Transport Layer Security (TLS) Protocol Introduction to networks and communications(CS555) Prof : Dr Kurt maly Student:Abhinav y

Introduction to Transport Layer Security (TLS) protocol  TLS Architecture  TLS concept of connection and session  TLS Session in detail - parameters  TLS Connection in detail - parameters  TLS Handshake  TLS Record Protocol – services offered

TLS Architecture TLS is spread across two layers. It is not a single protocol rather a set of protocols. We only discuss Handshake and record protocols

TLS Concept of Connection and Session  Connection: A connection is an agreement on exchange of data over a set of protocols and session data including keys and cipher mechanisms. Each connection is associated with only one session.  Session: Agreement between both client and server created using handshake protocol. Sessions define the agreed protocols and cryptographic security parameters during a connection.  A session can hold more than one connection thereby saving costly connection establishing operations.

TLS Session in detail - parameters  Session identifier: Unique sequence of bytes given by the server to identify each session(ongoing or resumable session)  Peer certificate: An X509.v3 certificate of the peer.  Compression method: Compression algorithm used.  Cipher spec: Encryption algorithm used( DES, etc.) and hash algorithm (such as MD5 or SHA-1) for MAC calculation.  Master secret: 48byte secret shared between server and client  Is resumable: A flag indicating whether the session can be used to initiate new connections.

TLS Connection in detail - parameters  Server and client random: Byte sequences that are chosen by the server and client for each connection.  Server write MAC secret: The secret key used in MAC operations on data sent by the server.  Client write MAC secret: The secret key used in MAC operations on data sent by the client.  Server write key: Encryption key for data encrypted by the server and decrypted by the client.  Client write key: Encryption key for data encrypted by the client and decrypted by the server.  Initialization vectors: When a block cipher in CBC mode is used, an initialization vector (IV) is maintained for each key. This field is first initialized by the SSL Handshake Protocol. Thereafter the final cipher text block from each record is preserved for use as the IV with the following record.  Sequence numbers: Each party maintains separate sequence numbers for transmitted and received messages for each connection.

TLS Handshake  Phase 1 : Establishing security capabilities  Phase 2 : Server Authentication and Key Exchange  Phase 3 : Client Authentication and Key Exchange  Phase 4 : Finish – communication cyphered

TLS Record Protocol – Services offered  Confidentiality: Shared secret key exchanged during handshake used to encrypt TLS Payloads.  Message Integrity: Shared secret key exchanged during handshake used to form the Message Authentication Code (MAC). Fragmentation MAC Computation using HMAC Encryption TLS Header attached

TLS Record header final step of record protocol  Content Type (8 bits): The higher-layer protocol used to process the enclosed fragment.  Major Version (8 bits): Indicates major version of TLS in use. The value is 3.  Minor Version (8 bits): Indicates minor version in use. The value is 1.  Compressed length (16 bits): The length in bytes of the plaintext fragment (or compressed fragment if compression is used). The maximum value is

References  us/library/cc aspx

Questions ???