Presentation is loading. Please wait.

Presentation is loading. Please wait.

© 2004, The Technology Firm WWW.THETECHFIRM.COM SSL Packet Decodes From Wikipedia, the free encyclopedia.  Secure Sockets Layer (SSL) is a cryptographic.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "© 2004, The Technology Firm WWW.THETECHFIRM.COM SSL Packet Decodes From Wikipedia, the free encyclopedia.  Secure Sockets Layer (SSL) is a cryptographic."— Presentation transcript:

1 © 2004, The Technology Firm WWW.THETECHFIRM.COM SSL Packet Decodes From Wikipedia, the free encyclopedia.  Secure Sockets Layer (SSL) is a cryptographic protocol to provide secure communications on the Internet. These protocols provide endpoint authentication and communications privacy over the Internet using cryptography. In typical use, only the server is authenticated (i.e. its identity is ensured) while the client remains unauthenticated; mutual authentication requires PKI deployment to clients. The protocols allow client/server applications to communicate in a way designed to prevent eavesdropping, tampering, and message forgery.  Jointly developed by Netscape and Microsoft, SSL version 3.0 was released in 1996, which later served as a basis to develop Transport Layer Security (TLS), an IETF standard protocol. The first definition of TLS appeared in RFC 2246: "The TLS Protocol Version 1.0". Visa, MasterCard, American Express and many leading financial institutions have endorsed TLS for commerce over the internet.  The SSL and TLS protocols run on layers beneath application protocols such as HTTP, SMTP and NNTP and above the TCP transport protocol, which forms part of the TCP/IP protocol suite. While both SSL and TLS can add security to any protocol that uses TCP, they occur most commonly used in the HTTPS access method. HTTPS serves to secure World Wide Web pages for applications such as Electronic commerce. Both the SSL and the TLS protocols use public key cryptography and public key certificates to verify the identity of endpoints.  Like SSL (which provided its base), the TLS protocol operates in modular fashion: its authors designed it for extendability, with support for forwards and backwards compatibility and negotiation between peers.  Both TLS and SSL involve a number of basic phases:  * Peer negotiation for algorithm support  * Public-key encryption-based key exchange and certificate-based authentication  * Symmetric cipher-based traffic encryption  Some early implementations of SSL could use a maximum of only 40-bit symmetric keys because of US government restrictions on the export of cryptographic technology. That government explicitly imposed a 40-bit keyspace as small enough for breaking by brute force search by law enforcement agencies wishing to read the encrypted traffic, while still presenting obstacles to less-well-funded attackers. A similar limitation applied to Lotus Software's 'Notes' product in export versions. After a several years of public controversy, a series of lawsuits, and eventual US government recognition of changes in the market availability of 'better' cryptographic products (within and without the US), the authorities relaxed some aspects of the export restrictions. The 40-bit key size limitation has mostly gone away. Modern implementations use 128-bit (or longer) keys for symmetric key ciphers.

2 © 2004, The Technology Firm WWW.THETECHFIRM.COM SSL Related RFC’s From Wikipedia, the free encyclopedia.  Other RFCs subsequently extended TLS, including:  * RFC 2712: "Addition of Kerberos Cipher Suites to Transport Layer Security (TLS)". The 40-bit ciphersuites defined in this memo appear only for the purpose of documenting the fact that those ciphersuite codes have already been assigned.  * RFC 2817: "Upgrading to TLS Within HTTP/1.1", explains how to use the Upgrade mechanism in HTTP/1.1 to initiate Transport Layer Security (TLS) over an existing TCP connection. This allows unsecured and secured HTTP traffic to share the same well known port (in this case, http: at 80 rather than https: at 443).  * RFC 2818: "HTTP Over TLS", distinguishes secured traffic from insecure traffic by the use of a different 'server port'.  * RFC 3268: "AES Ciphersuites for TLS". Adds Advanced Encryption Standard (AES) ciphersuites to the previously existing symmetric ciphers, like RC2, RC4, International Data Encryption Algorithm (IDEA), Data Encryption Standard (DES), and Triple DES.  While an increasing number of client and server products can support TLS or SSL natively, many still do not. In these cases, a user may wish to use standalone SSL products like Stunnel to provide SSL encryption.

3 © 2004, The Technology Firm WWW.THETECHFIRM.COM NAI Sniffer Pro v 4.70.553

4 © 2004, The Technology Firm WWW.THETECHFIRM.COM Ethereal v 0.10.6

5 © 2004, The Technology Firm WWW.THETECHFIRM.COM Fluke Optiview Protocol Expert v 6.1.0.13167.0

6 © 2004, The Technology Firm WWW.THETECHFIRM.COM Wildpackets Etherpeek NX v 3.0.1

7 © 2004, The Technology Firm WWW.THETECHFIRM.COM info@thetechfirm.com SSH Protocol

8 © 2004, The Technology Firm WWW.THETECHFIRM.COM NAI Sniffer Pro v 4.70.553 Server Protocol Client Protocol

9 © 2004, The Technology Firm WWW.THETECHFIRM.COM Ethereal v 0.10.6 Server Protocol Client Protocol

10 © 2004, The Technology Firm WWW.THETECHFIRM.COM Fluke Optiview Protocol Expert v 6.1.0.13167.0 Server Protocol Client Protocol

11 © 2004, The Technology Firm WWW.THETECHFIRM.COM Wildpackets Etherpeek NX v 3.0.1 Server Protocol Client Protocol

12 © 2004, The Technology Firm WWW.THETECHFIRM.COM info@thetechfirm.com SSH Key Exchange

13 © 2004, The Technology Firm WWW.THETECHFIRM.COM NAI Sniffer Pro v 4.70.553 Server Client

14 © 2004, The Technology Firm WWW.THETECHFIRM.COM Ethereal v 0.10.6 Server Client

15 © 2004, The Technology Firm WWW.THETECHFIRM.COM Fluke Optiview Protocol Expert v 6.1.0.13167.0 Server Client

16 © 2004, The Technology Firm WWW.THETECHFIRM.COM Wildpackets Etherpeek NX v 3.0.1 Server Client

Download ppt "© 2004, The Technology Firm WWW.THETECHFIRM.COM SSL Packet Decodes From Wikipedia, the free encyclopedia.  Secure Sockets Layer (SSL) is a cryptographic."

Similar presentations

Cryptography and Network Security Chapter 16

Cryptography and Network Security Chapter 16
1 Lecture 17: SSL/TLS history, architecture basic handshake session initiation/resumption key computation negotiating cipher suites application: SET.

1 Lecture 17: SSL/TLS history, architecture basic handshake session initiation/resumption key computation negotiating cipher suites application: SET.
TLS. 14.1 Introduction 14.2 TLS Record Protocol 14.3 TLS Handshake Protocol 14.4 Summary.

TLS Introduction 14.2 TLS Record Protocol 14.3 TLS Handshake Protocol 14.4 Summary.
Cryptography and Network Security

Cryptography and Network Security
SSL CS772 Fall 2011. Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.

SSL CS772 Fall Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.
Socket Layer Security. In this Presentation: need for web security SSL/TLS transport layer security protocols HTTPS secure shell (SSH)

Socket Layer Security. In this Presentation: need for web security SSL/TLS transport layer security protocols HTTPS secure shell (SSH)
7-1 Chapter 7 – Web Security Use your mentality Wake up to reality —From the song, I've Got You under My Skin“ by Cole Porter.

7-1 Chapter 7 – Web Security Use your mentality Wake up to reality —From the song, "I've Got You under My Skin“ by Cole Porter.
An Introduction to Secure Sockets Layer (SSL). Overview Types of encryption SSL History Design Goals Protocol Problems Competing Technologies.

An Introduction to Secure Sockets Layer (SSL). Overview Types of encryption SSL History Design Goals Protocol Problems Competing Technologies.
Module 5: TLS and SSL 1. Overview Transport Layer Security Overview Secure Socket Layer Overview SSL Termination SSL in the Hosted Environment Load Balanced.

Module 5: TLS and SSL 1. Overview Transport Layer Security Overview Secure Socket Layer Overview SSL Termination SSL in the Hosted Environment Load Balanced.
Chapter 7 Web Security MSc. NGUYEN CAO DAT Dr. TRAN VAN HOAI.

Chapter 7 Web Security MSc. NGUYEN CAO DAT Dr. TRAN VAN HOAI.
Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.

Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.
CSE 461 Section. “Transport Layer Security” protocol Standard protocol for encrypting Internet traffic Previously known as SSL (Secure Sockets Layer),

CSE 461 Section. “Transport Layer Security” protocol Standard protocol for encrypting Internet traffic Previously known as SSL (Secure Sockets Layer),
ITA, 2.11.2011, 8-TLS.pptx 1 Internet Security 1 (IntSi1) Prof. Dr. Andreas Steffen Institute for Internet Technologies and Applications (ITA) 8 Transport.

ITA, , 8-TLS.pptx 1 Internet Security 1 (IntSi1) Prof. Dr. Andreas Steffen Institute for Internet Technologies and Applications (ITA) 8 Transport.
BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.

BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.
1 Secure HTTP Herng-Yow Chen. 2 Outline When digest authentication is not strong enough? How a more complicated technology secures HTTP transactions from.

1 Secure HTTP Herng-Yow Chen. 2 Outline When digest authentication is not strong enough? How a more complicated technology secures HTTP transactions from.
Principles of Information Security, 2nd edition1 Cryptography.

Principles of Information Security, 2nd edition1 Cryptography.
Cryptography and Network Security Chapter 17

Cryptography and Network Security Chapter 17
CSCE 790: Computer Network Security Chin-Tser Huang University of South Carolina.

CSCE 790: Computer Network Security Chin-Tser Huang University of South Carolina.
SSL By: Anthony Harris & Adam Shkoler. What is SSL? SSL stands for Secure Sockets Layer SSL is a cryptographic protocol which provides secure communications.

SSL By: Anthony Harris & Adam Shkoler. What is SSL? SSL stands for Secure Sockets Layer SSL is a cryptographic protocol which provides secure communications.
Topic 11: Key Distribution and Agreement 1 Information Security CS 526 Topic 11: Key Distribution & Agreement, Secure Communication.

Topic 11: Key Distribution and Agreement 1 Information Security CS 526 Topic 11: Key Distribution & Agreement, Secure Communication.

Similar presentations

Ads by Google