COSC 301 Network Management. Lecture 15: SSL/TLS and HTTPS

Similar documents
Transport Level Security

Transport Layer Security

INF3510 Information Security University of Oslo Spring Lecture 9 Communication Security. Audun Jøsang

The World Wide Web is widely used by businesses, government agencies, and many individuals. But the Internet and the Web are extremely vulnerable to

Chapter 32 Security in the Internet: IPSec, SSL/TLS, PGP,

Chapter 4: Securing TCP connections

But where'd that extra "s" come from, and what does it mean?

SSL/TLS. How to send your credit card number securely over the internet

Chapter 8 Web Security

CPSC 467: Cryptography and Computer Security

CS 393 Network Security. Nasir Memon Polytechnic University Module 12 SSL

Lecture 9a: Secure Sockets Layer (SSL) March, 2004

Protocols, Technologies and Standards Secure network protocols for the OSI stack P2.1 WLAN Security WPA, WPA2, IEEE i, IEEE 802.1X P2.

E-commerce security: SSL/TLS, SET and others. 4.1

Secure Socket Layer. Security Threat Classifications

AIT 682: Network and Systems Security

CSCE 715: Network Systems Security

Internet Security. - IPSec, SSL/TLS, SRTP - 29th. Oct Lee, Choongho

Cryptography SSL/TLS. Network Security Workshop. 3-5 October 2017 Port Moresby, Papua New Guinea

Internet security and privacy

WAP Security. Helsinki University of Technology S Security of Communication Protocols

White Paper for Wacom: Cryptography in the STU-541 Tablet

Wireless LAN Security. Gabriel Clothier

SSL/TLS & 3D Secure. CS 470 Introduction to Applied Cryptography. Ali Aydın Selçuk. CS470, A.A.Selçuk SSL/TLS & 3DSec 1

Lehrstuhl für Netzarchitekturen und Netzdienste Fakultät für Informatik Technische Universität München. ilab. Lab 8 SSL/TLS and IPSec

Overview. SSL Cryptography Overview CHAPTER 1

Security Protocols. Professor Patrick McDaniel CSE545 - Advanced Network Security Spring CSE545 - Advanced Network Security - Professor McDaniel

Information Security CS 526

IPSec. Slides by Vitaly Shmatikov UT Austin. slide 1

Configuring 802.1X Settings on the WAP351

Securing Internet Communication: TLS

Today s Lecture. Secure Communication. A Simple Protocol. Remote Authentication. A Simple Protocol. Rules. I m Alice. I m Alice

Transport Layer Security

Overview of TLS v1.3 What s new, what s removed and what s changed?

Universität Hamburg. SSL & Company. Fachbereich Informatik SVS Sicherheit in Verteilten Systemen. Security in TCP/IP. UH, FB Inf, SVS, 18-Okt-04 2

Security Protocols and Infrastructures. Winter Term 2015/2016

Computer Networking. What is network security? Chapter 7: Network security. Symmetric key cryptography. The language of cryptography

CIS 5373 Systems Security

Computer Security. 10r. Recitation assignment & concept review. Paul Krzyzanowski. Rutgers University. Spring 2018

Cryptography and Network Security

Configure Settings and Customize Notifications on FindIT Network Probe

Network Security: TLS/SSL. Tuomas Aura T Network security Aalto University, Nov-Dec 2014

MTAT Applied Cryptography

Security Protocols and Infrastructures. Winter Term 2010/2011

Data Security and Privacy. Topic 14: Authentication and Key Establishment

[MS-SSTP]: Secure Socket Tunneling Protocol (SSTP) Intellectual Property Rights Notice for Open Specifications Documentation

Cryptography (Overview)

CS Computer Networks 1: Authentication

CS 356 Internet Security Protocols. Fall 2013

Presented by: Ahmed Atef Elnaggar Supervisor: Prof. Shawkat K.Guirguis

Defeating All Man-in-the-Middle Attacks

Cipher Suite Configuration Mode Commands

SSL/TLS. Pehr Söderman Natsak08/DD2495

David Wetherall, with some slides from Radia Perlman s security lectures.

Secure Sockets Layer (SSL) / Transport Layer Security (TLS)

Network Access Flows APPENDIXB

(2½ hours) Total Marks: 75

Securing Internet Communication

Overview of SSL/TLS. Luke Anderson. 12 th May University Of Sydney.

1.264 Lecture 28. Cryptography: Asymmetric keys

Transport Layer Security

Network Security: TLS/SSL. Tuomas Aura T Network security Aalto University, Nov-Dec 2010

Lecture 10: Communications Security

TLS1.2 IS DEAD BE READY FOR TLS1.3

14. Internet Security (J. Kurose)

TLS Extensions Project IMT Network Security Spring 2004

SEEM4540 Open Systems for E-Commerce Lecture 03 Internet Security

Authentication in real world: Kerberos, SSH and SSL. Zheng Ma Apr 19, 2005

Securing IoT applications with Mbed TLS Hannes Tschofenig Arm Limited

Introduction to Cryptography Lecture 11

Distributed Systems. 25. Authentication Paul Krzyzanowski. Rutgers University. Fall 2018

Oracle B2B 11g Technical Note. Technical Note: 11g_006 Security. Table of Contents

Authentication CHAPTER 17

WHY CSRF WORKS. Implicit authentication by Web browsers

Sankalchand Patel College of Engineering, Visnagar Department of Computer Engineering & Information Technology. Question Bank

Chapter 7. WEB Security. Dr. BHARGAVI H. GOSWAMI Department of Computer Science Christ University

SSL/TLS: Still Alive? Pascal Junod // HEIG-VD

CS November 2018

SECURE YOUR INTEGRATIONS. Maarten Smeets

Overview of TLS v1.3. What s new, what s removed and what s changed?

From Coulouris, Dollimore and Kindberg Distributed Systems: Concepts and Design. Edition 4 Pearson Education 2005

Encryption. INST 346, Section 0201 April 3, 2018

VPN, IPsec and TLS. stole slides from Merike Kaeo apricot2017 1

HTTPS Setup using mod_ssl on CentOS 5.8. Jeong Chul. tland12.wordpress.com. Computer Science ITC and RUPP in Cambodia

Findings for

CPSC 467b: Cryptography and Computer Security

Internet security and privacy

Internet and Intranet Protocols and Applications

Introduction. INF3510 Information Security. Lecture 10: Communications Security. Outline. Network Security Concepts. University of Oslo Spring 2018

Computer Networks 1 (Mạng Máy Tính 1) Lectured by: Dr. Phạm Trần Vũ

Cryptography and Network Security

AIR FORCE INSTITUTE OF TECHNOLOGY

Secure channel, VPN and IPsec. stole some slides from Merike Kaeo

Security issues: Encryption algorithms. Threats Methods of attack. Secret-key Public-key Hybrid protocols. CS550: Distributed OS.

Security Protocols and Infrastructures

Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls

Int ernet w orking. Internet Security. Literature: Forouzan: TCP/IP Protocol Suite : Ch 28

Cryptography and secure channel. May 17, Networks and Security. Thibault Debatty. Outline. Cryptography. Public-key encryption

TLS. RFC2246: The TLS Protocol. (c) A. Mariën -

Security Engineering. Lecture 16 Network Security Fabio Massacci (with the courtesy of W. Stallings)

Transcription:

COSC 301 Network Management Lecture 15: SSL/TLS and HTTPS Zhiyi Huang Computer Science, University of Otago COSC301 Lecture 15: SSL/TLS and HTTPS 1

Today s Focus WWW WWW How to secure web applications? -- Secure Socket Layer (SSL) -- Transport Layer Security (TLS) -- HTTPS COSC301 Lecture 15: SSL/TLS and HTTPS 2

HTTP Basic Authentication (1) The simplest method for enforcing access control to web resources using a username and password. Uses static standard HTTP headers with no handshake Server side: uses a WWW-authenticate HTTP header WWW-Authenticate: Basic realm= Wally World Client side: uses an Authorization header Authorization: base64(username + : + password) Wally World COSC301 Lecture 15: SSL/TLS and HTTPS 3

HTTP Basic Authentication (2) challenge-response paradigm Client Server 1 GET HTTP/1.1 webcallendar.co.nz HTTP/1.1 401 Authentication Required WWW-Authenticate: Basic realm = webcallendar 2 3 GET HTTP/1.1 webcallendar.co.nz Authorization: Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ== HTTP/1.1 200 OK Webcallendar.php 4 The basic mechanism does not provide enough confidentiality protection for the transmitted credentials. COSC301 Lecture 15: SSL/TLS and HTTPS 4

Message Digest Verifies that a message has not be altered Uses a hash function MD5 SHA-1 COSC301 Lecture 15: SSL/TLS and HTTPS 5

HTTP Digest Authentication Avoids the most serious flaws of basic authentication, but not intents to be a complete solution to web security. Sever challenges using a nonce value Client responses with a digest (by default, the MD5 checksum) of the username, password, nonce value, HTTP method, and the requested URI HA1=MD5(username:realm:password) HA2=MD5(method:digestURI) response=md5(ha1:nonce:ha2) COSC301 Lecture 15: SSL/TLS and HTTPS 6

SSL and TLS SSL Secure Sockets Layer protocol TLS Transport Layer Security protocol To provide security and compression services to data generated by the application layer Application Layer SSL or TLS TCP/UDP Fragmentation Compression Message Integrity Confidentiality Framing IP COSC301 Lecture 15: SSL/TLS and HTTPS 7

SSL & TLS History SSL v2.0 by Netscape (disable this!) SSL v3.0 more scrutiny, fixes attack vectors TLS v1.0 (= SSL v3.1) by IETF Few changes, but incompatible with v3.0 TLS v1.1 clarifies, adds recommendations TLS v1.2 cipher updates, extensions TLS v1.3 still in draft COSC301 Lecture 15: SSL/TLS and HTTPS 8

SSL/TLS Protocols Application Layer Handshake Protocol ChangeCipherSpec Protocol Alert Protocol Record Protocol Transport Layer COSC301 Lecture 15: SSL/TLS and HTTPS 9

The Handshake Protocol Uses messages to Negotiate the cipher suite Authenticate sever and/or client Exchange information for building cryptographic secrets Client cipher suite compression method two random number for key generation Server Phase I Establishing security capabilities Server authentication and key exchange Phase II Phase III Client authentication and key exchange Finalizing the Handshake protocol Phase IV COSC301 Lecture 15: SSL/TLS and HTTPS 10

ChangeCipherSpec & Alert Protocols When can the two parties use these parameters or secrets? Cannot use them until they have sent or received a special message -> the ChangeCipherSpec message How to deal with errors? Uses the Alert protocol to report errors and abnormal conditions. COSC301 Lecture 15: SSL/TLS and HTTPS 11

The Record Protocol Carries messages from the upper layers Message fragmentation Message compression (optional) Message encryption Payload from upper-layer Fragment All encrypted except the header! Compression Compressed Compressed Encryption MAC Hash MAC secret Encrypted fragment TLS payload Header COSC301 Lecture 15: SSL/TLS and HTTPS 12

HTTPS HTTP over TLS or HTTP over SSL Layering HTTP on top of the SSL or TLS Adding security capabilities of SSL/TLS to standard HTTP Difference from HTTP HTTP URLs begin with http:// and use port 80 by default HTTPS URLs begin with https:// and use port 443 by default https://www.ib.kiwibank.co.nz COSC301 Lecture 15: SSL/TLS and HTTPS 13

Website Certificate (1) What is website certificate? Used to guarantee one is talking to the partner with whom one want to talk. Generated, signed, and managed by the certificate authorities (CA) COSC301 Lecture 15: SSL/TLS and HTTPS 14

Website Certificate (2) Can you trust a certificate? Check if the web address matches the address on the certificate Check if the certificate is signed by a trusted certificate authority, and the date is valid Check the key length, the extensions, the encryption algorithms COSC301 Lecture 15: SSL/TLS and HTTPS 15

Website Certificate (3) How do we know a website uses encryption? A closed padlock A URL that begins with https: rather than http: COSC301 Lecture 15: SSL/TLS and HTTPS 16

Man-in-the-middle Attack (1) What is MITM attack? The attacker secretly relays communications between two parties who believe they are directly communicating with each other. COSC301 Lecture 15: SSL/TLS and HTTPS 17

Man-in-the-middle Attack (2) COSC301 Lecture 15: SSL/TLS and HTTPS 18

Man-in-the-middle Attack (3) How to defense against MITM attack? We will introduce different solutions in the following lectures. COSC301 Lecture 15: SSL/TLS and HTTPS 19

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback