Trust Infrastructure of SSL

Similar documents
SSL/TLS & 3D Secure. CS 470 Introduction to Applied Cryptography. Ali Aydın Selçuk. CS470, A.A.Selçuk SSL/TLS & 3DSec 1

Cryptography SSL/TLS. Network Security Workshop. 3-5 October 2017 Port Moresby, Papua New Guinea

Overview of SSL/TLS. Luke Anderson. 12 th May University Of Sydney.

Cristina Nita-Rotaru. CS355: Cryptography. Lecture 17: X509. PGP. Authentication protocols. Key establishment.

Crypto meets Web Security: Certificates and SSL/TLS

Internet security and privacy

ETSI European CA DAY TRUST SERVICE PROVIDER (TSP) CONFORMITY ASSESSMENT FRAMEWORK. Presented by Nick Pope, ETSI STF 427 Leader

Public-Key Infrastructure NETS E2008

Authentication and Key Distribution

Introduction to SSL. Copyright 2005 by Sericon Technology Inc.

Information Security CS 526

Cryptography and Network Security

Lecture Notes 14 : Public-Key Infrastructure

Lecture 15 PKI & Authenticated Key Exchange. COSC-260 Codes and Ciphers Adam O Neill Adapted from

Auth. Key Exchange. Dan Boneh

Certificates, Certification Authorities and Public-Key Infrastructures

Secure Sockets Layer (SSL) / Transport Layer Security (TLS)

Public Key Infrastructure

But where'd that extra "s" come from, and what does it mean?

Today s Lecture. Secure Communication. A Simple Protocol. Remote Authentication. A Simple Protocol. Rules. I m Alice. I m Alice

Replace the Default Self-Signed Certificate with a 3rd Party SSL Certificate on the RV34x Series Router

Fall 2010/Lecture 32 1

Authentication Part IV NOTE: Part IV includes all of Part III!

Network Security: TLS/SSL. Tuomas Aura T Network security Aalto University, Nov-Dec 2010

HTTPS and the Lock Icon

Diffie-Hellman. Part 1 Cryptography 136

Distributed Systems. 25. Authentication Paul Krzyzanowski. Rutgers University. Fall 2018

X.509. CPSC 457/557 10/17/13 Jeffrey Zhu

Overview. SSL Cryptography Overview CHAPTER 1

Question No: 2 Which identifier is used to describe the application or process that submitted a log message?

CS November 2018

CSE 565 Computer Security Fall 2018

Cryptographic Protocols 1

Wireless Security and Monitoring. Training materials for wireless trainers

SSL/TLS FOR MORTALS.

Lecture 13. Public Key Distribution (certification) PK-based Needham-Schroeder TTP. 3. [N a, A] PKb 6. [N a, N b ] PKa. 7.

Securing Connections with Digital Certificates in Router OS. By Ezugu Magnus PDS Nigeria

INF3510 Information Security University of Oslo Spring Lecture 3 Key Management and PKI. Audun Jøsang

Lecture 15 Public Key Distribution (certification)

Managing SSL/TLS Traffic Flows

Man in the Middle Attacks and Secured Communications

Digital Certificates Demystified

Certificateless Public Key Cryptography

SCION: PKI Overview. Adrian Perrig Network Security Group, ETH Zürich

Securing Internet Communication: TLS

Chapter 6: Digital Certificates Introduction Authentication Methods PKI Digital Certificate Passing

Configuring SSL. SSL Overview CHAPTER

Key Management and Distribution

Lecture 2 Applied Cryptography (Part 2)

Public. Atos Trustcenter. Server Certificates + Codesigning Certificates. Version 1.2

Exposing The Misuse of The Foundation of Online Security

Lessons from the Human Immune System Gavin Hill, Director Threat Intelligence

How to Set Up External CA VPN Certificates

ECE 646 Lecture 3. Key management

Elements of Cryptography and Computer and Network Security Computer Science 134 (COMPSCI 134) Fall 2016 Instructor: Karim ElDefrawy

Understanding Traffic Decryption

ÓBUDA UNIVERSITY, BUDAPEST SSL CERTIFICATES

Data Security and Privacy. Topic 14: Authentication and Key Establishment

Legacy of Heartbleed: MITM and Revoked Certificates. Alexey Busygin NeoBIT

Configuring SSL CHAPTER

Computer Security. 10r. Recitation assignment & concept review. Paul Krzyzanowski. Rutgers University. Spring 2018

About DPI-SSL. About DPI-SSL. Functionality. Deployment Scenarios

Chapter 4: Securing TCP connections

Security: Focus of Control

Configuring SSL. SSL Overview CHAPTER

Lecture 9a: Secure Sockets Layer (SSL) March, 2004

SSL/TSL EV Certificates

6 Public Key Infrastructure 6.1 Certificates Structure of an X.509 certificate X.500 Distinguished Name and X.509v3 subjectalternativename

Ten Risks of PKI : What You re not Being Told about Public Key Infrastructure By Carl Ellison and Bruce Schneier

PROVING WHO YOU ARE TLS & THE PKI

Digital signatures: How it s done in PDF

Key Agreement Schemes

Chapter 8. Network Security. Cryptography. Need for Security. An Introduction to Cryptography 10/7/2010

CSC 5930/9010 Modern Cryptography: Public-Key Infrastructure

Key Management and Distribution

Verteilte Systeme (Distributed Systems)

Grandstream Networks, Inc. GWN7000 OpenVPN Site-to-Site VPN Guide

Defeating All Man-in-the-Middle Attacks

Chapter 9: Key Management

CIS 5373 Systems Security

How to Configure SSL Interception in the Firewall

Securing Connections for IBM Traveler Apps. Bill Wimer STSM for IBM Collaboration Solutions December 13, 2016

Stop sweating the password and learn to love public key cryptography. Chris Streeks Solutions Engineer, Yubico

Smart Grid Security. Selected Principles and Components. Tony Metke Distinguished Member of the Technical Staff

Protocols II. Computer Security Lecture 12. David Aspinall. 17th February School of Informatics University of Edinburgh

Importing a Global Server Certificate from Verisign and other PKCS#7 certificates into the SonicWALL SSL Accelerator

This document describes the configuration of Secure Sockets Layer (SSL) decryption on the FirePOWER Module using ASDM (On-Box Management).

CS Certificates, part 2. Prof. Clarkson Spring 2017

Public Key Infrastructure PKI. National Digital Certification Center Information Technology Authority Sultanate of Oman

Introduction to Network Security Missouri S&T University CPE 5420 Key Management and Distribution

Securing Internet Communication

Public Key Infrastructure. What can it do for you?

Configuring Certificate Authorities and Digital Certificates

Security: Focus of Control. Authentication

Elements of Cryptography and Computer and Network Security Computer Science 134 (COMPSCI 134) Fall 2016 Instructor: Karim ElDefrawy

ISY994 Series Network Security Configuration Guide Requires firmware version Requires Java 1.8+

CSC 482/582: Computer Security. Security Protocols

Public-Key Infrastructure (PKI) Lab

Send documentation comments to

Guide to Deploying VMware Workspace ONE. DEC 2017 VMware AirWatch 9.2 VMware Identity Manager 3.1

Transcription:

Trust Infrastructure of SSL CS 470 Introduction to Applied Cryptography Ali Aydın Selçuk CS470, A.A.Selçuk SSL Trust 1

SSL/TLS The main workhorse of secure Internet communication. Everyday, billions of web packets (HTTPS) are encrypted by SSL/TLS. Not only web pages: VPN tunneling, electronic banking, cloud services, all rely on SSL to secure their communications. CS470, A.A.Selçuk SSL Trust 2

Success of SSL Brought cryptography to the service of the masses Until SSL and spread of Internet, cryptography saw very limited use by common people. In the first 20 years of PKC (1976-96), the technology had a very limited penetration. This all changed in the second half of the 1990s with SSL. CS470, A.A.Selçuk SSL Trust 3

Success of SSL Trust infrastructure has an autonomous and selfgoverning structure, consisting of browser vendors audit firms and standards bodies certificate authorities SSL servers Has been remarkably successful, especially compared to previous efforts such as PEM to secure Internet communications. CS470, A.A.Selçuk SSL Trust 4

A Simple Key Exchange Protocol ~ SSL key exchange protocol: client hello server pub key K S {k} S k is the session key CS470, A.A.Selçuk SSL Trust 5

Active Attacks & Certificates Simple public key encryption solves the key distribution problem against passive attackers (i.e., an attacker that just eavesdrops). Active attackers can send a fake public key & become a man in the middle (MitM). Notation: [M] X : message M signed with the prv. key of X {M} X : message M enc. with the pub. key of X CS470, A.A.Selçuk SSL Trust 6

MitM Attack Normal op: Alice pub key K A Bob {k} A k is the session key MitM attack: Trudy Alice K A K A' Bob {k} A {k} A' key k key k CS470, A.A.Selçuk SSL Trust 7

Certificates These MitM attacks are possible because a receiver cannot distinguish a fake public key from the real one. Certificates: IDs and public keys are signed by a trusted authority ( certification authority ). E.g., cert A = [ID A, PK A, exp.date, ] CA CS470, A.A.Selçuk SSL Trust 8

Certified Encrypted Key Exchange ~ SSL key exchange protocol: client hello server cert S = [ID S, PK S, ] CA {k} S k is the session key CS470, A.A.Selçuk SSL Trust 9

Certification Authorities CAs public key should be distributed in a trusted way to all the parties in the system in advance. In SSL, root CAs are approved by the browser (or the OS) makers, and distributed with the browser/os code. CAs must satisfy certain criteria for this: https://wiki.mozilla.org/ca:how_to_apply http://www.chromium.org/home/chromiumsecurity/root-ca-policy http://technet.microsoft.com/enus/library/cc751157.aspx CS470, A.A.Selçuk SSL Trust 10

Certification Authorities Browser makers require CA firms to be audited and accredited according to some standards: WebTrust ETSI TS 101/102 ISO 21188:2006 Public key infrastructure of SSL: Oligarchy model: A number of trusted root CAs, which issue certificates to intermediate CAs, or to end users (SSL servers) CS470, A.A.Selçuk SSL Trust 11

Example: IE Browser Tools > Internet options > Content > Certificates CS470, A.A.Selçuk SSL Trust 12

Trusted root CAs: Example: IE Browser CS470, A.A.Selçuk SSL Trust 13

Example: IE Browser E.g., VeriSign root certificate: CS470, A.A.Selçuk SSL Trust 14

Example: IE Browser Untrusted / revoked certificates: CS470, A.A.Selçuk SSL Trust 15

Certificates & Validation Valid SSL/TLS certificates are issued to web servers by root or intermediate CAs. E.g., Google s certificate: GeoTrust (root) Google Internet Authority accounts.google.com Client (browser) authenticates this chain of certificates beginning from the root CA. http://en.wikipedia.org/wiki/certification_path_validation _algorithm CS470, A.A.Selçuk SSL Trust 16

Example Client Certificate E.g., gmail.com (or, accounts.google.com) CS470, A.A.Selçuk SSL Trust 17

Example Client Certificate E.g., gmail.com (or, accounts.google.com) CS470, A.A.Selçuk SSL Trust 18

Example Client Certificate Example Client Certificate CS470, A.A.Selçuk SSL Trust 19

SSL/TLS in Practice SSL/TLS: A reasonably secure protocol with a reasonable trust model and commercially viable operation What may go wrong? Man in the browser attacks Cert. validation software may get it wrong Compromised CAs, fake certificates and more CS470, A.A.Selçuk SSL Trust 20

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback