Lecture 9a: Secure Sockets Layer (SSL) March, 2004

Similar documents
Overview. SSL Cryptography Overview CHAPTER 1

Encryption. INST 346, Section 0201 April 3, 2018

CSE 3461/5461: Introduction to Computer Networking and Internet Technologies. Network Security. Presentation L

Cryptography (Overview)

1.264 Lecture 28. Cryptography: Asymmetric keys

Cipher Suite Configuration Mode Commands

Transport Level Security

Ref:

key distribution requirements for public key algorithms asymmetric (or public) key algorithms

L13. Reviews. Rocky K. C. Chang, April 10, 2015

Kurose & Ross, Chapters (5 th ed.)

Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls

Computer Networks 1 (Mạng Máy Tính 1) Lectured by: Dr. Phạm Trần Vũ

Computer Networking. What is network security? Chapter 7: Network security. Symmetric key cryptography. The language of cryptography

David Wetherall, with some slides from Radia Perlman s security lectures.

Cryptography SSL/TLS. Network Security Workshop. 3-5 October 2017 Port Moresby, Papua New Guinea

Lecture 30. Cryptography. Symmetric Key Cryptography. Key Exchange. Advanced Encryption Standard (AES) DES. Security April 11, 2005

WAP Security. Helsinki University of Technology S Security of Communication Protocols

14. Internet Security (J. Kurose)

E-commerce security: SSL/TLS, SET and others. 4.1

ח'/סיון/תשע "א. RSA: getting ready. Public Key Cryptography. Public key cryptography. Public key encryption algorithms

CS Computer Networks 1: Authentication

Chapter 8 Web Security

Data Security and Privacy. Topic 14: Authentication and Key Establishment

(2½ hours) Total Marks: 75

UNIT - IV Cryptographic Hash Function 31.1

Cryptography & Key Exchange Protocols. Faculty of Computer Science & Engineering HCMC University of Technology

PROTECTING CONVERSATIONS

Distributed Systems. 25. Authentication Paul Krzyzanowski. Rutgers University. Fall 2018

Computer Security: Principles and Practice

CS 425 / ECE 428 Distributed Systems Fall 2017

Key Exchange. References: Applied Cryptography, Bruce Schneier Cryptography and Network Securiy, Willian Stallings

Distributed Systems. 26. Cryptographic Systems: An Introduction. Paul Krzyzanowski. Rutgers University. Fall 2015

Cryptography (DES+RSA) by Amit Konar Dept. of Math and CS, UMSL

Cryptographic Concepts

Cryptographic Systems

Information Security CS 526

Computer Security. 08r. Pre-exam 2 Last-minute Review Cryptography. Paul Krzyzanowski. Rutgers University. Spring 2018

CS November 2018

The World Wide Web is widely used by businesses, government agencies, and many individuals. But the Internet and the Web are extremely vulnerable to

Lecture Nov. 21 st 2006 Dan Wendlandt ISP D ISP B ISP C ISP A. Bob. Alice. Denial-of-Service. Password Cracking. Traffic.

Network Security. Chapter 8. MYcsvtu Notes.

CS 393 Network Security. Nasir Memon Polytechnic University Module 12 SSL

Chapter 4: Securing TCP connections

Internet and Intranet Protocols and Applications

IBM i Version 7.2. Security Digital Certificate Manager IBM

Public Key Cryptography, OpenPGP, and Enigmail. 31/5/ Geek Girls Carrffots GVA

Chapter 6: Digital Certificates Introduction Authentication Methods PKI Digital Certificate Passing

Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 11 Basic Cryptography

Cristina Nita-Rotaru. CS355: Cryptography. Lecture 17: X509. PGP. Authentication protocols. Key establishment.

Configuring SSL. SSL Overview CHAPTER

Cryptography and secure channel. May 17, Networks and Security. Thibault Debatty. Outline. Cryptography. Public-key encryption

Transport Layer Security

CCNA Security 1.1 Instructional Resource

BCA III Network security and Cryptography Examination-2016 Model Paper 1

CPSC 467b: Cryptography and Computer Security

APNIC elearning: Cryptography Basics

CSC 774 Network Security

CSC/ECE 774 Advanced Network Security

CSE 127: Computer Security Cryptography. Kirill Levchenko

Security issues: Encryption algorithms. Threats Methods of attack. Secret-key Public-key Hybrid protocols. CS550: Distributed OS.

Introduction and Overview. Why CSCI 454/554?

CSC 8560 Computer Networks: Network Security

06/02/ Local & Metropolitan Area Networks. 0. Overview. Terminology ACOE322. Lecture 8 Network Security

Modern cryptography 2. CSCI 470: Web Science Keith Vertanen

From Coulouris, Dollimore and Kindberg Distributed Systems: Concepts and Design. Edition 4 Pearson Education 2005

Computer Security. 10r. Recitation assignment & concept review. Paul Krzyzanowski. Rutgers University. Spring 2018

ISA 662 Internet Security Protocols. Outline. Prime Numbers (I) Beauty of Mathematics. Division (II) Division (I)

Configuring SSL CHAPTER

Garantía y Seguridad en Sistemas y Redes

Managing SSL certificates in the ServerView Suite

SSL/TLS & 3D Secure. CS 470 Introduction to Applied Cryptography. Ali Aydın Selçuk. CS470, A.A.Selçuk SSL/TLS & 3DSec 1

Configuring SSL. SSL Overview CHAPTER

Protecting Information Assets - Week 11 - Cryptography, Public Key Encryption and Digital Signatures. MIS 5206 Protecting Information Assets

CSCE 715: Network Systems Security

Lecture 2 Applied Cryptography (Part 2)

VPNs and VPN Technologies

Protocols, Technologies and Standards Secure network protocols for the OSI stack P2.1 WLAN Security WPA, WPA2, IEEE i, IEEE 802.1X P2.

Digital Certificates Demystified

Diffie-Hellman. Part 1 Cryptography 136

Public-key Cryptography: Theory and Practice

Computer Security. Two main issues are current regarding security for computer communication systems

Unit 8 Review. Secure your network! CS144, Stanford University

Understand the TLS handshake Understand client/server authentication in TLS. Understand session resumption Understand the limitations of TLS

Introduction to Cryptography. Vasil Slavov William Jewell College

Chapter 8 Security. Computer Networking: A Top Down Approach. 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012

Lorenz Cipher. Menu. Class 4: Modern Cryptography. British Cipher Machine. German Code-Breaking Efforts. Some loose ends on WWII Maurice Burnett

Int ernet w orking. Internet Security. Literature: Forouzan: TCP/IP Protocol Suite : Ch 28

CPSC 467: Cryptography and Computer Security

Secure Socket Layer. Security Threat Classifications

Chapter 9. Public Key Cryptography, RSA And Key Management

2.1 Basic Cryptography Concepts

Security: Focus of Control. Authentication

Lecture 1 Applied Cryptography (Part 1)

Digital Signatures. Public-Key Signatures. Arbitrated Signatures. Digital Signatures With Encryption. Terminology. Message Authentication Code (MAC)

Computer Networks. Wenzhong Li. Nanjing University

Securing Internet Communication: TLS

CS 356 Internet Security Protocols. Fall 2013

SSL/TLS. How to send your credit card number securely over the internet

Network Security. Computer Networking: A Top Down Approach Featuring the Internet, 2 nd edition. Jim Kurose, Keith Ross Addison-Wesley, July 2002.

Transcription:

Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York University artg@cs.nyu.edu

Security Achieved by the Secure Sockets Layer (SSL) Confidentiality Encrypt data being sent between client and server, so that passive wiretappers cannot read sensitive data. Integrity Protection Protect against modification of messages by an active wiretapper. Authentication Verify that a peer is who they claim to be. Servers are usually authenticated, and clients may be authenticated if requested by servers. 2

TCP/IP Protocol Stack With SSL TCP/IP Layer Application Layer Secure Sockets Layer Transport Layer Internet Layer Protocol HTTP, IMAP, NNTP, Telnet, FTP, etc. SSL TCP IP 3

Cryptography Cryptography makes it difficult for an unauthorized third party to access and understand private communication between two parties. Private data can be made unintelligible to unauthorized parties through the process of encryption. Encryption uses complex algorithms to convert the original message, or cleartext, to an encoded message, called ciphertext. Decryption does the reverse. A key is a bit string that is used by the algorithms for encryption or decryption. 4

Encryption Algorithms Parties Alice and Bob want to communicate. Charlie, the unauthorized third party, is known as the attacker. Secret key Alice and Bob agree on an algorithm, and have the same secret key, which they use to encrypt plaintext and decrypt cyphertext. Well-known secret key cryptographic algorithms include the Data Encryption Standard (DES), triplestrength DES (3DES), Rivest Cipher 2 (RC2), Rivest Cipher 4 (RC4) and the Advanced Encryption Standard (AES). 5

Encryption Algorithms (cont.) Public key Alice and Bob agree on an algorithm, and Alice creates a pair of keys public and private and sends the public key to Bob and other people. Bob (or anyone else) encrypts with the public key, but only Alice can decrypt with the secret private key. Well-known public key algorithms include Rivest Shamir Adleman (RSA) and Diffie-Hellman (DH). Because they require extensive computations, these algorithms run slowly. Therefore they re only used for encrypting small pieces of data, such as secret keys or signatures. 6

How SSL Achieves Confidentiality Create a secret key Based on information generated by the client with a secure random number generator Use public keys to exchange the secret key The server sends its public key to the client The client encrypts the secret key with the server's public key and sends it to the server The server decrypts the secret key information with the server s private key Encrypt and decrypt data with the secret key The client and server use the negotiated algorithm 7

Cryptographic Hash Functions Q: How can we prevent Charlie from tampering with data that Alice sends to Bob? A: Make any change in the data detectable. A cryptographic hash function is like a checksum. A cryptographic hash function generates, a small string of bits, known as a hash, from a message. Any slight change to the message should make a change in the resulting hash. Widely used hash functions are Message Digest 5 (MD5) and Secure Hash Algorithm (SHA). 8

Message Authentication Code A message authentication code (MAC) is like a cryptographic hash, but it uses a secret key. Including a secret key with the data processed by a cryptographic hash produces a hash called an HMAC. Here s how we prevent Charlie from tampering with data that Alice sends to Bob. Alice calculates an HMAC for her message and append the HMAC to her original message. She encrypts the message plus the HMAC using a secret key she shares with Bob. Bob decrypts the message and recalculates the HMAC. If his HMAC differs from the one Alice sent then the message was modified in transit. 9

How SSL Achieves Integrity Protection Client and server use their secret key, and an agreed-upon cryptographic hash function to attach an HMAC to each message sent. The receiver checks that each message has not been altered. 10

Digital Signatures Q: How does Alice prove to Bob that a message comes from her? A: Demonstrate that she has her private key. Protocol As before, Alice creates her public and private keys, and distributes her public key with her name attached. Alice encrypts a message using her private key and sends the message to Bob. If Bob can decrypt the data with Alice's public key, the message must have been encrypted by Alice with her private key, since only Alice has her private key. This is called a digital signature. 11

Public Keys and Authentication Q: How does Alice prove to Bob that she is Alice? A: Demonstrate that she has her private key. Protocol Bob creates a random number, encrypts it with Alice s public key and sends it to Alice. Alice decrypts the random number with her private key, and sends the random number to Bob, proving she s Alice. 12

Public Keys and Authentication (cont.) Q: How do we prevent Charlie from pretending to be Alice by circulating a public key named Alice? A: By having someone we trust verify that Alice is Alice. Public Key Certificate A digital passport that is issued by a trusted organization and identifies the bearer. A trusted organization is called a certificate authority (CA). The CA digitally signs the certificate, thereby attesting to the validity of the certificate s information. 13

Public Key Certificate Contains the fields: Subject s public key Subject Information about the entity that the certificate represents. Issuer The CA that issued the certificate. If a user trusts the CA that issues a certificate, and if the certificate is valid, the user can trust the certificate. Signature The signature is created using the CA's private key and ensures the validity of the certificate. Period of validity The certificate s expiration date. 14

Authentication with a Public Key Certificate Q: How is a public key certificate used to help Alice prove to Bob that she is Alice? Protocol Bob obtains Alice s public key certificate. Bob also has a certificate for a trusted CA that supposedly signed Alice s public key certificate. Bob checks that the trusted CA signed Alice s public key certificate by using the CA s public key to decrypt the signature in Alice s public key certificate. Run the protocol for Q: How does Alice prove to Bob that she is Alice? 15

Certificate Chains Multiple certificates may be linked in a certificate chain. The first certificate is that of the sender. The next is the certificate of the entity that issued the sender s certificate. If there are more certificates in the chain, each is that of the authority that signed the previous certificate. The final certificate in the chain is the certificate for a root CA, a certificate authority that is widely trusted. Well-known public CAs include VeriSign, Entrust, and GTE CyberTrust. 16

Optional Protocol How SSL Achieves Authentication If the client wants to authenticate the server then they follow the protocol in Authentication with a Public Key Certificate with the client acting as Bob. If the server wants to authenticate the client then they follow the protocol in Authentication with a Public Key Certificate with the server acting as Bob. 17

How SSL Works 1.Handshake a negotiation process that creates or rejoins a session 2.If (Handshake succeeds) then Else Encrypted data can be exchanged The connection is aborted 18

How SSL Works: the Handshake Negotiate the cipher suite Authenticate identities (optional) Exchange secret key 19

How SSL Works: Negotiate the Cipher Suite A cipher suite A set of cryptographic algorithms An algorithm for exchanging a secret key A secret key encryption algorithm and key length A cryptographic hash function The client tells the server which cipher suites it has available, and the server chooses the best mutually acceptable cipher suite. 20

Common Cipher Suites See handout 21

How SSL Works: Exchange secret key See How SSL Achieves Confidentiality above 22

How SSL Works: the Handshake in Detail 23

How SSL Works: the Handshake in Detail 1. Client hello - The client sends the server information including the highest version of SSL it supports and a list of the cipher suites it supports. 2. Server hello - The server chooses the highest version of SSL and the best cipher suite that both the client and server support and sends this information to the client. 3. Certificate - If server authentication is required then the server sends the client a certificate or a certificate chain. 4. Certificate request - If the server needs to authenticate the client, it sends the client a certificate request. 5. Server key exchange - The server sends the client a server key exchange message when the public key information sent in 3) above is not sufficient for key exchange. 6. Server hello done - The server tells the client it is finished with its initial negotiation messages. 24

How SSL Works: the Handshake in Detail 7. Certificate - If the server requests a certificate from the client in Message 4, the client sends its certificate chain, like the server did in Message 3. 8. Client key exchange - The client generates information used to create a key to use for symmetric encryption. For RSA, the client then encrypts this key information with the server's public key and sends it to the server. 9. Certificate verify If the server is authenticating the client, the client sends a random number that it digitally signs. When the server decrypts number with the client's public key, the server authenticates the client. 10. Change cipher spec - The client tells the server to change to encrypted mode. 11. Finished - The client sends the server a hash of the handshake messages. 12. Change cipher spec - The server tells the client to change to encrypted mode. 13. Finished - The server sends the client a hash of the handshake messages. Encrypted data - The client and the server communicate using the symmetric encryption algorithm and the cryptographic hash function negotiated in Messages 1 and 2, using the secret key that the client sent to the server in Message 8. 25

How SSL Works: the Handshake Shortcut If the parameters generated during an SSL handshake are saved, these parameters can be reused for future SSL connections. Session Describes an ongoing relationship between a particular client and a particular server One session per SSL connection But a session may be reused repeatedly, on sequential or concurrent connections Reusing a session greatly speeds up handshaking 26

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback