Embed Size (px)
DESCRIPTION
Securing TCP connections using SSL Originally developed by Netscape Communications to allow secure access of a browser to a Web server, Secure Sockets Layer (SSL) has become the accepted standard for Web security.1 The first version of SSL was never released because of problems regarding protection of credit card transactions on the Web. In 1994, Netscape created SSLv2, which made it possible to keep credit card numbers confidential and also authenticate the Web server with the use of encryption and digital certificates. In 1995, Netscape strengthened the cryptographic algorithms and resolved many of the security problems in SSLv2 with the release of SSLv3. SSLv3 now supports more security algorithms than SSLv2.
Citation preview
SECURING TCP CONNECTIONS USING SSL
Presented By:
Raushan Mahaseth (2067/BEX/132)
Sagar Mali (2067/BEX/133)
Sanid Prajapati (2067/BEX/134)
Saugat Gautam (2067/BEX/135)
INTRODUCTION
• SSL stands for Secure Sockets Layer
• SSL is the standard security technology for establishing an Encrypted link between a web server and a browser.
• This link ensures that all data passed between the web servers and the browsers remain Private & Integral.
NEED of SSL• Authentication of server
How does the client know who they are dealing with?
• Information IntegrityHow do we know third party has not altered
data en route?
OBJECTIVES of SSL PROTOCOL
• Data encryption
• Server authentication
• Message integrity
• Optional client authentication for a TCP/IP connection.
Application of SSL in web browser:An example
Normal HTTP: http://www.bbc.com
Secured HTTP: https://www.facebook.com
BRIEF HISTORY
• Netscape developed the SSL protocol in 1994, as a response to the growing concern over the security on the Internet.
• SSL was originally developed for the securing web browser and server communications.
SSL VERSIONS
• There are several versions of the SSL protocol defined.
• The latest version , Transport Layer Security Protocol (TLS) is based on SSL 3.0
• SSL version 1.0
• SSL version 2.0
• SSL version 3.0
• TLS version 1.0
• TLS version 2.0 with SSL version 3.0 compatibility
Positioning of SSL layer in OSI model
Application
TCP
IP
Normal Application
Application
SSL
TCP
IP
Application with SSL
• SSL provides application programming interface (API) to applications
• C and Java SSL libraries/classes readily available
SSL Protocol Stack
Composed of Two Layers:1.Higher Layer
SSL Handshake Protocol
SSL Change Cipher Spec Protocol
SSL Alert Protocol
HTTP
2.Lower Layer
SSL Record Protocol,
TCP
IP
SSL Protocol Stack Table
SSL Sub protocols
Two Sub protocols -
• Handshake Protocol: For establishing secure connection
• Record Protocol: For secure transmission of data
HANDSHAKE PROTOCOL
• Allows server & client to:
• authenticate each other
• to negotiate encryption, MAC algorithms and keys
• Comprises a series of messages exchanged in phases:
• Establish Security Capabilities
• Server Authentication and Key Exchange
• Client Authentication and Key Exchange
HANDSHAKE PROTOCOL EXPLAINED
SSL Record Protocol
• The Record Protocol 1. takes an application message to be
transmitted,
2. fragments the data into blocks,
3.compresses the data (optionally),
4.applies a MAC,
5.encrypts,
6.adds a header and
7. transmits the resulting unit.
SSL Record Protocol Operation
SUMMARY• SSL protocol developed for secure internet
browsing
• Operates in between Application and Transport layer
• Uses two sub protocol
• Handshake protocol
• Record protocol
• Widely applied by various servers and web browsers
REFERENCES
• Books:
• Computer Networks, A.S. Tatenbaum (Fourth Edition) PHI
• Computer Networking- A top down approach, J.F. Kurose & K.W. Ross (Fifth Edition) Pearson
• Websites:
• http://en.wikipedia.org/wiki/Transport_Layer_Security
• http://www.webopedia.com/TERM/S/SSL.html
• https://www.globalsign.eu/ssl-information-center/what-is-ssl.html
• http://www.postgresql.org/docs/9.1/static/ssl-tcp.html
• http://www.digicert.com/ssl.htm
THANK YOU AND
HAPPY SECURE WEB BROWSING!
