SSL/TLS Protocol Network Security Gene Itkis. Basic paradigmatic application: on-line purchase Client contacts Server (possibly for the first time) Spontaneity.

Slides:



Advertisements
Similar presentations
Web security: SSL and TLS
Advertisements

1 Lecture 17: SSL/TLS history, architecture basic handshake session initiation/resumption key computation negotiating cipher suites application: SET.
CS470, A.SelcukSSL/TLS & SET1 CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.
1 Lecture 12 SSL/TLS (Secure Sockets Layer / Transport Layer Security) CIS CIS 5357 Network Security.
TLS Introduction 14.2 TLS Record Protocol 14.3 TLS Handshake Protocol 14.4 Summary.
SMUCSE 5349/49 SSL/TLS. SMUCSE 5349/7349 Layers of Security.
Cryptography and Network Security
SSL CS772 Fall Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.
Kerberized Credential Translation Olga Kornievskaia Peter Honeyman Bill Doster Kevin Coffman Center for Information Technology Integration University of.
Lecture 7: Transport Level Security – SSL/TLS CS 336/536: Computer Network Security Fall 2013 Nitesh Saxena Adopted from previous lecture by Tony Barnard.
17.1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 17 Security at the Transport Layer: SSL and TLS.
Working Connection Computer and Network Security - SSL, IPsec, Firewalls – (Chapter 17, 18, 19, and 23)
7-1 Chapter 7 – Web Security Use your mentality Wake up to reality —From the song, "I've Got You under My Skin“ by Cole Porter.
An Introduction to Secure Sockets Layer (SSL). Overview Types of encryption SSL History Design Goals Protocol Problems Competing Technologies.
Slide 1 Vitaly Shmatikov CS 378 SSL/TLS. slide 2 What is SSL / TLS? uTransport Layer Security protocol, version 1.0 De facto standard for Internet security.
1 SSL/TLS 2 Web security Security requirements Secrecy to prevent eavesdroppers to learn sensitive information Entity authentication Message authentication.
COMP043-Cryptology Week 4 – Certs and Sigs. Digital Signatures Digital signatures provide –Integrity –Authenticity and –Non-repudiation How do they work?
December 2006Prof. Reuven Aviv, SSL1 Web Security with SSL Prof. Reuven Aviv Dept. of Computer Science Tel Hai Academic College.
Apr 2, 2002Mårten Trolin1 Previous lecture On the assignment Certificates and key management –Obtaining a certificate –Verifying a certificate –Certificate.
Cryptography and Network Security Chapter 17
Intro to SSL/TLS Network Security Gene Itkis. 6/14/2015 Gene Itkis: CS558 Network Security 2 Origins Internet Engineering Task Force (IETF) –
Apr 22, 2003Mårten Trolin1 Agenda Course high-lights – Symmetric and asymmetric cryptography – Digital signatures and MACs – Certificates – Protocols Interactive.
0 SSL3.0 / TLS1.0 Secure Communication over Insecure Line.
Intro to SSL/TLS Network Security Gene Itkis. 6/23/2015 cs Network Security (Gene Itkis) 2 Origins Internet Engineering Task Force (IETF) –
Chapter 8 Web Security.
Secure password-based cipher suite for TLS: The importance of end-to-end security Marie L.S. Dumont CS 265.
Seguridad en Sistemas de Información Francisco Rodríguez Henríquez SSL/TLS: An Introduction.
Secure Sockets Layer 1 / 99  SSL is perhaps the widest used security protocol on the Internet today.  Together with DC enables secure communication.
Announcement Final exam: Wed, June 9, 9:30-11:18 Scope: materials after RSA (but you need to know RSA) Open books, open notes. Calculators allowed. 1.
SSL and https for Secure Web Communication CSCI 5857: Encoding and Encryption.
Secure Socket Layer (SSL)
SSL / TLS in ITDS Arun Vishwanathan 23 rd Dec 2003.
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
Cryptography and Network Security (CS435) Part Fourteen (Web Security)
Web Security : Secure Socket Layer Secure Electronic Transaction.
December 2008Prof. Reuven Aviv, SSL1 Web Security with SSL Network Security Prof. Reuven Aviv King Mongkut’s University of Technology Faculty of information.
Web Security Network Systems Security
8-1 Chapter 8 Security Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012 part 3: Securing TCP.
SSL (TLS) Part 2 Generating the Premaster and Master Secrets + Encryption.
SMUCSE 5349/7349 SSL/TLS. SMUCSE 5349/7349 Layers of Security.
1 SSL/TLS. 2 Web security Security requirements Secrecy to prevent eavesdroppers to learn sensitive information Entity authentication Message authentication.
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
8-1 CSE 4707/5850 Network Security (2) SSL/TLS. 8-2 Think about Google or YouTube  Desired properties  Indeed the other side is Google or YouTube server.
Secure Socket Layer Protocol Dr. John P. Abraham Professor, UTRGV.
@Yuan Xue CS 285 Network Security Secure Socket Layer Yuan Xue Fall 2013.
Cryptography CSS 329 Lecture 13:SSL.
Page 1 of 17 M. Ufuk Caglayan, CmpE 476 Spring 2000, SSL and SET Notes, March 29, 2000 CmpE 476 Spring 2000 Notes on SSL and SET Dr. M. Ufuk Caglayan Department.
Apr 1, 2003Mårten Trolin1 Previous lecture Certificates and key management Non-interactive protocols –PGP SSL/TLS –Introduction –Phases –Commands.
TLS/SSL Protocol Presented by: Vivek Nelamangala Includes slides presented by Miao Zhang on April Course: CISC856 - TCP/IP and Upper Layer Protocols.
Network security Presentation AFZAAL AHMAD ABDUL RAZAQ AHMAD SHAKIR MUHAMMD ADNAN WEB SECURITY, THREADS & SSL.
The Secure Sockets Layer (SSL) Protocol
IT443 – Network Security Administration Instructor: Bo Sheng
Network Security Gene Itkis
Cryptography and Network Security
Secure Sockets Layer (SSL)
CSCE 715: Network Systems Security
CSE 4095 Transport Layer Security TLS, Part II
Cryptography and Network Security
CS 465 TLS Last Updated: Oct 31, 2017.
Lecture 8: Transport Level Security – SSL/TLS
Security at the Transport Layer: SSL and TLS
SSL Protocol Figures used in the presentation
The Secure Sockets Layer (SSL) Protocol
Transport Layer Security (TLS)
Presentation transcript:

SSL/TLS Protocol Network Security Gene Itkis

Basic paradigmatic application: on-line purchase Client contacts Server (possibly for the first time) Spontaneity Client conveys secret info to Server Confidentiality Whos on the other side? Server Authentication – required Client authentication – optional You do not want to know about security Transparency Allows other protocols to work over SSL/TLS

Design Goals Confidentiality Authentication Server – required Client – optional Spontaneity Transparency Message Integrity Expandability Fix problems of v.2 SSL v.2 SSL v.3

Protocol parts Handshake Authenticated Key Establishment Data transfer Encryption Integrity (Message Authentication)

Handshake protocol outline CS ClientHello ServerHello ClientHello : Version Cipher Suit s Random ServerHello : Version Cipher Suit Session ID Random Certificate + Done Certificate : Subject Issuer (CA) Signed PK RSA ClientKE Data transfer Keys computed ClientKeyExchange : Pre-Master Key encrypted w/PK Attacks Attacks : force weak cipher suit replay: e.g., cause multiple payments Remedy : Random in Hello Check under protection: Finished msgs finished

Finished & ChangeCipherSpec Data transfer Keys computed finished ClientKE ChangeCipherSpec keys computed ClientFinished ChangeCipherSpec ServerFinished Finished: HASH ( all Handshake msgs) : …

Handshake protocol outline CS ClientHello ServerHello ClientHello : Version Cipher Suit s Random ServerHello : Version Cipher Suit Session ID Random Certificate Certificate : Subject Issuer (CA) Signed PK DH ClientKE ClientKeyExchange : DH message ServerKE ServerKE + Done ServerKeyExchange ServerKeyExchange : DH message, signed to be verified w/ PK

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.