1 DCS 835 – Computer Networking and the Internet Digital Certificate and SSL (rev.06-17-07) Team 1 Rasal Mowla (project leader) Alvaro Restrepo, Carlos.

Slides:

Advertisements

Similar presentations

Spring 2012: CS419 Computer Security Vinod Ganapathy SSL, etc.

Advertisements

CP3397 ECommerce.

1 Lecture 17: SSL/TLS history, architecture basic handshake session initiation/resumption key computation negotiating cipher suites application: SET.

Cryptography and Network Security

Secure Socket Layer.

SSL CS772 Fall Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.

Socket Layer Security. In this Presentation: need for web security SSL/TLS transport layer security protocols HTTPS secure shell (SSH)

Internet Security Protocols

Working Connection Computer and Network Security - SSL, IPsec, Firewalls – (Chapter 17, 18, 19, and 23)

7-1 Chapter 7 – Web Security Use your mentality Wake up to reality —From the song, "I've Got You under My Skin“ by Cole Porter.

An Introduction to Secure Sockets Layer (SSL). Overview Types of encryption SSL History Design Goals Protocol Problems Competing Technologies.

Module 5: TLS and SSL 1. Overview Transport Layer Security Overview Secure Socket Layer Overview SSL Termination SSL in the Hosted Environment Load Balanced.

SSL : An Overview Bruhadeshwar Bezawada International Institute of Information Technology, Hyderabad.

Transport Layer Security (TLS) Protocol Introduction to networks and communications(CS555) Prof : Dr Kurt maly Student:Abhinav y.

Lori Fitterling LI843 SSL Secured Sockets Layer. What is Secure Sockets Layer (SSL)? It is protection of data transferred over the Internet using encryption.

BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.

SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.

Cryptography and Network Security Chapter 17

CSCE 790: Computer Network Security Chin-Tser Huang University of South Carolina.

EECC694 - Shaaban #1 lec #16 Spring Properties of Secure Network Communication Secrecy: Only the sender and intended receiver should be able.

Chapter 8 Web Security.

Digital Certificates Public Key Deception Digital Certificates Certificate Authorities Public Key Infrastructures (PKIs)

Lecture 12 Electronic Business (MGT-485). Recap – Lecture 11 E-Commerce Security Environment Security Threats in E-commerce Technology Solutions.

Chapter 14 Encryption: A Matter Of Trust. Awad –Electronic Commerce 2/e © 2004 Pearson Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic.

SSL and https for Secure Web Communication CSCI 5857: Encoding and Encryption.

Secure Socket Layer (SSL)

SSL / TLS in ITDS Arun Vishwanathan 23 rd Dec 2003.

E-Commerce Security Technologies : Theft of credit card numbers Denial of service attacks (System not availability ) Consumer privacy (Confidentiality.

Electronic Payments E-payment methods –Credit cards –Electronic funds transfer (EFT) –E-payments Smart cards Digital cash and script Digital checks E-billing.

Cryptography and Network Security (CS435) Part Fourteen (Web Security)

Certificate-Based Operations. Module Objectives By the end of this module participants will be able to: Define how cryptography is used to secure information.

Web Security : Secure Socket Layer Secure Electronic Transaction.

Cryptography and Network Security (SSL)

Digital Envelopes, Secure Socket Layer and Digital Certificates By: Anthony and James.

1 SSL - Secure Sockets Layer The Internet Engineering Task Force (IETF) standard called Transport Layer Security (TLS) is based on SSL.

SARVAJANIK COLLEGE OF ENGINEERING & TECHNOLOGY. Secure Sockets Layer (SSL) Protocol Presented By Shivangi Modi Presented By Shivangi ModiCo-M(Shift-1)En.No

SMUCSE 5349/7349 SSL/TLS. SMUCSE 5349/7349 Layers of Security.

Web Security Web now widely used by business, government, individuals but Internet & Web are vulnerable have a variety of threats – integrity – confidentiality.

Network and Internet Security Prepared by Dr. Lamiaa Elshenawy

Encryption protocols Monil Adhikari. What is SSL / TLS? Transport Layer Security protocol, ver 1.0 De facto standard for Internet security “The primary.

1 Chapter 7 WEB Security. 2 Outline Web Security Considerations Secure Socket Layer (SSL) and Transport Layer Security (TLS) Secure Electronic Transaction.

INFORMATION SECURITY MANAGEMENT P ROTECTION M ECHANISMS - C RYPTOGRAPHY.

Lecture 6 (Chapter 16,17,18) Network and Internet Security Prepared by Dr. Lamiaa M. Elshenawy 1.

Secure Socket Layer Protocol Dr. John P. Abraham Professor, UTRGV.

@Yuan Xue CS 285 Network Security Secure Socket Layer Yuan Xue Fall 2013.

Cryptography CSS 329 Lecture 13:SSL.

Page 1 of 17 M. Ufuk Caglayan, CmpE 476 Spring 2000, SSL and SET Notes, March 29, 2000 CmpE 476 Spring 2000 Notes on SSL and SET Dr. M. Ufuk Caglayan Department.

Henric Johnson1 Chapter 7 WEB Security Henric Johnson Blekinge Institute of Technology, Sweden

PRESENTATION ON SECURE SOCKET LAYER (SSL) BY: ARZOO THAKUR M.E. C.S.E (REGULAR) BATCH

The Secure Sockets Layer (SSL) Protocol

Cryptography and Network Security

Secure Sockets Layer (SSL)

UNIT.4 IP Security.

Visit for more Learning Resources

Cryptography and Network Security

Cryptography and Network Security

The Secure Sockets Layer (SSL) Protocol

Unit 8 Network Security.

Cryptography and Network Security

Presentation transcript:

1 DCS 835 – Computer Networking and the Internet Digital Certificate and SSL (rev ) Team 1 Rasal Mowla (project leader) Alvaro Restrepo, Carlos Thomas Kevin Gravesande, Scott Weaver

2 Agenda  Digital Certificate  Digital Certificate Example  SSL  SSL Example  Protocol Overview  Why SSL is Secure  SSL Versions  Conclusion

3 What is a Digital Certificate Digital Certificate prove your identity or your right to access information or services online. They bind an identity to a pair of electronic keys that can be used to encrypt and sign digital information. A Digital Certificate is issued by a Certification Authority (CA) and signed with the CA's private key. A Digital Certificate typically contains the: Owner's public key Owner's name Expiration date of the public key Name of the issuer (the CA that issued the Digital Certificate) Serial number of the Digital Certificate

4 Example of Digital Certificate From: Staples.com

5 Digital Certificates What are Digital Certificates used for? Digital Certificates are used in , e-commerce, groupware and electronic funds transfers, code signing, VPNs, and SSL (security and encryption). Why do I need a Digital Certificate? Digital certificates provide with security and privacy for transacting online transactions. How do I use Digital Certificates? Digital certificates can be used in conjunction with digital signatures to provide authenticity. Furthermore, they provide verification of identity for secure server access.

6 Reference:

7 Digital Certificates and SSL What is SSL and what is it used for? Secure Sockets Layer (SSL) protects the data transferred using encryption enabled by a SSL server’s certificate. Browser address directs to a secured domain, SSL handshake authenticates the server and client and establishes an encryption method and a unique session key. Encryption is done by a public key and a private key deciphers it. Why do I need a SSL? Provides a secure medium of communication between a client and server via encryption.

8 SSL (Introduction) Reliable commutation on the Internet SSL Main Goal: –Cryptography security –Reliability –Interoperability –Extensibility –Relative efficiency Chiper Used with SSL

9 Uses of SSL 1.An organization, which wants to supply Internet privacy communication between it and its clients, may use the SSL protocol. 2.Bank-Systems are using this protocol to allow their clients to view their confidential accounts’ data on their own browser and to make their account orders from home. 3.The same idea is applied in academic organizations. Students can view safely personal information on the web, such as course grades. 4.Most electronic commerce (i.e. the sharing of personal details and credit card numbers) through the net is protected under SSL.

10 SSL Example

11 SSL Example

12 SSL (Protocol Overview) SSL is a Layered protocol. The SSL Protocol Stack

13 SSL (Protocol Overview) cont. SSL Handshake protocol –Establishes a secure session –Structure: · Type: SSL handshake message type. · Length: Length (in bytes) of the message. · Content: Parameters additional to the message.

14 SSL (Protocol Overview) cont. SSL Handshake protocol

15 SSL (Protocol Overview) cont. SSL Change Chiper Spec protocol –Used at the last stage of SSL Handshake in order parties to move from their pending state to their current state. –This message has one byte with content of “1” and is encrypted and compressed under the current CipherSpec.

16 SSL (Protocol Overview) cont. SSL Alert protocol –Responsible for error –Two levels of alert fatal alert warning alert · Level: Indicates a fatal or warning alert. · Alert: Indicates the specific alert.

17 SSL (Protocol Overview) cont. SSL Record protocol –Data is encapsulated into an object called record –Record consist of Header – 5 bytes long Data – portion undergoes 4 stages: Fragmentation, Compression (optional), Applying MAC, and Encryption

18 Why use SSL? Preventing Identity Fraud Preventing Garbling Attacks Preventing Replaying Messages Preventing Cut and Paste Attacks Preventing Cipher Suite rollback attacks Preventing Version rollback attacks Preventing Dictionary attacks Traffic attacks Short-block attacks

19 SSL versions SSL v2.0 SSL v3.0 TLS

20 References Digital Certificates Verising, “Digital Certificates” Verising is one the key and innovative Certificate Authority companies on the web. The Open–source PKI Book: A guide to PKIs and Open–source Implementations. Sample CA Certificate in TXT format Website provided sample text image of a digital certificate. SSL