Presentation is loading. Please wait.

Presentation is loading. Please wait.

Cosc 4765 SSL/TLS and VPN. SSL and TLS We can apply this generally, but also from a prospective of web services. Multi-layered: –S-http (secure http),

Published byHomer Matthews Modified over 8 years ago

Similar presentations

Presentation on theme: "Cosc 4765 SSL/TLS and VPN. SSL and TLS We can apply this generally, but also from a prospective of web services. Multi-layered: –S-http (secure http),"— Presentation transcript:

1 Cosc 4765 SSL/TLS and VPN

2 SSL and TLS We can apply this generally, but also from a prospective of web services. Multi-layered: –S-http (secure http), just for http Proposed by CommerceNet, pretty much dead –SSL (TLS), generic for TCP https: http over SSL –IPSec http over IPSec

3 Security facilities in the TCP/IP protocol stack

4 SSL and TLS SSL was originated by Netscape TLS working group was formed within IETF First version of TLS can be viewed as an SSLv3.1

5 SSL Overview For any TCP protocol: HTTP (https:// port 443), NNTP, telnet, etc. –Secure byte stream. Optional (but common) public key server authentication. Optional client authentication. Hash: combined MD5 and SHA. Encryption optional. Now: TLS (IETF WG).

6 SSL/TLS Overview Secure Sockets Layer –Establishes encrypted channel for communications –Establishes a private session with public keys –All communications encrypted with private key

7 SSL Architecture Two layers: –SSL record protocol provides basic security services –3 higher-layer protocols: Handshake, change cipher spec, alert Connection –A transport with some service, associated with a session Session –Created by handshake, defines cryptographic security parameters for multiple connections

8 Handshake Protocol The most complex part of SSL. Allows the server and client to authenticate each other. Negotiate encryption, MAC algorithm and cryptographic keys. Used before any application data are transmitted.

9 Handshake Protocol Action

10 SSL Record Protocol 2 services: –Confidentiality, message integrity Layered protocol: –Fragment application data into blocks –Compress data –Apply message authentication code (MAC) = h(s|m) for message m and secret s –Encrypt with client (cw) or server (sw) write key –Transmit over TCP Specify content type for higher protocols

11 SSL Record Protocol Operation

12 SSL Record Format

13 Transport Layer Security The same record format as the SSL record format. Defined in RFC 2246. Similar to SSLv3. Differences in the: –version number –message authentication code –pseudorandom function –alert codes –cipher suites –client certificate types –certificate_verify and finished message –cryptographic computations –padding

14 Virtual Private Networks VPN –Can be built on top of SSL or IPSec infrastructure Works well with firewalls or as standard alone appliance. –User outside the firewall needs to get inside the firewall safely –Encrypted “tunnel” or channel is negotiated with firewall –User’s packets going to hosts behind the firewall get translated so they look like they’re coming from an internal IP –From the user’s point of view, they are “inside” the private network

15 IPSec IPSec is not a single protocol –but rather a set of services and protocols that provide a complete security solution for an IP network. Some of the kinds of protection services offered by IPSec include: –Encryption of user data for privacy. –Authentication of the integrity of a message to ensure that it is not changed en route. –Protection against certain types of security attacks, such as replay attacks. –The ability for devices to negotiate the security algorithms and keys required to meet their security needs. –Two security modes, tunnel and transport, to meet different network needs.

16 IP Security (IPSec) RFC Standards RFC 2401 Security Architecture for the Internet Protocol –Main document describing how to put it all together. RFC 2402IP Authentication Header –Defines the IPSec Authentication Header (AH) protocol used for ensuring data integrity and origin verification. RFC 2403 The Use of HMAC-MD5-96 within ESP and AH –Describes a particular encryption algorithm for use by AH and ESP called Message Digest 5 (MD5), HMAC variant. RFC 2404 The Use of HMAC-SHA-1-96 within ESP and AH –Describes a particular encryption algorithm for use by AH and ESP called Secure Hash Algorithm 1 (SHA-1), HMAC variant. RFC 2406 IP Encapsulating Security Payload (ESP) –Describes the IPSec Encapsulation Security Payload (ESP) protocol that provides data encryption for confidentiality. RFC 2408 Internet Security Association and Key Management Protocol (ISAKMP) –Defines methods for exchanging keys and negotiating security associations. RFC 2409 The Internet Key Exchange (IKE) –Describes the Internet Key Exchange (IKE) protocol used to negotiate security associations and exchange keys between devices for secure communications. Based on ISAKMP and OAKLEY. RFC 2412 The OAKLEY Key Determination Protocol –Describes a generic protocol for key exchange.

17 Operations It provides security services at the IP layer for other TCP/IP protocols and applications to use. –Provides the tools that devices on a TCP/IP network need in order to communicate securely To accomplish this they: 1.They agree on a set of security protocols to use, so that each one sends data in a format the other can understand. 2.They must decide on a specific encryption algorithm to use in encoding data. 3.They must exchange keys that are used “unlock” data that has been cryptographically encoded. 4.Once this background work is completed, each device must use the protocols, methods and keys previously agreed upon to encode data and send it across the network.

18 Components Core –IPSec Authentication Header (AH): provides authentication services for IPSec. verify that the supposed originator of a message was in fact the one that sent it. verify that none of the data in the datagram has been changed by any intermediate devices en route. Protects from “replay” attacks –Encapsulating Security Payload (ESP): ensures integrity of the data in datagram, but not its privacy, when the information in a datagram is “for your eyes only”, it can be further protected using the ESP protocol, which encrypts the payload of the IP datagram.

19 Implementation Integrated into the IP stack a common method, if all data going between two devices.

20 Implementation (2) When using two VPNS to provide a secure connection between remote locations

21 IPSec Modes There are 2 modes, Transport and tunnel –The main differences is one protects the orignal IP datagram (including headers), while the other does not. Transport –IP header, IPSec Header, IP payload. Tunnel –New IP header, IPSec header, old IP header, IP payload

22 Transport Mode

23 Tunnel Mode

24 Authentication Header (AH) AH is a protocol that provides authentication of either all or part of the contents of a datagram through the addition of a header that is calculated based on the values in the datagram. –What parts of the datagram are used for the calculation, and the placement of the header, depends on the mode (tunnel or transport) Remember this provides no privacy or encryption, only the integrity of the data.

25 Encapsulating Security Payload (ESP) Encrypts the IP datagrams. An encryption algorithm combines the data in the datagram with a key to transform it into an encrypted form. This is then repackaged using a special format that we will see shortly, and transmitted to the destination, which decrypts it using the same algorithm.

26 Putting it all together

27 Anti-replay Feature Optional Information to enforce held in SA entry Sequence number counter - 32 bit for outgoing IPSec packets Anti-replay window –32-bit –Bit-map for detecting replayed packets

28 Anti-replay Sliding Window Window should not be advanced until the packet has been authenticated Without authentication, malicious packets with large sequence numbers can advance window unnecessarily –Valid packets would be dropped!

29 References Computer Networking with internet protocols and technology, Stallings, Prentice Hall, 2004 http://www.tcpipguide.com/free/t_Inter netProtocolIPIPv4IPngIPv6andIPRelat edProtocol.htmhttp://www.tcpipguide.com/free/t_Inter netProtocolIPIPv4IPngIPv6andIPRelat edProtocol.htm

30 Q A &

Download ppt "Cosc 4765 SSL/TLS and VPN. SSL and TLS We can apply this generally, but also from a prospective of web services. Multi-layered: –S-http (secure http),"

Similar presentations

Internet Protocol Security (IP Sec)

Internet Protocol Security (IP Sec)
IPSec.

IPSec.
Spring 2012: CS419 Computer Security Vinod Ganapathy SSL, etc.

Spring 2012: CS419 Computer Security Vinod Ganapathy SSL, etc.
Lecture 6: Web security: SSL

Lecture 6: Web security: SSL
Cryptography and Network Security

Cryptography and Network Security
Secure Socket Layer.

Secure Socket Layer.
SSL CS772 Fall 2011. Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.

SSL CS772 Fall Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.
Socket Layer Security. In this Presentation: need for web security SSL/TLS transport layer security protocols HTTPS secure shell (SSH)

Socket Layer Security. In this Presentation: need for web security SSL/TLS transport layer security protocols HTTPS secure shell (SSH)
Working Connection Computer and Network Security - SSL, IPsec, Firewalls – (Chapter 17, 18, 19, and 23)

Working Connection Computer and Network Security - SSL, IPsec, Firewalls – (Chapter 17, 18, 19, and 23)
Transport Layer Security (TLS) Protocol Introduction to networks and communications(CS555) Prof : Dr Kurt maly Student:Abhinav y.

Transport Layer Security (TLS) Protocol Introduction to networks and communications(CS555) Prof : Dr Kurt maly Student:Abhinav y.
BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.

BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.
IPSec: Authentication Header, Encapsulating Security Payload Protocols CSCI 5931 Web Security Edward Murphy.

IPSec: Authentication Header, Encapsulating Security Payload Protocols CSCI 5931 Web Security Edward Murphy.
Information System Security AABFS-Jordan Summer 2006 IP Security Supervisor :Dr. Lo'ai Ali Tawalbeh Done by: Wa’el Musa Hadi.

Information System Security AABFS-Jordan Summer 2006 IP Security Supervisor :Dr. Lo'ai Ali Tawalbeh Done by: Wa’el Musa Hadi.
ECE 454/CS 594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall.

ECE 454/CS 594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall.
1 Lecture 15: IPsec AH and ESP IPsec introduction: uses and modes IPsec concepts –security association –security policy database IPsec headers –authentication.

1 Lecture 15: IPsec AH and ESP IPsec introduction: uses and modes IPsec concepts –security association –security policy database IPsec headers –authentication.
Crypto – chapter 16 - noack Introduction to network stcurity Chapter 16 - Stallings.

Crypto – chapter 16 - noack Introduction to network stcurity Chapter 16 - Stallings.
TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 30 Internet Security.

TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 30 Internet Security.
K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.

K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.
1 IP Security Outline of the session –IP Security Overview –IP Security Architecture –Key Management Based on slides by Dr. Lawrie Brown of the Australian.

1 IP Security Outline of the session –IP Security Overview –IP Security Architecture –Key Management Based on slides by Dr. Lawrie Brown of the Australian.
CSCE 790: Computer Network Security Chin-Tser Huang University of South Carolina.

CSCE 790: Computer Network Security Chin-Tser Huang University of South Carolina.

Similar presentations

Ads by Google