KEMBAR78
SECURE SOCKET LAYER(SSL)_LECTURE SLIDES.pdf
Uploaded byNiharikaDubey17
30 views

SECURE SOCKET LAYER(SSL)_LECTURE SLIDES.pdf

The document provides an overview of SSL/TLS protocols, detailing their architecture, components, and functionality aimed at securing internet communications. It explains the structure of SSL sessions and connections, emphasizing the handshake protocol and record protocol for confidentiality and message integrity. Additionally, it covers web security issues and authentication methods, including basic and digest authentication.

Engineering
Related topics:
Computer Networking
Download to read offline
1 SSL/TLS
2 Transport Layer Security Protocols • Secure Socket Layer (SSL) – Originally designed to by Netscape to secure HTTP – Version 2 is being replaced by version 3 – Subsequently became Internet Standard known as TLS – Use TCP to provide a reliable end-to-end service – Application independent • Can be used for any application protocol: telnet, ftp.. • Transport Layer Security (TLS) – SSL 3.0 is very similar to TLS (RFC 2246)
3 Location of SSL • SSL is build on top of TCP • Provides a TCP like interface • In theory can be used by all type of applications in a transparent manner
4 SSL Architecture • Rely on TCP for a reliable communication • Two Layers – SSL Record Protocol provides basic security services – Handshake, change cipher spec, Alert..
5 SSL Basic Protocol
6 SSL Session and Connection • Each SSL session can be used for multiple connections • SSL Session – An association between the client and the server – Are used to avoid negotiation of new security parameters for each connection • SSL Connection – A connection is a transport that provides a suitable type of service – Each connection is associated with one session
7 SSL Session • A SSL session consists of – Session ID – X.509 public-key certificate of peer (could be null) – Compression Algorithm – Cipher Spec: • Encryption Algorithm, Message Digest Algorithm, etc – Master Secret: 48 Byte secret shared between the client and the server
8 An X.509 Certificate
9 Data Transmission using SSL (SSL Record Protocol)
10 SSL Record Format
11 SSL Record Protocol • 2 services: – Confidentiality • Using symmetric encryption with a shared secret key defined by Handshake protocol – Message integrity • Using a MAC with a shared secret key • Layered protocol: – Fragmentation application data into blocks – Compression – MAC – Encryption – Transmit over TCP
12 SSL Record Protocol Payload
13 Handshake Protocol • Establish security capabilities – Protocol version, session ID, cipher suite, compression method, IV • Server authentication and key exchange – Send certificate, key exchange, request client certificate • Client authentication and key exchange – Send certificate, key exchange, certificate verification • Finish
14 SSL Change Cipher Spec Protocol • one of 3 SSL specific protocols which use the SSL Record protocol • a single message • causes pending state to become current • hence updating the cipher suite in use
15 SSL Alert Protocol • conveys SSL-related alerts to peer entity • severity • warning or fatal • specific alert • unexpected message, bad record mac, decompression failure, handshake failure, illegal parameter • close notify, no certificate, bad certificate, unsupported certificate, certificate revoked, certificate expired, certificate unknown • compressed & encrypted like all SSL data
16 Master Secret Creation • The master secret is a one-time 48-byte value – A Pre-master key is exchanged first • RSA or Diffie-Hellman – Master secret is computed from the pre-master secret, client random and server random
17 Generation of Cryptographic Parameters • Session Key: Generated from the master secret, client random, and server random – Client write MAC secret – Server write MAC secret – Client Write Key – Server Write Key – Client Write IV – Server Write IV
18 Application Ports used with SSL
19 Web Securities
20 How the Web Works - HTTP • Hypertext transfer protocol (http). • Clients request “documents” (or scripts) through URL. • Server response with “documents”. • Stateless protocol, requests are independent.
21 How the Web Works: Other Elements • Hyper-text markup language (html). • Other application specific document. – e.g., MIME, graphics, video/audio, postscript, Java applets, etc. • Browsers. – Display html documents and embedded graphics. – Run Java program. – Start helper applications. – ...
22 Web Vulnerabilities • http://www.w3.org/Security/Faq • Revealing private information on server • Intercept of client information • Execute unauthorized programs • Denial of service • ...
23 Web Security • Authentication: – Basic (username, password) • Can be used along with cookie – Digest • Access control via addresses • Multi-layered: – S-http (secure http), just for http • Proposed by CommerceNet, pretty much dead – SSL (TLS), generic for TCP • https: http over SSL – IPSec
24 HTTP Authentication - Basic • Client doesn’t know which method • Client attempts access (GET, PUT, …) normally • Server returns – “401 unauthorized” – Realm: protection space • Client tries again with (user:password) – Passwords in the clear – Repeated for each access
25 From Basic Authentication to Forms and Cookies • Not all sites use basic authentication • Many instead ask the user to type username/password into a HTML form • Server looks up the user and sends back a cookie • The browser (client) resends the cookie on subsequent requests
26 HTTP Access Control - Digest • Server sends www-authenticate parameters: – Realm – Domain – Nonce, new for each 401 response • e.g.. H(client-IP:timestamp:server-secret) – Algorithm • e.g., MD5
27 HTTP Access Control - Digest
28 HTTP Access Control - Digest

More Related Content

PPTX
PPT ON WEB SECURITY BY MONODIP SINGHA ROY
byMonodip Singha Roy
 
PPTX
SECURE SOCKET LAYER ( WEB SECURITY )
byMonodip Singha Roy
 
PPTX
Module2 PPrwgerbetytbteynyunyunythyhtyT.pptx
byThanushB1
 
PPTX
Secure Sockets Layer (SSL)
byBGSBU Rajouri
 
PPTX
Secure Socket Layer (SSL)
bySamip jain
 
PPTX
group no 6.pptx
byNIRAJSINGH339856
 
PPTX
Sequere socket Layer
byRaghavendra Rao
 
PPT
SSL.ppt
byTXCDHRUV
 
PPT ON WEB SECURITY BY MONODIP SINGHA ROY
byMonodip Singha Roy
 
SECURE SOCKET LAYER ( WEB SECURITY )
byMonodip Singha Roy
 
Module2 PPrwgerbetytbteynyunyunythyhtyT.pptx
byThanushB1
 
Secure Sockets Layer (SSL)
byBGSBU Rajouri
 
Secure Socket Layer (SSL)
bySamip jain
 
group no 6.pptx
byNIRAJSINGH339856
 
Sequere socket Layer
byRaghavendra Rao
 
SSL.ppt
byTXCDHRUV
 

Similar to SECURE SOCKET LAYER(SSL)_LECTURE SLIDES.pdf

PPT
SecureSocketLayer.ppt
byPranavUndre1
 
PPT
Transport layer security.ppt
byImXaib
 
DOCX
What is TLS/SSL?
byShehzad Imran
 
PPT
WEB SECURITY CRYPTOGRAPHY PPTeriu8t erhiut.ppt
bySonukumarRawat
 
PPT
Introduction to Secure Sockets Layer
byNascenia IT
 
PPTX
Secure Socket Layer.pptx
byJenish Prajapati
 
PPTX
ncsmodule module department of electronics
byPrateekJoshi63
 
PDF
BAIT1103 Chapter 4
bylimsh
 
PPSX
Secure socket layer
byNishant Pahad
 
PPSX
Secure socket layer
byNishant Pahad
 
PPT
Web securiy - Network security essentials
byssuser000e54
 
PPTX
Cryptography by Afroz haider mir
byAFROZ MIR
 
PPTX
Introduction to SSL and How to Exploit & Secure
byBrian Ritchie
 
PPT
Web security.ppt and Information Security introduction and management.pptx
bydaudevarist18
 
PPT
ch16-Cryptography and Network Security.ppt
byKamranHussainAwan
 
PPTX
669671684-Ch17-Crypto6e.pptx669671684-Ch17-Crypto6e.pptx
bytahircs1
 
PPTX
1643129870-internet-security.pptx
byMARIA401634
 
PPTX
Internet security protocol
byMousmi Pawar
 
PPT
Transportsec
byBogdan Korniyenko
 
PPTX
ssl-tls-ipsec-vpn.pptx
byjithu26327
 
SecureSocketLayer.ppt
byPranavUndre1
 
Transport layer security.ppt
byImXaib
 
What is TLS/SSL?
byShehzad Imran
 
WEB SECURITY CRYPTOGRAPHY PPTeriu8t erhiut.ppt
bySonukumarRawat
 
Introduction to Secure Sockets Layer
byNascenia IT
 
Secure Socket Layer.pptx
byJenish Prajapati
 
ncsmodule module department of electronics
byPrateekJoshi63
 
BAIT1103 Chapter 4
bylimsh
 
Secure socket layer
byNishant Pahad
 
Secure socket layer
byNishant Pahad
 
Web securiy - Network security essentials
byssuser000e54
 
Cryptography by Afroz haider mir
byAFROZ MIR
 
Introduction to SSL and How to Exploit & Secure
byBrian Ritchie
 
Web security.ppt and Information Security introduction and management.pptx
bydaudevarist18
 
ch16-Cryptography and Network Security.ppt
byKamranHussainAwan
 
669671684-Ch17-Crypto6e.pptx669671684-Ch17-Crypto6e.pptx
bytahircs1
 
1643129870-internet-security.pptx
byMARIA401634
 
Internet security protocol
byMousmi Pawar
 
Transportsec
byBogdan Korniyenko
 
ssl-tls-ipsec-vpn.pptx
byjithu26327
 

More from NiharikaDubey17

PPTX
Information Security and Privacy-Unit-2.pptx
byNiharikaDubey17
 
PPTX
Information Security and Privacy-Unit-1.pptx
byNiharikaDubey17
 
PPTX
Digital Image Processing--Unit-3 - L2.pptx
byNiharikaDubey17
 
PPTX
Digital Image Processing -Unit-3 - L1.pptx
byNiharikaDubey17
 
PPTX
tableau-finalpresentation-161211155749.pptx
byNiharikaDubey17
 
PPT
9613_2. Dr.U.Syed-Aktharsha-23MBA3DEG5-Introduction-to-Power-BI.ppt
byNiharikaDubey17
 
PPTX
Creating-Interactive-Dashboards-and-Reports-in-Tableau.pptx
byNiharikaDubey17
 
PPTX
Knowledge Management with data warehouse-Unit-1-L5.pptx
byNiharikaDubey17
 
PPTX
Knowledge Management with data mining detail-Unit-1-L6.pptx
byNiharikaDubey17
 
PPT
intro on impact of Artificial Intelligence.ppt
byNiharikaDubey17
 
PPT
chapter_1 C++ Programming introduction.ppt
byNiharikaDubey17
 
PPT
Constraint_Satisfaction problem based_slides.ppt
byNiharikaDubey17
 
PPT
18364_Conceptual dependency-scripts based content.ppt
byNiharikaDubey17
 
PPTX
Business Intelligence And Business Decisions:.pptx
byNiharikaDubey17
 
PPT
Decision based support system modelling.ppt
byNiharikaDubey17
 
PPT
Andrew S. Tanembaum, Computer Networks, 4th ed.ppt
byNiharikaDubey17
 
PPTX
researchconclavenitish-220715141929-be03069b (1).pptx
byNiharikaDubey17
 
PPT
Circuit and Packet Switching Methods Presentation
byNiharikaDubey17
 
PPT
Packet Switching Technique in Computer Network
byNiharikaDubey17
 
PPT
ImageProcessing1-Introduction.ppt
byNiharikaDubey17
 
Information Security and Privacy-Unit-2.pptx
byNiharikaDubey17
 
Information Security and Privacy-Unit-1.pptx
byNiharikaDubey17
 
Digital Image Processing--Unit-3 - L2.pptx
byNiharikaDubey17
 
Digital Image Processing -Unit-3 - L1.pptx
byNiharikaDubey17
 
tableau-finalpresentation-161211155749.pptx
byNiharikaDubey17
 
9613_2. Dr.U.Syed-Aktharsha-23MBA3DEG5-Introduction-to-Power-BI.ppt
byNiharikaDubey17
 
Creating-Interactive-Dashboards-and-Reports-in-Tableau.pptx
byNiharikaDubey17
 
Knowledge Management with data warehouse-Unit-1-L5.pptx
byNiharikaDubey17
 
Knowledge Management with data mining detail-Unit-1-L6.pptx
byNiharikaDubey17
 
intro on impact of Artificial Intelligence.ppt
byNiharikaDubey17
 
chapter_1 C++ Programming introduction.ppt
byNiharikaDubey17
 
Constraint_Satisfaction problem based_slides.ppt
byNiharikaDubey17
 
18364_Conceptual dependency-scripts based content.ppt
byNiharikaDubey17
 
Business Intelligence And Business Decisions:.pptx
byNiharikaDubey17
 
Decision based support system modelling.ppt
byNiharikaDubey17
 
Andrew S. Tanembaum, Computer Networks, 4th ed.ppt
byNiharikaDubey17
 
researchconclavenitish-220715141929-be03069b (1).pptx
byNiharikaDubey17
 
Circuit and Packet Switching Methods Presentation
byNiharikaDubey17
 
Packet Switching Technique in Computer Network
byNiharikaDubey17
 
ImageProcessing1-Introduction.ppt
byNiharikaDubey17
 

Recently uploaded

PDF
Certified Kubernetes Security Specialist (CKS): Unit 8
byVICTOR MAESTRE RAMIREZ
 
PPTX
All About Introduction to Artificial IntelligenceAI.pptx
byRAJASEKARAN G
 
PPT
GSM concepts_Slide with frame structure.ppt
byATULJOSHI721117
 
PPTX
UNIT - IV - Computer aided process planning - part 2.pptx
byrameshrajendhra
 
PPTX
Basic presentation - architecture pics.pptx
byMelsonJohnDalabajan
 
PPTX
Chapter 4 Geosynthetics materials for soil improvement .pptx
byFanastic
 
PDF
【EN】Accelerating Flutter UI Development with 
Figma Dev Mode MCP × Claude Code
byYuta Asada
 
PDF
How Are Learning-Based Methods Reshaping Trajectory Planning in Autonomous D...
byimagnejane
 
PDF
International Journal of Network Security & Its Applications (IJNSA)
byIJNSA Journal
 
PDF
Introduction to Machine Learning: Foundations and Applications
byremoved_2838c0f85dcbdf1a3b55b256d9455357
 
PPTX
Introduction to engineering dynamics for structural engineering student
bytekalign24
 
PDF
energies-14-0ggggggggggggggggg2725-v2.pdf
byCarlosPrezBuelga
 
PDF
Somnath Mukherjee_BIM Specialist_Resume.pdf
bySomnathMukherjee980757
 
PPT
lec0_Introduction_to_cmos_vlsi_design.ppt
bysrijeett
 
PPTX
COLLAGE PLACEMENT MANAGEMENT SYSTEM.pptx
bychaitanyachopade08
 
PDF
(36-50)ANCIENT INGENUITY A REAPPRAISAL OF THE ARCHITECTURAL (3 files merged).pdf
byDharmsinh Desai of University
 
PPT
23 EL PGS Sec-I (Shared).ppt power generation systems
byMehran university of engineering technology Pakistan
 
PDF
Performance analysis of recycled PET composites reinforced with waste slate d...
byADITYA CHAUHAN
 
PDF
LOW POWER CLASS AB SI POWER AMPLIFIER FOR WIRELESS MEDICAL SENSOR NETWORK
byRandyClara
 
PPTX
GEMM tiling for weight stationary NCKU AISlab
bye24111071
 
Certified Kubernetes Security Specialist (CKS): Unit 8
byVICTOR MAESTRE RAMIREZ
 
All About Introduction to Artificial IntelligenceAI.pptx
byRAJASEKARAN G
 
GSM concepts_Slide with frame structure.ppt
byATULJOSHI721117
 
UNIT - IV - Computer aided process planning - part 2.pptx
byrameshrajendhra
 
Basic presentation - architecture pics.pptx
byMelsonJohnDalabajan
 
Chapter 4 Geosynthetics materials for soil improvement .pptx
byFanastic
 
【EN】Accelerating Flutter UI Development with 
Figma Dev Mode MCP × Claude Code
byYuta Asada
 
How Are Learning-Based Methods Reshaping Trajectory Planning in Autonomous D...
byimagnejane
 
International Journal of Network Security & Its Applications (IJNSA)
byIJNSA Journal
 
Introduction to Machine Learning: Foundations and Applications
byremoved_2838c0f85dcbdf1a3b55b256d9455357
 
Introduction to engineering dynamics for structural engineering student
bytekalign24
 
energies-14-0ggggggggggggggggg2725-v2.pdf
byCarlosPrezBuelga
 
Somnath Mukherjee_BIM Specialist_Resume.pdf
bySomnathMukherjee980757
 
lec0_Introduction_to_cmos_vlsi_design.ppt
bysrijeett
 
COLLAGE PLACEMENT MANAGEMENT SYSTEM.pptx
bychaitanyachopade08
 
(36-50)ANCIENT INGENUITY A REAPPRAISAL OF THE ARCHITECTURAL (3 files merged).pdf
byDharmsinh Desai of University
 
23 EL PGS Sec-I (Shared).ppt power generation systems
byMehran university of engineering technology Pakistan
 
Performance analysis of recycled PET composites reinforced with waste slate d...
byADITYA CHAUHAN
 
LOW POWER CLASS AB SI POWER AMPLIFIER FOR WIRELESS MEDICAL SENSOR NETWORK
byRandyClara
 
GEMM tiling for weight stationary NCKU AISlab
bye24111071
 

SECURE SOCKET LAYER(SSL)_LECTURE SLIDES.pdf

  • 1.
  • 2.
    2 Transport Layer SecurityProtocols • Secure Socket Layer (SSL) – Originally designed to by Netscape to secure HTTP – Version 2 is being replaced by version 3 – Subsequently became Internet Standard known as TLS – Use TCP to provide a reliable end-to-end service – Application independent • Can be used for any application protocol: telnet, ftp.. • Transport Layer Security (TLS) – SSL 3.0 is very similar to TLS (RFC 2246)
  • 3.
    3 Location of SSL •SSL is build on top of TCP • Provides a TCP like interface • In theory can be used by all type of applications in a transparent manner
  • 4.
    4 SSL Architecture • Relyon TCP for a reliable communication • Two Layers – SSL Record Protocol provides basic security services – Handshake, change cipher spec, Alert..
  • 5.
  • 6.
    6 SSL Session andConnection • Each SSL session can be used for multiple connections • SSL Session – An association between the client and the server – Are used to avoid negotiation of new security parameters for each connection • SSL Connection – A connection is a transport that provides a suitable type of service – Each connection is associated with one session
  • 7.
    7 SSL Session • ASSL session consists of – Session ID – X.509 public-key certificate of peer (could be null) – Compression Algorithm – Cipher Spec: • Encryption Algorithm, Message Digest Algorithm, etc – Master Secret: 48 Byte secret shared between the client and the server
  • 8.
  • 9.
    9 Data Transmission usingSSL (SSL Record Protocol)
  • 10.
  • 11.
    11 SSL Record Protocol •2 services: – Confidentiality • Using symmetric encryption with a shared secret key defined by Handshake protocol – Message integrity • Using a MAC with a shared secret key • Layered protocol: – Fragmentation application data into blocks – Compression – MAC – Encryption – Transmit over TCP
  • 12.
  • 13.
    13 Handshake Protocol • Establishsecurity capabilities – Protocol version, session ID, cipher suite, compression method, IV • Server authentication and key exchange – Send certificate, key exchange, request client certificate • Client authentication and key exchange – Send certificate, key exchange, certificate verification • Finish
  • 14.
    14 SSL Change CipherSpec Protocol • one of 3 SSL specific protocols which use the SSL Record protocol • a single message • causes pending state to become current • hence updating the cipher suite in use
  • 15.
    15 SSL Alert Protocol •conveys SSL-related alerts to peer entity • severity • warning or fatal • specific alert • unexpected message, bad record mac, decompression failure, handshake failure, illegal parameter • close notify, no certificate, bad certificate, unsupported certificate, certificate revoked, certificate expired, certificate unknown • compressed & encrypted like all SSL data
  • 16.
    16 Master Secret Creation •The master secret is a one-time 48-byte value – A Pre-master key is exchanged first • RSA or Diffie-Hellman – Master secret is computed from the pre-master secret, client random and server random
  • 17.
    17 Generation of CryptographicParameters • Session Key: Generated from the master secret, client random, and server random – Client write MAC secret – Server write MAC secret – Client Write Key – Server Write Key – Client Write IV – Server Write IV
  • 18.
  • 19.
  • 20.
    20 How the WebWorks - HTTP • Hypertext transfer protocol (http). • Clients request “documents” (or scripts) through URL. • Server response with “documents”. • Stateless protocol, requests are independent.
  • 21.
    21 How the WebWorks: Other Elements • Hyper-text markup language (html). • Other application specific document. – e.g., MIME, graphics, video/audio, postscript, Java applets, etc. • Browsers. – Display html documents and embedded graphics. – Run Java program. – Start helper applications. – ...
  • 22.
    22 Web Vulnerabilities • http://www.w3.org/Security/Faq •Revealing private information on server • Intercept of client information • Execute unauthorized programs • Denial of service • ...
  • 23.
    23 Web Security • Authentication: –Basic (username, password) • Can be used along with cookie – Digest • Access control via addresses • Multi-layered: – S-http (secure http), just for http • Proposed by CommerceNet, pretty much dead – SSL (TLS), generic for TCP • https: http over SSL – IPSec
  • 24.
    24 HTTP Authentication -Basic • Client doesn’t know which method • Client attempts access (GET, PUT, …) normally • Server returns – “401 unauthorized” – Realm: protection space • Client tries again with (user:password) – Passwords in the clear – Repeated for each access
  • 25.
    25 From Basic Authenticationto Forms and Cookies • Not all sites use basic authentication • Many instead ask the user to type username/password into a HTML form • Server looks up the user and sends back a cookie • The browser (client) resends the cookie on subsequent requests
  • 26.
    26 HTTP Access Control- Digest • Server sends www-authenticate parameters: – Realm – Domain – Nonce, new for each 401 response • e.g.. H(client-IP:timestamp:server-secret) – Algorithm • e.g., MD5
  • 27.
  • 28.