Upload
afroz-mir
View
27
Download
0
Embed Size (px)
Citation preview
05/03/2023
BABA GHULAM SHAH BADSHAH UNIVERSITY
1
AFROZ BGSBU
NAME :- AFROZ HAIDER
ROLL NO:- 08-MCA-2014
TOPIC NAME:-SECURE SOCKET LAYER(SSL)
PRESENTED TO:- DR.SANJAY JAMWAL
COURSE TITLE:- CRYPTOGRAPHY AND NETWORK SECURITY
2
What is SSL?•It is an Internet protocol for secure
exchange of information between a web browser and a web server
•It provides▫Authentication▫Confidentiality
•Developed by Netscape Corporation in 1994
•Currently comes in three versions : 2, 3 and 3.1
4
Position of SSL in TCP/IP
Application Layer
Transport Layer
Internet Layer
Data Link Layer
Physical Layer
SSL Layer
5
Data Exchange using TCP/IP layers
X
L5 data
010101010100010101010010
Transmission medium
H4L5 data
H3L4 data
Application
Transport
Internet
Physical
H2L3 data Data Link
Y
L5 data
010101010100010101010010
H4L5 data
H3L4 data
H2L3 data
6
Data Transmission using SSLX
L5 data
010101010100010101010010
Transmission medium
H4L5 data
H3L4 data
Application
Transport
Internet
Physical
L5 data SSLSH
H2L3 data Data Link
Y
L5 data
010101010100010101010010
H4L5 data
H3L4 data
L5 data SH
H2L3 data
8
SSL sub-protocols
1 • Handshake protocol
2 • Record protocol
3• Change Cipher
protocol4 • Alert protocol
10
Handshake Protocol Message TypesMessage Type Parameters
Hello request None
Client hello Version, Random number, Session id, Cipher suite, Compression method
Server hello Version, Random number, Session id, Cipher suite, Compression method
Certificate Chain of X.509V3 certificates
Server key exchange Parameters, signature
Certificate request Type, authorities
Server hello done None
Certificate verify Signature
Client key exchange Parameters, signature
Finished Hash value
11
SSL Handshake Phases
1• Establish security capabilities
2• Server authentication and key
exchange
3• Client authentication and key
exchange
4• Finish
12
Phase 1: Establish Security Capabilities
•Used to initiate logical connection and establish security capabilities.
•Consists of two messages▫Client hello▫Server hello
14
Parameters of Client Hello Message• Identifies highest version of SSL that client can
supportVersion
• 32 bit date time field• 28 byte random numberRandom
• Variable length session identifier• Can be zero (new session) or non zero (connection
exists)Session id
• Contains list of cryptographic algorithms supported by the clientCipher suite
• Contains list of compression algorithms supported by the client
Compression method
15
Parameters of Server Hello Message
• Identifies lower of version suggested by client and highest supported by serverVersion
• Same structure as that in client hello• Random value independent of client’s valueRandom
• Uses same value if client sends non zero value• Otherwise creates new session idSession id
• Contains single cipher suite which server selects from the list sent by clientCipher suite
• Contains single compression algorithm which server selects from the list sent by client
Compression method
16
Handshake Protocol- Phase 2
Web Browser
Web ServerStep 2: Server key
exchange
Step 3: Certificate request
Step 4: Server hello done
Step 1: Certificate
17
Server Authentication and key exchange
• Server sends its Digital certificate • Helps the to authenticate
Certificate
• Sent only if the certificate does not contain enough information to complete the key exchange
Server key
exchange
• Sent if the client needs to authenticate itselfCertificate request
• Sent to indicate that the server is finished its part of the key exchange
• after sending this message the server waits for client response
Server hello done
18
Handshake Protocol- Phase 3
Web Browser
Web Server
Step 1: Certificate
Step 2: Client key exchange
Step 3: Certificate verify
19
Client Authentication and key exchange
• will send a certificate message or a no certificate alert
Certificate
• always sent• RSA encrypted pre-master secret
Client key
exchange
• sent only if the client sent a certificate• provides client authentication• contains signed hash of all the previous
handshake messages
Certificate verify
20
Handshake Protocol- Phase 4
Web Browser
Web Server
Step 1: Change cipher specs
Step2 : Finished
Step 3: Change cipher specs
Step 4: Finished
SSL Record Protocol•Provide two services for SSL
connections:Confidentiality: by encrypting
application data.Message Integrity: by computing MAC
over the compressed data.•Can be utilized by some upper-layer
protocols of SSL.
24
SSL Alert Protocol
IF THE ERROR IS FATAL ,BOTH THE PARTIES IMMEDIATELY CLOSE THE CONNECTION.BOTH THE PARTIES ALSO THE SESSION IDENTIFIERS,SECRET AND KEYS ASSOCAITED WITH THIS CONNECTION BEFORE IT IS TERMOINATED
WHEN EITHER THE CLIENT OR SERVER DETECTS AN ERROR THE DETECTING PARTY SENDS AN ALERT MESSAGE TO THE OTHER PARTY.
SEVERITY 1 BYTE
CAUSE 2 BYTE
ALERT PROTOCOL MESSAGE FORMAT
25
SSL Alert MessagesWarning or fatal
close_notify(0), unexpected_message(10), bad_record_mac(20), decryption_failed(21), record_overflow(22),
decompression_failure(30), handshake_failure(40), bad_certificate(42), unsupported_certificate(43), certificate_revoked(44), certificate_expired(45), certificate_unknown(46), illegal_parameter(47), unknown_ca(48), access_denied(49), decode_error(50), decrypt_error(51), export_restriction(60), protocol_version(70), insufficient_security(71), internal_error(80), user_canceled(90), no_renegotiation(100),
26
SSL Alert Messages
Always fatalunexpected_messagesbad_record_macdecompression_failurehandshake_failureillegal_parameter
27
SSL Alert Messages
Remaining alertsclose_notifyno_certificatebad_certificateunsupported_certificatecertificate_revokedcertificate_expiredcertificate_unknown
28
Authentication of server– How does client know who they are dealing
with?
Information integrity– How do we know third party has not altered
data en route?
Bob’s web siteAlice thinks she is at Bob’s site, but Darth is
spoofing it
Bob’s web siteAddress information
Change so item shipped to Darth
29
SSL VersionThere are several versions of the SSL protocol defined. The latest version, the Transport Layer Security Protocol (TLS), is based on SSL 3.0SSL Version 1.0
SSL Version 2.0
SSL Version 3.0
TLS Version 1.0
TLS Version 1.0 with SSL Version 3.0
34
References
https://www.digicert.com/ssl.htm http://www.webopedia.com/TERM/S/SSL.html http://en.wikipedia.org/wiki/
Transport_Layer_Security