes 1) version, 2) ciphers, 3) session ID, 4) random number Specifies: 1) version, 2) cipher, 3) random number Server certificate Public key parameters Client certificate (optional) Premaster secret Change cipher suite (encrypted in future Change cipher suite (encrypted in future)

TLS Handshake Continued Premaster secret Random number created by client Encrypted with server s public key Master secret Generated from premaster secret Data used to compute the encryption keys/ivs

TLS Ciphers Cipher contains set of crypto algorithms necessary to perform following functions: Key exchange algorithm E.g. RSA, Diffie Hellman, ECDH Bulk encryption algorithm Stream(RC4, etc.), Block(3DES, DES, AES, etc.) Data Integrity/Auth. MAC algorithms, HMAC with (MD5, SHA1, SHA256)

Type: Application Data

More Record Types Change Cipher Spec Protocol Signal transition in cipher strategy Example: plaintext to ciphertext Alert Identify problems with connection Warning vs Fatal (causes connection termination) Examples: Bad certificate, decrypt error, certificate expired/revoked, etc

. Example

HTTP/HTTPS

HTTP/HTTPS Hypertext Transfer Protocol Used for WWW communicate HTML, Javascript, Flash, pictures, etc. Common Requests GET - retrieve some resource Variables can be passed in line POST - retrieve some resource Variables sent as message body Request Headers Cookies, Content type, user-agent, cache control, etc..

HTTP Session ID Special Cookie used for authentication JSESSIONID (Java), ASP.NET_SessionID (ASP.,NET) Forms base authentication 1. User sends username/password in request (GET or POST [preferred]) 2. Server authenticates and sets SessionID to some random value 3. Browser includes session ID in all future 4. Server uses Session ID to authenticate all future requests from browser 5. Logoff terminates session id If you can steal a valid session ID, you can hijack the user s sessions

HTTP/HTTPS Examples Web Proxy Intercept HTTP/HTTPS between browser and system http://portswigger.net/burp/

POODLE Attack POODLE Attack POODLE = Padding Oracle On Downgraded Legacy Encryption SSLv3 Totally broken still generally used for legacy needs (old versions of Windows) Similar to previous TLS/SSL-HTTPS attacks (BEAST/CRIME) Vulnerable? Systems using SSL3 Man-in-time-Middle attacks that can downgrade browsers from TLS to SSLv3 Attacker needs man-in-the middle attack Unencrypted wifi? Ability to run Javascript from some webpage (or inject JS from the MitM attack)

POODLE Problem: SSLv3 mishandles CBC (used for block ciphers) block padding not covered by MAC!!! User can influence GET/POST to disclose session id data Mitigations 1. Completely disable SSL 3 2. Set TLS_FALLBACK_SCSV prevents fallback attack

Cipher Block Chaining Encryption: C0 = IV Cj = E(K, (Cj-1 Pj)) Decryption: C0 = IV Pj = Cj-1 D(K, Cj-1)

Resources https://blog.mozilla.org/security/2014/10/14/ the-poodle-attack-and-the-end-of-ssl-3-0/ https://www.openssl.org/~bodo/sslpoodle.pdf http://blog.cryptographyengineering.com/

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information