80 likes | 261 Views
Secure Sockets Layer (SSL). Presented by: Piyush Saggi Baylor University Dec 6, 2002. Plan of Action. Need for SSL Brief Overview SSL protocols Questions. Need for SSL. Internet powered world Insecurity of network communication One world – One protocol
E N D
Secure Sockets Layer (SSL) Presented by: Piyush Saggi Baylor University Dec 6, 2002
Plan of Action • Need for SSL • Brief Overview • SSL protocols • Questions
Need for SSL • Internet powered world • Insecurity of network communication • One world – One protocol • Applications unaware of security
What is SSL ? • Secure Sockets Layer • Network security protocol • Goals: • 1.Cryptographic security • 2.Interoperability • 3.Extensibility • 4.Relative Efficiency
Basic Operation Application Data Fragmentation Record Layer <214 bytes SSL Plaintext Compression SSLCompressed Encryption SSLCiphertext TCP
Protocols • SSL – layered protocol • SSL Record protocol over TCP • Encapsulates SSL Handshake protocol
Handshake Protocol • A->B hello • B->A Hi, I'm Bob, bobs-certificate • A->B prove it • B->A Alice, This Is bob{ digest[Alice, This Is Bob] } bobs-private-key • ok bob, here is a secret {secret} bobs-public-key{some message,MAC}secret-key • 40 bit or 128 bit encryption
Nitty Grtties • Certification Authorities – Verisign etc. • https port number – 443 QUESTIONS ??