Presentation is loading. Please wait.

Presentation is loading. Please wait.

SSL with New Client Authentication Takuya Yahagi, S1090215 University of Aizu Performance Evaluation Lab.

Published bySilvester Moore Modified over 8 years ago

Similar presentations

Presentation on theme: "SSL with New Client Authentication Takuya Yahagi, S1090215 University of Aizu Performance Evaluation Lab."— Presentation transcript:

1 SSL with New Client Authentication Takuya Yahagi, S1090215 University of Aizu Performance Evaluation Lab.

2 Purpose To evaluate performance of SSL with client authentication with waiting time and probability of finding malicious user point of view.

3 Spoofing Uses other ’ s or non-existent mail address to send phishing mail, spam and some kind of virus mail. Sender ID (1) Problem  If IP address is also forged, Sender ID can ’ t prevent spoofing. SenderReceiverDNS Domain(2) IP address(3)

4 SSL Client hello(1) Random value Used to create common key Cryptography algorithms list Server hello(2) Random value Used to create common key Selected algorithm Server certificate(2) Public key Server hello done(2) Client key exchange(3) Premaster secret Used to create common key Change cipher spec(3),(4) Signal of encryption Finished(3),(4)  Problem There is no client authentication. Client hello (1) Client certificate Server hello Server certificate(2) Server hello done Client key exchange Change cipher spec Finished (3) Change cipher spec Finished (4) ServerClient

5 Feige-Fiat-Shammir Identification Protocol Prove identity via demonstration of knowledge of secret without revealing even a single bit of secret. Malicious person, Mallory has 50% chance of passing this trial without secret number by guessing that Bob will send c = 0 or 1. AliceBob w c r

6 Waiting time of SSL and SSL with authentication Waiting time of SSL Waiting time of SSL with authentication S1S2S3 C1C2 S4S5 C3C4C5 W2 W1W3W4 W5 C: Client W: Waiting time of SSL S: Service time of SSL S1S3 A1A2M1A3A4 W2 W1W3W4 W5 A: Alice M: Mallory W: Waiting time of SSL with authentication S: Service time of SSL with authentication S2S4S5

7 Waiting Time of SSL Expectation of number of SSL clients:

8 Waiting Time of SSL with Authentication(1) Expectation value and variance of Mallory ’ s number of trials: Expectation value and variance of Alice ’ s number of trials: Expectation value and variance of Mallory ’ s and Alice ’ s service time of SSL with authentication:

9 Waiting Time of SSL with Authentication(2) Expectation of number of SSL with authentication clients: Expectation value of waiting time of SSL with authentication:

10 Waiting Time 102030405060 l 0.2 0.4 0.6 0.8 1 Waiting time n = 20 n = 15 n = 5 No auth

11 Probability of Miss 5101520 n 0.02 0.04 0.06 0.08 p(n) Probability of missing Mallory in n trials:

12 Conclusion and Future Works Using the feature of this authentication, client can prove identity more securely. This method is solution to IP address spoofing. However, service time of authentication and probability of Mallory is not accurate value.

Download ppt "SSL with New Client Authentication Takuya Yahagi, S1090215 University of Aizu Performance Evaluation Lab."

Similar presentations

Key distribution and certification In the case of public key encryption model the authenticity of the public key of each partner in the communication must.

Key distribution and certification In the case of public key encryption model the authenticity of the public key of each partner in the communication must.
Z39.50 and Cryptography ZIG July 13 th 2000 Poul Henrik Jørgensen, DBC

Z39.50 and Cryptography ZIG July 13 th 2000 Poul Henrik Jørgensen, DBC
Web security: SSL and TLS

Web security: SSL and TLS
Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.

Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.
1 Lecture 17: SSL/TLS history, architecture basic handshake session initiation/resumption key computation negotiating cipher suites application: SET.

1 Lecture 17: SSL/TLS history, architecture basic handshake session initiation/resumption key computation negotiating cipher suites application: SET.
CS470, A.SelcukSSL/TLS & SET1 CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.

CS470, A.SelcukSSL/TLS & SET1 CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.
TLS. 14.1 Introduction 14.2 TLS Record Protocol 14.3 TLS Handshake Protocol 14.4 Summary.

TLS Introduction 14.2 TLS Record Protocol 14.3 TLS Handshake Protocol 14.4 Summary.
SMUCSE 5349/49 SSL/TLS. SMUCSE 5349/7349 Layers of Security.

SMUCSE 5349/49 SSL/TLS. SMUCSE 5349/7349 Layers of Security.
Secure Socket Layer.

Secure Socket Layer.
J. Wang. Computer Network Security Theory and Practice. Springer 2009 Chapter 5 Network Security Protocols in Practice Part II.

J. Wang. Computer Network Security Theory and Practice. Springer 2009 Chapter 5 Network Security Protocols in Practice Part II.
Working Connection Computer and Network Security - SSL, IPsec, Firewalls – (Chapter 17, 18, 19, and 23)

Working Connection Computer and Network Security - SSL, IPsec, Firewalls – (Chapter 17, 18, 19, and 23)
Hands-On Ethical Hacking and Network Defense Lecture 15 Man in the Middle Attack to get Passwords from HTTPS Sessions.

Hands-On Ethical Hacking and Network Defense Lecture 15 Man in the Middle Attack to get Passwords from HTTPS Sessions.
COMP043-Cryptology Week 4 – Certs and Sigs. Digital Signatures Digital signatures provide –Integrity –Authenticity and –Non-repudiation How do they work?

COMP043-Cryptology Week 4 – Certs and Sigs. Digital Signatures Digital signatures provide –Integrity –Authenticity and –Non-repudiation How do they work?
Netprog: Cryptgraphy1 Cryptography Reference: Network Security PRIVATE Communication in a PUBLIC World. by Kaufman, Perlman & Speciner.

Netprog: Cryptgraphy1 Cryptography Reference: Network Security PRIVATE Communication in a PUBLIC World. by Kaufman, Perlman & Speciner.
WEB SECURITY. WEB ATTACK TYPES Buffer OverflowsXML InjectionsSession Hijacking Attacks WEB Attack Types.

WEB SECURITY. WEB ATTACK TYPES Buffer OverflowsXML InjectionsSession Hijacking Attacks WEB Attack Types.
Class on Security Raghu. Current state of Security Cracks appear all the time Band Aid solutions Applications are not designed properly OS designs are.

Class on Security Raghu. Current state of Security Cracks appear all the time Band Aid solutions Applications are not designed properly OS designs are.
0 SSL3.0 / TLS1.0 Secure Communication over Insecure Line.

0 SSL3.0 / TLS1.0 Secure Communication over Insecure Line.
8-1 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents m sender encrypts message m receiver.

8-1 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents m sender encrypts message m receiver.
بسم الله الرحمن الرحيم NETWORK SECURITY Done By: Saad Al-Shahrani Saeed Al-Smazarkah May 2006.

بسم الله الرحمن الرحيم NETWORK SECURITY Done By: Saad Al-Shahrani Saeed Al-Smazarkah May 2006.
IEEE 802.11 Wireless Local Area Networks (WLAN’s).

IEEE Wireless Local Area Networks (WLAN’s).

Similar presentations

Ads by Google