160 likes | 264 Views
PIS : Unit IV SSL-TSL. Sanjay Rawat Sanjay_r@vnrvjiet.in. Based on the slides of Lawrie Brown, together with the book “Cryptography and Network Security” by William Stalling. Security at layers. SSL (Secure Socket Layer). transport layer security service
E N D
PIS: Unit IVSSL-TSL Sanjay Rawat Sanjay_r@vnrvjiet.in Based on the slides of Lawrie Brown, together with the book “Cryptography and Network Security” by William Stalling. PIS Unit 4 SSL-TSL Sanjay Rawat
Security at layers PIS Unit 4 SSL-TSL Sanjay Rawat
SSL (Secure Socket Layer) • transport layer security service • originally developed by Netscape • version 3 designed with public input • subsequently became Internet standard known as TLS (Transport Layer Security) • uses TCP to provide a reliable end-to-end service • SSL has two layers of protocols • L1: SSL Record Protocol • L2: Handshake, change cipher, alert PIS Unit 4 SSL-TSL Sanjay Rawat
SSL Architecture PIS Unit 4 SSL-TSL Sanjay Rawat
SSL Architecture • SSL connection • a transient, peer-to-peer, communications link • associated with 1 SSL session • Dimensions: • Server and client random • Server write MAC secret • Client write MAC secret • Server write key • Client write key • Initialization vectors • Sequence numbers PIS Unit 4 SSL-TSL Sanjay Rawat
SSL Arch • SSL session • an association between client & server • created by the Handshake Protocol • define a set of cryptographic parameters • may be shared by multiple SSL connections • Dimensions • Session identifier: This is a value generated by a server • Peer certificate: This is an X.509 v3 certificate • Compression method • Cipher spec • Master secret • Is resumable PIS Unit 4 SSL-TSL Sanjay Rawat
SSL Record Protocol Services • message integrity • using a MAC with shared secret key • similar to HMAC but with some difference • HMAC=hash(MAC_write_secret || pad_2 ||hash(MAC_write_secret || pad_1 ||seq_num ||SSLCompressed.type ||SSLCompressed.length ||SSLCompressed.fragment)) PIS Unit 4 SSL-TSL Sanjay Rawat
SSL Record conti… • confidentiality • using symmetric encryption with a shared secret key defined by Handshake Protocol • AES, IDEA, RC2-40, DES-40, DES, 3DES, Fortezza, RC4-40, RC4-128 • message is compressed (optionally) before encryption PIS Unit 4 SSL-TSL Sanjay Rawat
SSL Record Protocol Operation PIS Unit 4 SSL-TSL Sanjay Rawat
SSL Change Cipher Spec Protocol • one of 3 SSL specific protocols which use the SSL Record protocol • a single message consists of one byte 1. • causes pending state to become current • hence updating the cipher suite in use • Sent after just-negotiated CipherSpec and keys. PIS Unit 4 SSL-TSL Sanjay Rawat
SSL Alert Protocol • conveys SSL-related alerts to peer entity • Consists of 2 bytes • Severity (1st byte) • warning or fatal • specific alert (2nd byte) • fatal: unexpected message, bad record mac, decompression failure, handshake failure, illegal parameter • warning: close notify, no certificate, bad certificate, unsupported certificate, certificate revoked, certificate expired, certificate unknown • compressed & encrypted like all SSL data PIS Unit 4 SSL-TSL Sanjay Rawat
SSL Handshake Protocol • allows server & client to: • authenticate each other • to negotiate encryption & MAC algorithms • to negotiate cryptographic keys to be used • comprises a series of messages in phases • Establish Security Capabilities • Server Authentication and Key Exchange • Client Authentication and Key Exchange • Finish PIS Unit 4 SSL-TSL Sanjay Rawat
Format • Type (1 byte):Indicates one of 10 messages. • Length (3 bytes):The length of the message in bytes. • Content ( =>0 bytes): PIS Unit 4 SSL-TSL Sanjay Rawat
SSL Handshake Protocol PIS Unit 4 SSL-TSL Sanjay Rawat
TLS (Transport Layer Security) • IETF standard RFC 2246 similar to SSLv3 • with minor differences • in record format version number • uses HMAC for MAC • a pseudo-random function expands secrets • has additional alert codes • some changes in supported ciphers • changes in certificate types & negotiations • changes in crypto computations & padding PIS Unit 4 SSL-TSL Sanjay Rawat