Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 DCS 835 – Computer Networking and the Internet Digital Certificate and SSL (rev.06-17-07) Team 1 Rasal Mowla (project leader) Alvaro Restrepo, Carlos.

Published byClyde Bennett Modified over 8 years ago

Similar presentations

Presentation on theme: "1 DCS 835 – Computer Networking and the Internet Digital Certificate and SSL (rev.06-17-07) Team 1 Rasal Mowla (project leader) Alvaro Restrepo, Carlos."— Presentation transcript:

1 1 DCS 835 – Computer Networking and the Internet Digital Certificate and SSL (rev.06-17-07) Team 1 Rasal Mowla (project leader) Alvaro Restrepo, Carlos Thomas Kevin Gravesande, Scott Weaver

2 2 Agenda  Digital Certificate  Digital Certificate Example  SSL  SSL Example  Protocol Overview  Why SSL is Secure  SSL Versions  Conclusion

3 3 What is a Digital Certificate Digital Certificate prove your identity or your right to access information or services online. They bind an identity to a pair of electronic keys that can be used to encrypt and sign digital information. A Digital Certificate is issued by a Certification Authority (CA) and signed with the CA's private key. A Digital Certificate typically contains the: Owner's public key Owner's name Expiration date of the public key Name of the issuer (the CA that issued the Digital Certificate) Serial number of the Digital Certificate

4 4 Example of Digital Certificate From: Staples.com

5 5 Digital Certificates What are Digital Certificates used for? Digital Certificates are used in e-mail, e-commerce, groupware and electronic funds transfers, code signing, VPNs, and SSL (security and encryption). Why do I need a Digital Certificate? Digital certificates provide with security and privacy for transacting online transactions. How do I use Digital Certificates? Digital certificates can be used in conjunction with digital signatures to provide authenticity. Furthermore, they provide verification of identity for secure server access.

6 6 Reference: http://ospkibook.sourceforge.net/docs/OSPKI-2.4.7/OSPKI-html/sample-ca-cert-txt.htm

7 7 Digital Certificates and SSL What is SSL and what is it used for? Secure Sockets Layer (SSL) protects the data transferred using encryption enabled by a SSL server’s certificate. Browser address directs to a secured domain, SSL handshake authenticates the server and client and establishes an encryption method and a unique session key. Encryption is done by a public key and a private key deciphers it. Why do I need a SSL? Provides a secure medium of communication between a client and server via encryption.

8 8 SSL (Introduction) Reliable commutation on the Internet SSL Main Goal: –Cryptography security –Reliability –Interoperability –Extensibility –Relative efficiency Chiper Used with SSL

9 9 Uses of SSL 1.An organization, which wants to supply Internet privacy communication between it and its clients, may use the SSL protocol. 2.Bank-Systems are using this protocol to allow their clients to view their confidential accounts’ data on their own browser and to make their account orders from home. 3.The same idea is applied in academic organizations. Students can view safely personal information on the web, such as course grades. 4.Most electronic commerce (i.e. the sharing of personal details and credit card numbers) through the net is protected under SSL.

10 10 SSL Example http://www.bankofamerica.com

11 11 SSL Example

12 12 SSL (Protocol Overview) SSL is a Layered protocol. The SSL Protocol Stack

13 13 SSL (Protocol Overview) cont. SSL Handshake protocol –Establishes a secure session –Structure: · Type: SSL handshake message type. · Length: Length (in bytes) of the message. · Content: Parameters additional to the message.

14 14 SSL (Protocol Overview) cont. SSL Handshake protocol

15 15 SSL (Protocol Overview) cont. SSL Change Chiper Spec protocol –Used at the last stage of SSL Handshake in order parties to move from their pending state to their current state. –This message has one byte with content of “1” and is encrypted and compressed under the current CipherSpec.

16 16 SSL (Protocol Overview) cont. SSL Alert protocol –Responsible for error –Two levels of alert fatal alert warning alert · Level: Indicates a fatal or warning alert. · Alert: Indicates the specific alert.

17 17 SSL (Protocol Overview) cont. SSL Record protocol –Data is encapsulated into an object called record –Record consist of Header – 5 bytes long Data – portion undergoes 4 stages: Fragmentation, Compression (optional), Applying MAC, and Encryption

18 18 Why use SSL? Preventing Identity Fraud Preventing Garbling Attacks Preventing Replaying Messages Preventing Cut and Paste Attacks Preventing Cipher Suite rollback attacks Preventing Version rollback attacks Preventing Dictionary attacks Traffic attacks Short-block attacks

19 19 SSL versions SSL v2.0 SSL v3.0 TLS

20 20 References Digital Certificates Verising, “Digital Certificates” http://www.verisign.com.au/repository/tutorial/digital/intro1.shtmlhttp://www.verisign.com.au/repository/tutorial/digital/intro1.shtml Verising is one the key and innovative Certificate Authority companies on the web. The Open–source PKI Book: A guide to PKIs and Open–source Implementations. Sample CA Certificate in TXT format http://ospkibook.sourceforge.net/docs/OSPKI-2.4.7/OSPKI-html/sample-ca-cert-txt.htm Website provided sample text image of a digital certificate.http://ospkibook.sourceforge.net/docs/OSPKI-2.4.7/OSPKI-html/sample-ca-cert-txt.htm SSL

Download ppt "1 DCS 835 – Computer Networking and the Internet Digital Certificate and SSL (rev.06-17-07) Team 1 Rasal Mowla (project leader) Alvaro Restrepo, Carlos."

Similar presentations

Spring 2012: CS419 Computer Security Vinod Ganapathy SSL, etc.

Spring 2012: CS419 Computer Security Vinod Ganapathy SSL, etc.
CP3397 ECommerce.

CP3397 ECommerce.
1 Lecture 17: SSL/TLS history, architecture basic handshake session initiation/resumption key computation negotiating cipher suites application: SET.

1 Lecture 17: SSL/TLS history, architecture basic handshake session initiation/resumption key computation negotiating cipher suites application: SET.
Cryptography and Network Security

Cryptography and Network Security
Secure Socket Layer.

Secure Socket Layer.
SSL CS772 Fall 2011. Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.

SSL CS772 Fall Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.
Socket Layer Security. In this Presentation: need for web security SSL/TLS transport layer security protocols HTTPS secure shell (SSH)

Socket Layer Security. In this Presentation: need for web security SSL/TLS transport layer security protocols HTTPS secure shell (SSH)
Internet Security Protocols

Internet Security Protocols
Working Connection Computer and Network Security - SSL, IPsec, Firewalls – (Chapter 17, 18, 19, and 23)

Working Connection Computer and Network Security - SSL, IPsec, Firewalls – (Chapter 17, 18, 19, and 23)
7-1 Chapter 7 – Web Security Use your mentality Wake up to reality —From the song, I've Got You under My Skin“ by Cole Porter.

7-1 Chapter 7 – Web Security Use your mentality Wake up to reality —From the song, "I've Got You under My Skin“ by Cole Porter.
An Introduction to Secure Sockets Layer (SSL). Overview Types of encryption SSL History Design Goals Protocol Problems Competing Technologies.

An Introduction to Secure Sockets Layer (SSL). Overview Types of encryption SSL History Design Goals Protocol Problems Competing Technologies.
Module 5: TLS and SSL 1. Overview Transport Layer Security Overview Secure Socket Layer Overview SSL Termination SSL in the Hosted Environment Load Balanced.

Module 5: TLS and SSL 1. Overview Transport Layer Security Overview Secure Socket Layer Overview SSL Termination SSL in the Hosted Environment Load Balanced.
SSL : An Overview Bruhadeshwar Bezawada International Institute of Information Technology, Hyderabad.

SSL : An Overview Bruhadeshwar Bezawada International Institute of Information Technology, Hyderabad.
Transport Layer Security (TLS) Protocol Introduction to networks and communications(CS555) Prof : Dr Kurt maly Student:Abhinav y.

Transport Layer Security (TLS) Protocol Introduction to networks and communications(CS555) Prof : Dr Kurt maly Student:Abhinav y.
Lori Fitterling LI843 SSL Secured Sockets Layer. What is Secure Sockets Layer (SSL)? It is protection of data transferred over the Internet using encryption.

Lori Fitterling LI843 SSL Secured Sockets Layer. What is Secure Sockets Layer (SSL)? It is protection of data transferred over the Internet using encryption.
BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.

BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.
SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.

SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.
Cryptography and Network Security Chapter 17

Cryptography and Network Security Chapter 17
CSCE 790: Computer Network Security Chin-Tser Huang University of South Carolina.

CSCE 790: Computer Network Security Chin-Tser Huang University of South Carolina.
EECC694 - Shaaban #1 lec #16 Spring2000 5-4-2000 Properties of Secure Network Communication Secrecy: Only the sender and intended receiver should be able.

EECC694 - Shaaban #1 lec #16 Spring Properties of Secure Network Communication Secrecy: Only the sender and intended receiver should be able.

Similar presentations

Ads by Google