90 likes | 126 Views
SSL/TLS Protocol. Network Security Gene Itkis. Basic paradigmatic application: on-line purchase. Client contacts Server (possibly for the first time) Spontaneity Client conveys secret info to Server Confidentiality Who’s on the other side?
E N D
SSL/TLS Protocol Network Security Gene Itkis
Basic paradigmatic application: on-line purchase • Client contacts Server(possibly for the first time) • Spontaneity • Client conveys secret info to Server • Confidentiality • Who’s on the other side? • ServerAuthentication – requiredClient authentication– optional • You do not want to know about security • Transparency • Allows other protocols to work over SSL/TLS
Design Goals • Confidentiality • Authentication • Server – required • Client – optional • Spontaneity • Transparency • Message Integrity • Expandability • Fix problems of v.2 SSL v.2 SSL v.3
Protocol parts • Handshake • Authenticated Key Establishment • Data transfer • Encryption • Integrity (Message Authentication)
Handshake protocol outline C S • ClientHello: • Version • Cipher Suits • Random • ServerHello: • Version • Cipher Suit • Session ID • Random ClientHello ServerHello • Certificate: • Subject • Issuer (CA) • Signed PK Certificate + Done RSA ClientKE • ClientKeyExchange: • Pre-Master Key encrypted w/PK • Attacks: • force weak cipher suit • replay: e.g., cause multiple payments • Remedy: • Random in Hello • Check under protection: Finished msgs Data transfer Keys computed finished
Finished & ChangeCipherSpec Data transfer Keys computed … finished : ClientKE ChangeCipherSpec keys computed ClientFinished ChangeCipherSpec ServerFinished Finished: HASH(all Handshake msgs)
Handshake protocol outline C S • ClientHello: • Version • Cipher Suits • Random • ServerHello: • Version • Cipher Suit • Session ID • Random ClientHello ServerHello • Certificate: • Subject • Issuer (CA) • Signed PK Certificate DH ServerKE + Done • ServerKeyExchange: • DH message, signed to be verified w/ PK ClientKE • ClientKeyExchange: • DH message