SoL Secure Socket Layer > transport layer security service > Originally developed by Netscape > version 3 designed with public input > subsequently became Internet standara Known as I
Trang 1Cryptography ana
NetWork Security
Chapter 17
Fourth) Edition
by VViliiam) Stallings
Lecture SIGES ply Lawne Brown
Trang 2Chapter 17 — Web Secunity
Use your mentality
Wake up to reality
—From the song, | ve Got You under,
My Skin™ by Cole Porter,
Trang 3Web) Secunity
> Web now widely used by business,
government, individuals
> but Internet & Web are vulnerable
> have a variety of threats
° jntegnity
* confidentiality
° denial of Senvice
* authentication
> need adged| secunty mechanisms
Trang 4SoL (Secure Socket Layer)
> transport layer security service
> Originally developed by Netscape
> version 3 designed with public input
> subsequently became Internet standara Known as ILS (iransport Layer Secunity)
» uses ICP to provide a reliable end-to-
end service
> SSL has two layers of protocols
Trang 5Where SSL Fits
HTTP SMTP POP3 HTTPS SSMTP SPOP3
Secure Sockets Layer
Transport
Network
S
AS
Si ent
Trang 6
SSL Architecture
SSL SSL Change
Handshake | Cipher Spec a jah HTTP
Protocol Protocol ee
SSL Record Protocol
TCP
Trang 7SSL Architecture
* SSL connection
° a tfansient, peer-to-peer, Communications link
° associated with 1 SSL session
> SSL session
° an association between Client & Server
° created by the Handshake Protocol
© define a Set of Cryptographic parameters
* may be Shared by MUItIDIE SSL connections
Trang 8SSL Record Protocol Services
> message integrity
° using) a MAC with sharea| secret key
° similar to AMAC put with aiferent padding
> contidentiality
° USING SymmMeNiC Encryption with a shared
Secret key defined by Handshake Protocol
* AES, IDEA, RCZ-40) DES-40, DES, 3DES,
E9)f127222I p.©2 20) p2©2|2c)
» Insszele[s IS Comlorossse) Salers Snenvoer
Trang 9SSL Record Protocol
Operation
Application Data
Fragment |
Compress 2 ⁄
or
——————————— iS
4
Enc t SKI SOOO
SRK KKK KI SRR
Cx x x x x OO OO ee
Append SSL RRR RRR OOOO DODO ODDS RR
MASAMI APIO
OOOO OOOO KOO
hs IC
“
Record Header Ree RTI XS
Trang 10SoL Change Cipher spec
Protocol
> one Of 3 SSL specitic protocols which use the SSL Record protocol
> a Single message
> Causes pending state to become
current
> hence updating the cipher suite in use
Trang 11SSL Alert Protocol
> conveys SSL-related alerts to peer entity
SSA ey
> Warning) Of fatal
> specific alert
> fatal; Unexpected message, bad record mac,
decompression failure, handshake failure, illegal
Ø4f.aITICI€T:
° WafIfIO: Close notity, no GCTLIlIlCaLC, DdQ GCTIIIICLC,
UnSUppoMmed Certificate, certiiicate revoked) Ceniiiicate Expirea, Cenificate UnKnOWn
> compressea & encrypted like all SS data
Trang 12Sol Hanashake Protocol
> allows server & client to:
© authenticate cach other
© to negotiate encryption & MAC algorithms
° 10 negotiate cryptographic keys to be used
> comprises a series of messages in phases
, Establish Secunty Capabilities
2 woehver Authentication ang Key Exchange
3 6 Client Authentication and Key Exchange
wlan
Trang 13Hanashake Protoco
Client Server
Phase 1 Establish security capabilities, including
protocol version, session ID, cipher suite, compression method, and initial random numbers
Phase 2 Server may send certificate, key exchange, and request certificate Server signals end
of hello message phase
Phase 3
Client sends certificate if requested Client
sends key exchange Client may send certificate verification
Phase 4 Change cipher suite and finish handshake protocol
Note: Shaded transfers are
optional or situation-dependent
messages that are not always sent
Trang 14TLS (transport Layer,
SCCU1tV)
Š IE1I†- Sfandard EXEEG 2246 similar to SSLv3
> with minor differences
© in frecoral format version number
° uses IMAC tor MAC
° a pSEUGO-random function Expands Secrets
° has adaitional alert codes
* some Changes in SUPpPoried! ciohers
° Changes In| Ceniiicate tyoes & negotiations
® Changes in) Chy pio) COMpUtations c paadGing