Presented By: Atish Baul Module: CSYM020, Internet Security Course: MSc Internet Computing.
34
Presented By: Atish Baul Module: CSYM020, Internet Security Course: MSc Internet Computing
-
Upload
sybil-ellis -
Category
Documents
-
view
217 -
download
1
Transcript of Presented By: Atish Baul Module: CSYM020, Internet Security Course: MSc Internet Computing.
Presented By:
Atish BaulModule: CSYM020, Internet SecurityCourse: MSc Internet Computing
Contents
1. Introduction2. SSL Architecture3. Analysis of an SSL Session4. Applications of SSL5. Implementation of SSL6. Winning Features7. References
2
1. Introduction
What are SSL and TLS
3
Secure Socket Layer (SSL) and it's successor Transport Layer Security (TLS) are cryptographic protocols meant for secure data transmission across the internet.
Prevent eavesdropping, tampering and message forgery within the transport framework.
Provides endpoint authentication and communications privacy.
Used for web browsing, email, instant messaging, etc. Multitude of uses, as we shall see later.
Used for both– Client-to-server communication – Server to server communication
1. Introduction
Typically, only the server is authenticated, client remains un-authenticated.
Sometimes both parties are authenticated. This is called "Mutual Authentication“.
Manner of Usage
4
1. Introduction
Developed by Netscape as SSL 1.0 in 1996 for use with HTTP only, to secure communications between browser and client.
SSL has been endorsed by leading financial institutions (e.g. Visa, Master Card, etc) for commerce over the internet.
Still being updated and maintained by Netscape as SSL 2.0 and SSL 3.0, with endorsement from IETF and leading commercial bodies.
SSL 3.0 was used as basis for TLS 1.0 in 1999, an IETF standard protocol.
Specifications for TLS 1.1 were released in April 2006. It is a minor upgrade to TLS 1.0
SSL continues to be used alongside TLS, due to widespread support and legacy implementation .
History of SSL, TLS
5
1. Introduction
SSL and TLS - Twin brothers.
Both protocols are so similar we can refer to them as one name, e.g.. SSL/TLS only.
They are similar, but they are not interchangeable.
Important difference is that TLS 1.0 applies a Keyed-Hashing for Message Authentication Code (HMAC) algorithm, whereas SSL 3.0 applies the Message Authentication Code (MAC) algorithm for authenticating messages.
Pair of Twins
6
1. Introduction
SSL 1.0 has been deprecated.
SSL 2.0 (Mainly Legacy support).
SSL 3.0 (Current, being replaced by TLS for new projects).
TLS 1.0 (Current).
TLS 1.1 (Newly Introduced, not widely supported).
Prevalent Versions
7
2. Architecture
2. SSL ARCHITECHTURE
8
2. Architecture
SSL/TLS Protocol Stack
9
ISO Open Systems
Interconnect model
SSL runs beneath application layers.
E.g. HTTP, FTP, SMTP etc
SSL runs above transport
protocols such as TCP.
2. Architecture
SSL/TLS can be used with any application based over TCP.
It’s applications are endless!
10
3. Analysis of SSL/TLS Session
3. Analysis of an SSL/TLS Session
11
3. Analysis of SSL/TLS Session
1. Peer negotiation for algorithm support The two communicating parties negotiate a suitable cryptographic algorithm
which they both support. The most secure algorithm supported by both parties is chosen.
2. Public Key Encryption based key exchange, and Certificate based authentication. E.g. RSA, Diffie-Hellman, DSA, etc.
3. Symmetric cipher-based traffic encryption. E.g. RC2, RC4, DES, 3DES, etc.
Three Basic Phases
12
3. Analysis of SSL/TLS Session
Lifecycle of an SSL/TLS Session(Server only Authentication)
13
3. Analysis of SSL/TLS Session
An SSL session is basically an exchange of records of different types.
Each record may be compressed, encrypted and signed with a Message Authentication Code (MAC).
Each record has a content_type field that specifies which protocol is being used.
Some SSL protocols and their Content_type• 20 : ChangeCipherSpec• 21 : Alert• 22 : Handshake Protocol. • 22 : Record Layer Protocol. • 23 : Application protocol.
Simplistic Description
14
4. Applications of SSL/TLS
Applications of SSL/TLS
15
4. Applications of SSL/TLS
Securing HTTP connections , also referred to as HTTPS.
Identified by HTTPS:// prefix to the URL (within the address bar).
Is also indicated by padlock symbol at the status bar of a browser.
Implemented by installing an SSL certificate at the server.
Secure connection over - HTTPS
16
4. Applications of SSL/TLS
SSL is not just for the web, it is a suite of cryptographic protocols meant to be used in various ways.
Thus, HTTPS is different from just SSL.
Other ways SSL is commonly implemented in Client-Server mode:– File Transfer Protocol Secure (FTPS)– SSL over Database connections to SQL Server, Oracle, etc.– Secure email.
Peer-to-peer or Server-to-Server (mutual authentication ) uses:– Secure Web services– Semantic Web– Virtual Private Network– Session Initiation Protocol (SIP) applications such as Internet Telephony using
VoIP.
17
Secure connection over - HTTPS
4. Applications of SSL/TLS
Default Outlook express port configuration:
Outlook express configured to use SSL (With Gmail POP3/SMTP settings):
Example – SSL over POP3/SMTP
18
4. Applications of SSL/TLS
SSL also has a place within the proposed Semantic Web.
19
The trust architecture is based around
SSL/TLS.
5. Implementation
Implementation of SSL
20
5. Implementation
On the server, a Certificate Signing Request (CSR) is generated. This creates two cryptographic keys:– Public Key : used to encrypt message to the server. This is sent to the
Certificate Authority (CA) and gets downloaded by browser clients. It is then used to encrypt message to server.
– Private Key : Stored on server, used to decrypt secure messages encrypted using the public key.
This CSR is then submitted to a relevant CA, along with relevant legal organisational details– E.g. Thawte, Verisign, GoDaddy.
CA verifies that details provided by organisation are correct, and issues a certificate file.
This file is copied and installed on the server, and it is ready to accept secure connections.
SSL certificate on Server
21
5. Implementation
SSL mechanisms need to be enabled within the web server.– E.g. Apache, Internet Information Server.
Apache web server has ‘modules’ that implement SSL:– OpenSSL– ModSSL– Apache-SSL
Enabling SSL within Web Server
22
5. Implementation
A typical browser come pre-installed with a list of Certificate Authorities
SSL on client (Browser)
23
Mozilla Firefox
5. Implementation
Browsers support a variety of SSL/TLS versions:
Support for SSL/TLS versions
24
Mozilla Firefox
5. Implementation
Browser can download and display (when asked) complete certificate details of the server:
Certificate Details
25
Mozilla Firefox displaying
Gmail’s SSL Certificate
5. Implementation
The browser will connect to relevant CA and verify a number of details, and perform separate checks. It will usually issue warnings explaining the severity of discrepancies, if any:
Security Checks by Client
26
Mozilla Firefox detects
inconsistencies with
Gmail.com’s SSL certificate.
6. Winning Features
Winning Features of SSL/TLS
27
6. Winning Features
Integrity– No one tampers with the contents during transport. E.g. Man-in-the-middle
attacks.
Privacy– Prevent eavesdropping by encrypting messages.
Authentication– Verify remote party’s identity.– YOU ARE who you say YOU ARE.
Non-repudiation– Digital signature prove that a message was actually sent by a party.
Prime Features
28
6. Winning Features
Asymmetric Public-Private key structure alleviates need for special setup for each session.
Depends on Public Key Infrastructure (PKI) implemented via Certificate Authorities (CA).
Conventions followed by manufacturers to pre-set software and appliances with globally agreed data.
No setup per session or machine!
29
6. Winning Features
Uses X.509 certificate
OpenPGP certificates have been proposed for inclusion.
Certificates
30
6. Winning Features
Previously limited to 40-bit symmetric keys by US govt restrictions
Now, 56-bit, 128-bit, 256-bit keys are commercially available, very easily.
2048-bit and 4096-bit keys are also supported by some products.
SSL/TLS itself does not restrict key size, but products and technologies on place have their own restrictions.
Large key sizes
31
6. Winning Features
Cryptographic Algorithms can be rendered obsolete.
Extensible and upgradeable structure ensures latest and strongest cryptographic algorithms are used always.
Current supports includes– RSA, Diffie-Hellman, DSA (for Public Key cryptography).– RC2, RC4, IDEA, DES, 3DES (for Symmetric Ciphers).– MD2, MD4, MD5, SHA (One Way hash functions).
…. And more will come.
Future-Proofing
32
References
• Thawte (2006). Securing your Online Data Transfer with SSL - A guide to understanding SSL Certificates [online].Available from: http://www.thawte.com/ssl-digital-certificates/free-guides-whitepapers/ [Accessed 2 April 2007]
• IETF (2006). RFC 4346 The Transport Layer Security (TLS) Protocol Version 1.1.
• Bussler, C. et al (2002) A conceptual architecture for Semantic Web Enabled Services. Special section on semantic web and data management. [Pages 24 – 29].
• Thawte (2006). Enrolment guide for thawte SSL Web Server Certificates and SGC Supercerts [online].Available from: http://www.thawte.com/ssl-digital-certificates/free-guides-whitepapers/ [April 2, 2007]
• Wikipedia (2007a). Transport Layer Security [online]. Available from: http://en.wikipedia.org/wiki/Transport_Layer_Security [April 02, 2007]
• Wikipedia (2007b). Semantic Web [online].Available from: http://en.wikipedia.org/wiki/Semantic_web [Jan 2, 2007]
• Minai, A. (2007) Internet Security, Msc Internet Computing, CSYM020. University of Northampton, 2007.
33
Thank you!
34
