SlideShare une entreprise Scribd logo
1  sur  47
Télécharger pour lire hors ligne
SSL & TLS
Architecture
By Avirot M. Liangsiri
Senior Technical Specialist
Professional Computer Co., Ltd.
                                  1
Web Security Essential
• Web now widely used by business, government,
  individuals for multiple application
• But Internet & Web are vulnerable
• Have a variety of threats
   • integrity
   • confidentiality
   • denial of service
   • authentication
• Need added security mechanisms
                                                 2
Security Architecture
• ITU-T Recommendation X.805 Security architecture for
  systems providing end‑to‑end communications had been
  developed by ITU-T SG 17 (ITU-T Lead Study Group on
  Telecommunication Security) and was published in
  October 2003.
• The group has developed a set of the well-recognized
  Recommendations on security. Among them are X.800
  Series of Recommendations on security and X.509 v3 -
  Public-key and Attribute Certificate Frameworks.



                                                         3
ITU-T X.800 Threat Model
(simplified)
                                                 X
1 - Destruction (an attack on availability):
– Destruction of information and/or network
  resources
2 - Corruption (an attack on integrity):
– Unauthorized tampering with an asset

3 - Removal (an attack on availability):
– Theft, removal or loss of information and/or
  other resources
4 - Disclosure (an attack on confidentiality):
– Unauthorized access to an asset

5 - Interruption (an attack on availability):
– Interruption of services. Network becomes
  unavailable or unusable                        X   4


                                                 4
ITU-T X.800 Eight Security Dimensions
                Address the Breadth of Network
• Limit & control access to
                            Vulnerabilities
  network elements, services &           Access Control
                                                                      • Provide Proof of Identity
  applications
                                                                      • Examples: shared secret,
• Examples: password, ACL,
  firewall
                                          Authentication                PKI, digital signature, digital
                                                                        certificate
• Prevent ability to deny that an
  activity on the network                Non-repudiation              • Ensure confidentiality of data
  occurred                                                            • Example: encryption
• Examples: system logs,
                                       Data Confidentiality
  digital signatures
                                                                      • Ensure data is received as
• Ensure information only flows      Communication Security             sent or retrieved as stored
  from source to destination                                          • Examples: MD5, digital
• Examples: VPN, MPLS,                                                  signature, anti-virus software
  L2TP                                    Data Integrity


                                            Availability
• Ensure network elements,                                             • Ensure identification and
  services and application                                               network use is kept private
  available to legitimate users               Privacy                  • Examples: NAT, encryption 5
• Examples: IDS/IPS, network
  redundancy, BC/DR

              Eight Security Dimensions applied to each Security Perspective (layer and
                                                                                   5
ITU-T X.800 Three Security
  Layers
                            Applications Security
                                                                      3 - Applications Security Layer:
                                                      THREATS
                                                                      • Network-based applications accessed by
                            Services Security
                                                       Destruction      end-users
                                                       Corruption
    VULNERABILITIES
                                                       Removal
                                                                      • Examples:
                                                       Disclosure        – Web browsing
Vulnerabilities Can Exist                              Interruption
     In Each Layer          Infrastructure Security                      – Directory assistance
                                                      ATTACKS            – Email
                                                                         – E-commerce


      1 - Infrastructure Security Layer:                              2 - Services Security Layer:
      • Fundamental building blocks of networks                       • Services Provided to End-Users
        services and applications                                     • Examples:
      • Examples:                                                        – Frame Relay, ATM, IP
         – Individual routers, switches, servers                         – Cellular, Wi-Fi,
         – Point-to-point WAN links                                      – VoIP, QoS, IM, Location services
         – Ethernet links                                                – Toll free call services

           • Each Security Layer has unique vulnerabilities, threats                                             6
           • Infrastructure security enables services security enables applications security


                                                                                                6
ITU-T X.800 Applying Security
Planes to Network Protocols
               End User Security Plane
                         Activities                             Protocols
                  •End-user data transfer             • HTTP, RTP, POP, IMAP
                  •End-user – application             • TCP, UDP, FTP
                  interactions                        • IPsec, TLS

    Control/Signaling Security Plane
                  Activities                              Protocols
     •Update of routing/switching tables         • BGP, OSPF, IS-IS, RIP,
     •Service initiation, control, and             PIM
     teardown                                    • SIP, RSVP, H.323, SS7.
     •Application control                        • IKE, ICMP
                                                 • PKI, DNS, DHCP, SMTP

Management Security Plane
    Activities                                Protocols
•Operations                                •SNMP
•Administration                            •Telnet
                                                                                7
•Management                                •FTP
•Provisioning                              •HTTP

                                                                            7
SSL (Secure Socket Layer)

• transport layer security service
• originally developed by Netscape
• version 3 designed with public input
• subsequently became Internet standard known as
  TLS (Transport Layer Security)
• uses TCP to provide a reliable end-to-end service
• SSL has two layers of protocols
Where SSL Fits
    HTTP SMTP POP3         HTTPS SSMTP SPOP3
    80   25    110         443          465      995


                                 Secure Sockets Layer


                     Transport


                     Network


                       Link
Uses Public Key Scheme
 • Each client-server pair uses
   • 2 public keys
     • one for client (browser)
       • created when browser is installed on client machine
     • one for server (http server)
       • created when server is installed on server hardware
   • 2 private keys
     • one for client browser
     • one for server (http server)
SSL Architecture
SSL Architecture
• SSL session
  • an association between client & server
  • created by the Handshake Protocol
  • define a set of cryptographic parameters
  • may be shared by multiple SSL connections (by using
    same session symmetric key)
• SSL connection
  • a transient, peer-to-peer, communications link
  • associated with 1 SSL session
SSL Record Protocol
• confidentiality
  • using symmetric encryption with a shared secret key
    defined by Handshake Protocol
  • IDEA, RC2-40, DES-40, DES, 3DES, Fortezza, RC4-40,
    RC4-128
  • message is compressed before encryption
• message integrity
  • using a MAC (Message Authentication Code) created
    using a shared secret key and a short message
SSL Alert Protocol
• conveys SSL-related alerts to peer entity
• severity
     • warning or fatal
• specific alert
     • unexpected message, bad record mac, decompression failure,
       handshake failure, illegal parameter
     • close notify, no certificate, bad certificate, unsupported
       certificate, certificate revoked, certificate expired, certificate
       unknown
• compressed & encrypted like all SSL data
SSL Handshake Protocol
• allows server & client to:
  • authenticate each other
  • to negotiate encryption & MAC algorithms
  • to negotiate cryptographic keys to be used
• comprises a series of messages in phases
  •   Establish Security Capabilities
  •   Server Authentication and Key Exchange
  •   Client Authentication and Key Exchange
  •   Finish
SSL Handshake Protocol
Changes from SSL 3.0 to TLS
• Fortezza removed
• Additional Alerts added




                                         17
• Modification to hash calculations
• Protocol version 3.1 in ClientHello,
  ServerHello
TLS (Transport Layer
Security)
• IETF standard RFC 2246 similar to SSLv3
• with minor differences
  •   in record format version number
  •   uses HMAC for MAC
  •   a pseudo-random function expands secrets
  •   has additional alert codes
  •   some changes in supported ciphers
  •   changes in certificate negotiations
  •   changes in use of padding
TLS:Key Exchange
• Need secure method to exchange secret key
• Use public key encryption for this
  • “key pair” is used - either one can encrypt and




                                                      19
    then the other can decrypt
  • slower than conventional cryptography
  • share one key, keep the other private
• Choices are RSA or Diffie-Hellman
TLS: Integrity
• Compute fixed-length Message Authentication
  Code (MAC)
  • Includes hash of message




                                                20
  • Includes a shared secret
  • Include sequence number
• Transmit MAC with message
TLS: Integrity
• Receiver creates new MAC
  • should match transmitted MAC
• TLS allows MD5, SHA-1




                                                     21
        A                          B
        Message                    Message’    MAC

            MAC                    MAC’       =?
TLS: Authentication
• Verify identities of participants
• Client authentication is optional
• Certificate is used to associate identity with




                                                             22
  public key and other attributes



       A                                       B
       Certificate

                                               Certificate
TLS: Overview
• Establish a session
  • Agree on algorithms
  • Share secrets




                                   23
  • Perform authentication
• Transfer application data
  • Ensure privacy and integrity
TLS: Architecture
• TLS defines Record Protocol to transfer
  application and TLS information
• A session is established using a Handshake




                                                           24
  Protocol



              Handshake       Change              Alert
               Protocol     Cipher Spec         Protocol


                          TLS Record Protocol
TLS: Record Protocol




                       25
TLS: Handshake
• Negotiate Cipher-Suite Algorithms
  • Symmetric cipher to use
  • Key exchange method




                                                 26
  • Message digest function
• Establish and share master secret
• Optionally authenticate server and/or client
Handshake Phases
• Hello messages
• Certificate and Key Exchange messages
• Change CipherSpec and Finished messages




                                            27
TLS: Hello
• Client “Hello” - initiates session
  • Propose protocol version
  • Propose cipher suite




                                              28
  • Server chooses protocol and suite
• Client may request use of cached session
  • Server chooses whether to honor request
TLS: Key Exchange
• Server sends certificate containing public key
  (RSA) or Diffie-Hellman parameters
• Client sends encrypted “pre-master” secret to




                                                     29
  server using Client Key Exchange message
• Master secret calculated
   • Use random values passed in Client and Server
     Hello messages
Public Key Certificates
• X.509 Certificate associates public key with
  identity
• Certification Authority (CA) creates certificate




                                                     30
   • Adheres to policies and verifies identity
   • Signs certificate
• User of Certificate must ensure it is valid
Validating a Certificate
• Must recognize accepted CA in certificate chain
  • One CA may issue certificate for another CA
• Must verify that certificate has not been revoked




                                                      31
  • CA publishes Certificate Revocation List (CRL)
X.509: Certificate Content
• Version                            • Subject X.500 name
• Serial Number                      • Subject Public Key
• Signature Algorithm Identifier        • Algorithm
   • Object Identifier (OID)            • Value




                                                                         32
   • e.g. id-dsa: {iso(1) member-
     body(2) us(840) x9-57 (10040)   • Issuer Unique Id (Version 2 ,3)
     x9algorithm(4) 1}               • Subject Unique Id (Version
• Issuer (CA) X.500 name               2,3)
• Validity Period (Start,End)        • Extensions (version 3)
                                       • optional
                                     • CA digital Signature
Subject Names
• X.500 Distinguished Name (DN)
• Associated with node in hierarchical directory
  (X.500)




                                                    33
• Each node has Relative Distinguished Name
  (RDN)
   • Path for parent node
   • Unique set of attribute/value pairs for this
     node
Example Subject Name
• Country at Highest Level (e.g. US)
• Organization typically at next level (e.g. CertCo)
• Individual below (e.g. Common Name




                                                       34
  “Elizabeth” with Id = 1)
   DN = {
    • C=US;
    • O=CertCo;
    • CN=Elizabeth, ID=1}
Version 3 Certificates
• Version 3 X.509 Certificates support alternative
  name formats as extensions
  • X.500 names




                                                     35
  • Internet domain names
  • e-mail addresses
  • URLs
• Certificate may include more than one name
Certificate Signature
• RSA Signature
  • Create hash of certificate
  • Encrypt using CA’s private key




                                     36
• Signature verification
  • Decrypt using CA’s public key
  • Verify hash
TLS: ServerKeyExchange
Client         Server

ClientHello
                ServerHello




                                     37
                Certificate
                ServerKeyExchange
TLS: Certificate Request
Client           Server

ClientHello
                  ServerHello




                                        38
                  Certificate
                  ServerKeyExchange
                  CertificateRequest
TLS: Client Certificate
Client               Server

ClientHello
                      ServerHello




                                            39
                      Certificate
                      ServerKeyExchange
                      CertificateRequest
ClientCertificate
ClientKeyExchange
TLS: Change Cipher Spec,
Finished
Client                Server

[ChangeCipherSpec]
Finished




                                            40
                      [ChangeCipherSpec]
                       Finished

Application Data     Application Data
TLS: Change Cipher
Spec/Finished
• Change Cipher Spec
  • Announce switch to negotiated algorithms and
    values




                                                   41
• Finished
  • Send copy of handshake using new session
  • Permits validation of handshake
TLS: Using a Session
Client                     Server

ClientHello (Session #)
                           ServerHello (Session #)




                                                      42
                           [ChangeCipherSpec]
                            Finished
[ChangeCipherSpec]
Finished

Application Data          Application Data
TLS: HTTP Application
• HTTP most common TLS application
  • https://
• Requires TLS-capable web server




                                             43
• Requires TLS-capable web browser
  • Netscape Navigator
  • Internet Explorer
  • Cryptozilla
    • Netscape Mozilla sources with SSLeay
X.509 Certificate Issues
• Certificate Administration is complex
  • Hierarchy of Certification Authorities
  • Mechanisms for requesting, issuing, revoking




                                                   44
    certificates
• X.500 names are complicated
• Description formats are cumbersome (ASN.1)
X.509 Alternative: SDSI
 • SDSI: Simple Distributed Security Infrastructure
   (Rivest, Lampson)
   • Merging with IETF SPKI: Simple Public-Key




                                                       45
     Infrastructure in SDSI 2.0
   • Eliminate X.500 names - use DNS and text
   • Everyone is their own CA
   • Instead of ASN.1 use “S-expressions” and simple
     syntax
   • Name and Authorization certificates
TLS “Alternatives”
• S-HTTP: secure HTTP protocol, shttp://
• IPSec: secure IP
• SET: Secure Electronic Transaction




                                                   46
   • Protocol and infrastructure for bank card
     payments
• SASL: Simple Authentication and Security Layer
  (RFC 2222)
Summary
• SSL/TLS addresses the need for security in
  Internet communications
   • Privacy - conventional encryption




                                                   47
   • Integrity - Message Authentication Codes
   • Authentication - X.509 certificates
• SSL in use today with web browsers and servers
   • Equivalent to TLS

Contenu connexe

Tendances

Transport Layer Security (TLS)
Transport Layer Security (TLS)Transport Layer Security (TLS)
Transport Layer Security (TLS)Arun Shukla
 
x.509-Directory Authentication Service
x.509-Directory Authentication Servicex.509-Directory Authentication Service
x.509-Directory Authentication ServiceSwathy T
 
Secure Socket Layer (SSL)
Secure Socket Layer (SSL)Secure Socket Layer (SSL)
Secure Socket Layer (SSL)Samip jain
 
Classical encryption techniques
Classical encryption techniquesClassical encryption techniques
Classical encryption techniquesDr.Florence Dayana
 
Classical Encryption Techniques in Network Security
Classical Encryption Techniques in Network SecurityClassical Encryption Techniques in Network Security
Classical Encryption Techniques in Network Securitybabak danyal
 
Message authentication
Message authenticationMessage authentication
Message authenticationCAS
 
Wireless network security
Wireless network securityWireless network security
Wireless network securityVishal Agarwal
 
Block cipher modes of operation
Block cipher modes of operation Block cipher modes of operation
Block cipher modes of operation harshit chavda
 
What is SSL ? The Secure Sockets Layer (SSL) Protocol
What is SSL ? The Secure Sockets Layer (SSL) ProtocolWhat is SSL ? The Secure Sockets Layer (SSL) Protocol
What is SSL ? The Secure Sockets Layer (SSL) ProtocolMohammed Adam
 

Tendances (20)

IP Security
IP SecurityIP Security
IP Security
 
Transport Layer Security (TLS)
Transport Layer Security (TLS)Transport Layer Security (TLS)
Transport Layer Security (TLS)
 
Diffie-hellman algorithm
Diffie-hellman algorithmDiffie-hellman algorithm
Diffie-hellman algorithm
 
Ssl and tls
Ssl and tlsSsl and tls
Ssl and tls
 
x.509-Directory Authentication Service
x.509-Directory Authentication Servicex.509-Directory Authentication Service
x.509-Directory Authentication Service
 
Secure Socket Layer (SSL)
Secure Socket Layer (SSL)Secure Socket Layer (SSL)
Secure Socket Layer (SSL)
 
Classical encryption techniques
Classical encryption techniquesClassical encryption techniques
Classical encryption techniques
 
Hash function
Hash function Hash function
Hash function
 
Web Security
Web SecurityWeb Security
Web Security
 
Telnet presentation
Telnet presentationTelnet presentation
Telnet presentation
 
Internet Key Exchange Protocol
Internet Key Exchange ProtocolInternet Key Exchange Protocol
Internet Key Exchange Protocol
 
Classical Encryption Techniques in Network Security
Classical Encryption Techniques in Network SecurityClassical Encryption Techniques in Network Security
Classical Encryption Techniques in Network Security
 
Message authentication
Message authenticationMessage authentication
Message authentication
 
Electronic mail security
Electronic mail securityElectronic mail security
Electronic mail security
 
Intruders
IntrudersIntruders
Intruders
 
Dmz
Dmz Dmz
Dmz
 
S/MIME
S/MIMES/MIME
S/MIME
 
Wireless network security
Wireless network securityWireless network security
Wireless network security
 
Block cipher modes of operation
Block cipher modes of operation Block cipher modes of operation
Block cipher modes of operation
 
What is SSL ? The Secure Sockets Layer (SSL) Protocol
What is SSL ? The Secure Sockets Layer (SSL) ProtocolWhat is SSL ? The Secure Sockets Layer (SSL) Protocol
What is SSL ? The Secure Sockets Layer (SSL) Protocol
 

En vedette

SSL, FFL, SFL Abbreviations
SSL, FFL, SFL AbbreviationsSSL, FFL, SFL Abbreviations
SSL, FFL, SFL AbbreviationsEhlelt Mancha
 
Introduction to Secure Sockets Layer
Introduction to Secure Sockets LayerIntroduction to Secure Sockets Layer
Introduction to Secure Sockets LayerNascenia IT
 
Network security unit 4,5,6
Network security unit 4,5,6 Network security unit 4,5,6
Network security unit 4,5,6 WE-IT TUTORIALS
 
Chilled water piping basics
Chilled water piping basicsChilled water piping basics
Chilled water piping basicsAp Naseem
 
Secure Socket Layer
Secure Socket LayerSecure Socket Layer
Secure Socket LayerNaveen Kumar
 

En vedette (6)

SSL, FFL, SFL Abbreviations
SSL, FFL, SFL AbbreviationsSSL, FFL, SFL Abbreviations
SSL, FFL, SFL Abbreviations
 
SSL/TLS
SSL/TLSSSL/TLS
SSL/TLS
 
Introduction to Secure Sockets Layer
Introduction to Secure Sockets LayerIntroduction to Secure Sockets Layer
Introduction to Secure Sockets Layer
 
Network security unit 4,5,6
Network security unit 4,5,6 Network security unit 4,5,6
Network security unit 4,5,6
 
Chilled water piping basics
Chilled water piping basicsChilled water piping basics
Chilled water piping basics
 
Secure Socket Layer
Secure Socket LayerSecure Socket Layer
Secure Socket Layer
 

Similaire à SSL & TLS Architecture short

Intoto Linley Tech Utm Architecture Presentation
Intoto Linley Tech Utm Architecture PresentationIntoto Linley Tech Utm Architecture Presentation
Intoto Linley Tech Utm Architecture Presentationsaddepalli
 
Securing your telco cloud
Securing your telco cloud Securing your telco cloud
Securing your telco cloud OPNFV
 
8 Authentication Security Protocols
8 Authentication Security Protocols8 Authentication Security Protocols
8 Authentication Security Protocolsguestfbf635
 
Minimizing Information Transparency
Minimizing Information TransparencyMinimizing Information Transparency
Minimizing Information TransparencyUsman Arshad
 
Application layer security protocol
Application layer security protocolApplication layer security protocol
Application layer security protocolKirti Ahirrao
 
3 Telecom+Network Part1
3 Telecom+Network Part13 Telecom+Network Part1
3 Telecom+Network Part1Alfred Ouyang
 
CCNA Security - Chapter 6
CCNA Security - Chapter 6CCNA Security - Chapter 6
CCNA Security - Chapter 6Irsandi Hasan
 
(Sacon) Sumanth Naropanth - IoT network & ecosystem security attacks & secur...
(Sacon) Sumanth Naropanth  - IoT network & ecosystem security attacks & secur...(Sacon) Sumanth Naropanth  - IoT network & ecosystem security attacks & secur...
(Sacon) Sumanth Naropanth - IoT network & ecosystem security attacks & secur...Priyanka Aash
 
Future Cities Conference´13 / Peter Steenkiste - "The eXpressive Internet Arc...
Future Cities Conference´13 / Peter Steenkiste - "The eXpressive Internet Arc...Future Cities Conference´13 / Peter Steenkiste - "The eXpressive Internet Arc...
Future Cities Conference´13 / Peter Steenkiste - "The eXpressive Internet Arc...Future Cities Project
 
Defending the campus juniper nerworks
Defending the campus juniper nerworksDefending the campus juniper nerworks
Defending the campus juniper nerworksBrozaa
 
Sophos utm-roadshow-south africa-2012
Sophos utm-roadshow-south africa-2012Sophos utm-roadshow-south africa-2012
Sophos utm-roadshow-south africa-2012dvanwyk30
 
Bright and Gray areas of Clound Computing
Bright and Gray areas of Clound ComputingBright and Gray areas of Clound Computing
Bright and Gray areas of Clound Computingpallavikhandekar212
 
[2010] Advanced infrastructure as foundation of e-Democracy solutions - Danie...
[2010] Advanced infrastructure as foundation of e-Democracy solutions - Danie...[2010] Advanced infrastructure as foundation of e-Democracy solutions - Danie...
[2010] Advanced infrastructure as foundation of e-Democracy solutions - Danie...e-Democracy Conference
 
Advanced infrastructure as foundation for e-democracy solutions - Daniel Dani...
Advanced infrastructure as foundation for e-democracy solutions - Daniel Dani...Advanced infrastructure as foundation for e-democracy solutions - Daniel Dani...
Advanced infrastructure as foundation for e-democracy solutions - Daniel Dani...e-Democracy Conference
 

Similaire à SSL & TLS Architecture short (20)

saag-3.ppt
saag-3.pptsaag-3.ppt
saag-3.ppt
 
Monetizing the Enterprise: Borderless Networks
Monetizing the Enterprise: Borderless NetworksMonetizing the Enterprise: Borderless Networks
Monetizing the Enterprise: Borderless Networks
 
Intoto Linley Tech Utm Architecture Presentation
Intoto Linley Tech Utm Architecture PresentationIntoto Linley Tech Utm Architecture Presentation
Intoto Linley Tech Utm Architecture Presentation
 
Securing your telco cloud
Securing your telco cloud Securing your telco cloud
Securing your telco cloud
 
Security and Linux Security
Security and Linux SecuritySecurity and Linux Security
Security and Linux Security
 
8 Authentication Security Protocols
8 Authentication Security Protocols8 Authentication Security Protocols
8 Authentication Security Protocols
 
2012 Data Center Security
2012 Data Center Security2012 Data Center Security
2012 Data Center Security
 
S series presentation
S series presentationS series presentation
S series presentation
 
Minimizing Information Transparency
Minimizing Information TransparencyMinimizing Information Transparency
Minimizing Information Transparency
 
Isys20261 lecture 06
Isys20261 lecture 06Isys20261 lecture 06
Isys20261 lecture 06
 
Application layer security protocol
Application layer security protocolApplication layer security protocol
Application layer security protocol
 
3 Telecom+Network Part1
3 Telecom+Network Part13 Telecom+Network Part1
3 Telecom+Network Part1
 
CCNA Security - Chapter 6
CCNA Security - Chapter 6CCNA Security - Chapter 6
CCNA Security - Chapter 6
 
(Sacon) Sumanth Naropanth - IoT network & ecosystem security attacks & secur...
(Sacon) Sumanth Naropanth  - IoT network & ecosystem security attacks & secur...(Sacon) Sumanth Naropanth  - IoT network & ecosystem security attacks & secur...
(Sacon) Sumanth Naropanth - IoT network & ecosystem security attacks & secur...
 
Future Cities Conference´13 / Peter Steenkiste - "The eXpressive Internet Arc...
Future Cities Conference´13 / Peter Steenkiste - "The eXpressive Internet Arc...Future Cities Conference´13 / Peter Steenkiste - "The eXpressive Internet Arc...
Future Cities Conference´13 / Peter Steenkiste - "The eXpressive Internet Arc...
 
Defending the campus juniper nerworks
Defending the campus juniper nerworksDefending the campus juniper nerworks
Defending the campus juniper nerworks
 
Sophos utm-roadshow-south africa-2012
Sophos utm-roadshow-south africa-2012Sophos utm-roadshow-south africa-2012
Sophos utm-roadshow-south africa-2012
 
Bright and Gray areas of Clound Computing
Bright and Gray areas of Clound ComputingBright and Gray areas of Clound Computing
Bright and Gray areas of Clound Computing
 
[2010] Advanced infrastructure as foundation of e-Democracy solutions - Danie...
[2010] Advanced infrastructure as foundation of e-Democracy solutions - Danie...[2010] Advanced infrastructure as foundation of e-Democracy solutions - Danie...
[2010] Advanced infrastructure as foundation of e-Democracy solutions - Danie...
 
Advanced infrastructure as foundation for e-democracy solutions - Daniel Dani...
Advanced infrastructure as foundation for e-democracy solutions - Daniel Dani...Advanced infrastructure as foundation for e-democracy solutions - Daniel Dani...
Advanced infrastructure as foundation for e-democracy solutions - Daniel Dani...
 

Plus de Avirot Mitamura

Cybersecurity and-cyberwar-singer-en-22186
Cybersecurity and-cyberwar-singer-en-22186Cybersecurity and-cyberwar-singer-en-22186
Cybersecurity and-cyberwar-singer-en-22186Avirot Mitamura
 
Mental illness-at-work-race-en-20921
Mental illness-at-work-race-en-20921Mental illness-at-work-race-en-20921
Mental illness-at-work-race-en-20921Avirot Mitamura
 
Digital certificate management v1 (Draft)
Digital certificate management v1 (Draft)Digital certificate management v1 (Draft)
Digital certificate management v1 (Draft)Avirot Mitamura
 
CEH - Module 11 : Session Hijacking
CEH - Module 11 : Session HijackingCEH - Module 11 : Session Hijacking
CEH - Module 11 : Session HijackingAvirot Mitamura
 
CEH - Module 10 : Denial of Service
CEH - Module 10 : Denial of ServiceCEH - Module 10 : Denial of Service
CEH - Module 10 : Denial of ServiceAvirot Mitamura
 
CEH - Module 6 : Trojans and Backdoors
CEH - Module 6 : Trojans and BackdoorsCEH - Module 6 : Trojans and Backdoors
CEH - Module 6 : Trojans and BackdoorsAvirot Mitamura
 
CEH - Module 5 : System Hacking
CEH - Module 5 : System HackingCEH - Module 5 : System Hacking
CEH - Module 5 : System HackingAvirot Mitamura
 
CEH - Module4 : Enumeration
CEH - Module4 : EnumerationCEH - Module4 : Enumeration
CEH - Module4 : EnumerationAvirot Mitamura
 
Kingdom of Thailand - visa
Kingdom of Thailand - visaKingdom of Thailand - visa
Kingdom of Thailand - visaAvirot Mitamura
 
Preparation company limited registration
Preparation company limited registrationPreparation company limited registration
Preparation company limited registrationAvirot Mitamura
 
Elevate - Three Disciplines of Strategic Thinking
Elevate - Three Disciplines of Strategic ThinkingElevate - Three Disciplines of Strategic Thinking
Elevate - Three Disciplines of Strategic ThinkingAvirot Mitamura
 
Lead with-humility-krames-en-22453
Lead with-humility-krames-en-22453Lead with-humility-krames-en-22453
Lead with-humility-krames-en-22453Avirot Mitamura
 
Rising to Power of Exceptional Executives
Rising to Power of Exceptional ExecutivesRising to Power of Exceptional Executives
Rising to Power of Exceptional ExecutivesAvirot Mitamura
 
Imperial violet by poodle attacks on ss-lv3
Imperial violet by poodle attacks on ss-lv3Imperial violet by poodle attacks on ss-lv3
Imperial violet by poodle attacks on ss-lv3Avirot Mitamura
 
Bash Code-Injection Briefing
Bash Code-Injection BriefingBash Code-Injection Briefing
Bash Code-Injection BriefingAvirot Mitamura
 
Excise department project_fin
Excise department project_finExcise department project_fin
Excise department project_finAvirot Mitamura
 
คู่มือจัดทำแผนแม่บทของกระทรวง ICT 2550
คู่มือจัดทำแผนแม่บทของกระทรวง ICT 2550คู่มือจัดทำแผนแม่บทของกระทรวง ICT 2550
คู่มือจัดทำแผนแม่บทของกระทรวง ICT 2550Avirot Mitamura
 
Executive presentation [4] - NHSO IT Master Plan B.C.2550
Executive presentation [4] - NHSO IT Master Plan B.C.2550Executive presentation [4] - NHSO IT Master Plan B.C.2550
Executive presentation [4] - NHSO IT Master Plan B.C.2550Avirot Mitamura
 

Plus de Avirot Mitamura (20)

Rpa case study 2020 r1
Rpa case study 2020 r1Rpa case study 2020 r1
Rpa case study 2020 r1
 
Ui path rpa_intro_v1
Ui path rpa_intro_v1Ui path rpa_intro_v1
Ui path rpa_intro_v1
 
Cybersecurity and-cyberwar-singer-en-22186
Cybersecurity and-cyberwar-singer-en-22186Cybersecurity and-cyberwar-singer-en-22186
Cybersecurity and-cyberwar-singer-en-22186
 
Mental illness-at-work-race-en-20921
Mental illness-at-work-race-en-20921Mental illness-at-work-race-en-20921
Mental illness-at-work-race-en-20921
 
Digital certificate management v1 (Draft)
Digital certificate management v1 (Draft)Digital certificate management v1 (Draft)
Digital certificate management v1 (Draft)
 
CEH - Module 11 : Session Hijacking
CEH - Module 11 : Session HijackingCEH - Module 11 : Session Hijacking
CEH - Module 11 : Session Hijacking
 
CEH - Module 10 : Denial of Service
CEH - Module 10 : Denial of ServiceCEH - Module 10 : Denial of Service
CEH - Module 10 : Denial of Service
 
CEH - Module 6 : Trojans and Backdoors
CEH - Module 6 : Trojans and BackdoorsCEH - Module 6 : Trojans and Backdoors
CEH - Module 6 : Trojans and Backdoors
 
CEH - Module 5 : System Hacking
CEH - Module 5 : System HackingCEH - Module 5 : System Hacking
CEH - Module 5 : System Hacking
 
CEH - Module4 : Enumeration
CEH - Module4 : EnumerationCEH - Module4 : Enumeration
CEH - Module4 : Enumeration
 
Kingdom of Thailand - visa
Kingdom of Thailand - visaKingdom of Thailand - visa
Kingdom of Thailand - visa
 
Preparation company limited registration
Preparation company limited registrationPreparation company limited registration
Preparation company limited registration
 
Elevate - Three Disciplines of Strategic Thinking
Elevate - Three Disciplines of Strategic ThinkingElevate - Three Disciplines of Strategic Thinking
Elevate - Three Disciplines of Strategic Thinking
 
Lead with-humility-krames-en-22453
Lead with-humility-krames-en-22453Lead with-humility-krames-en-22453
Lead with-humility-krames-en-22453
 
Rising to Power of Exceptional Executives
Rising to Power of Exceptional ExecutivesRising to Power of Exceptional Executives
Rising to Power of Exceptional Executives
 
Imperial violet by poodle attacks on ss-lv3
Imperial violet by poodle attacks on ss-lv3Imperial violet by poodle attacks on ss-lv3
Imperial violet by poodle attacks on ss-lv3
 
Bash Code-Injection Briefing
Bash Code-Injection BriefingBash Code-Injection Briefing
Bash Code-Injection Briefing
 
Excise department project_fin
Excise department project_finExcise department project_fin
Excise department project_fin
 
คู่มือจัดทำแผนแม่บทของกระทรวง ICT 2550
คู่มือจัดทำแผนแม่บทของกระทรวง ICT 2550คู่มือจัดทำแผนแม่บทของกระทรวง ICT 2550
คู่มือจัดทำแผนแม่บทของกระทรวง ICT 2550
 
Executive presentation [4] - NHSO IT Master Plan B.C.2550
Executive presentation [4] - NHSO IT Master Plan B.C.2550Executive presentation [4] - NHSO IT Master Plan B.C.2550
Executive presentation [4] - NHSO IT Master Plan B.C.2550
 

Dernier

UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdfUiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdfDianaGray10
 
Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024SkyPlanner
 
AI You Can Trust - Ensuring Success with Data Integrity Webinar
AI You Can Trust - Ensuring Success with Data Integrity WebinarAI You Can Trust - Ensuring Success with Data Integrity Webinar
AI You Can Trust - Ensuring Success with Data Integrity WebinarPrecisely
 
NIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 WorkshopNIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 WorkshopBachir Benyammi
 
UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6DianaGray10
 
Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024D Cloud Solutions
 
Igniting Next Level Productivity with AI-Infused Data Integration Workflows
Igniting Next Level Productivity with AI-Infused Data Integration WorkflowsIgniting Next Level Productivity with AI-Infused Data Integration Workflows
Igniting Next Level Productivity with AI-Infused Data Integration WorkflowsSafe Software
 
Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1DianaGray10
 
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...Aggregage
 
OpenShift Commons Paris - Choose Your Own Observability Adventure
OpenShift Commons Paris - Choose Your Own Observability AdventureOpenShift Commons Paris - Choose Your Own Observability Adventure
OpenShift Commons Paris - Choose Your Own Observability AdventureEric D. Schabell
 
Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™Adtran
 
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCostKubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCostMatt Ray
 
UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8DianaGray10
 
Bird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystemBird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystemAsko Soukka
 
How Accurate are Carbon Emissions Projections?
How Accurate are Carbon Emissions Projections?How Accurate are Carbon Emissions Projections?
How Accurate are Carbon Emissions Projections?IES VE
 
9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding Team9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding TeamAdam Moalla
 
Designing A Time bound resource download URL
Designing A Time bound resource download URLDesigning A Time bound resource download URL
Designing A Time bound resource download URLRuncy Oommen
 
COMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online CollaborationCOMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online Collaborationbruanjhuli
 
ADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDE
ADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDEADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDE
ADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDELiveplex
 
Linked Data in Production: Moving Beyond Ontologies
Linked Data in Production: Moving Beyond OntologiesLinked Data in Production: Moving Beyond Ontologies
Linked Data in Production: Moving Beyond OntologiesDavid Newbury
 

Dernier (20)

UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdfUiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
UiPath Solutions Management Preview - Northern CA Chapter - March 22.pdf
 
Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024Salesforce Miami User Group Event - 1st Quarter 2024
Salesforce Miami User Group Event - 1st Quarter 2024
 
AI You Can Trust - Ensuring Success with Data Integrity Webinar
AI You Can Trust - Ensuring Success with Data Integrity WebinarAI You Can Trust - Ensuring Success with Data Integrity Webinar
AI You Can Trust - Ensuring Success with Data Integrity Webinar
 
NIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 WorkshopNIST Cybersecurity Framework (CSF) 2.0 Workshop
NIST Cybersecurity Framework (CSF) 2.0 Workshop
 
UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6UiPath Studio Web workshop series - Day 6
UiPath Studio Web workshop series - Day 6
 
Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024Artificial Intelligence & SEO Trends for 2024
Artificial Intelligence & SEO Trends for 2024
 
Igniting Next Level Productivity with AI-Infused Data Integration Workflows
Igniting Next Level Productivity with AI-Infused Data Integration WorkflowsIgniting Next Level Productivity with AI-Infused Data Integration Workflows
Igniting Next Level Productivity with AI-Infused Data Integration Workflows
 
Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1Secure your environment with UiPath and CyberArk technologies - Session 1
Secure your environment with UiPath and CyberArk technologies - Session 1
 
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
The Data Metaverse: Unpacking the Roles, Use Cases, and Tech Trends in Data a...
 
OpenShift Commons Paris - Choose Your Own Observability Adventure
OpenShift Commons Paris - Choose Your Own Observability AdventureOpenShift Commons Paris - Choose Your Own Observability Adventure
OpenShift Commons Paris - Choose Your Own Observability Adventure
 
Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™Meet the new FSP 3000 M-Flex800™
Meet the new FSP 3000 M-Flex800™
 
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCostKubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
KubeConEU24-Monitoring Kubernetes and Cloud Spend with OpenCost
 
UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8UiPath Studio Web workshop series - Day 8
UiPath Studio Web workshop series - Day 8
 
Bird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystemBird eye's view on Camunda open source ecosystem
Bird eye's view on Camunda open source ecosystem
 
How Accurate are Carbon Emissions Projections?
How Accurate are Carbon Emissions Projections?How Accurate are Carbon Emissions Projections?
How Accurate are Carbon Emissions Projections?
 
9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding Team9 Steps For Building Winning Founding Team
9 Steps For Building Winning Founding Team
 
Designing A Time bound resource download URL
Designing A Time bound resource download URLDesigning A Time bound resource download URL
Designing A Time bound resource download URL
 
COMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online CollaborationCOMPUTER 10: Lesson 7 - File Storage and Online Collaboration
COMPUTER 10: Lesson 7 - File Storage and Online Collaboration
 
ADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDE
ADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDEADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDE
ADOPTING WEB 3 FOR YOUR BUSINESS: A STEP-BY-STEP GUIDE
 
Linked Data in Production: Moving Beyond Ontologies
Linked Data in Production: Moving Beyond OntologiesLinked Data in Production: Moving Beyond Ontologies
Linked Data in Production: Moving Beyond Ontologies
 

SSL & TLS Architecture short

  • 1. SSL & TLS Architecture By Avirot M. Liangsiri Senior Technical Specialist Professional Computer Co., Ltd. 1
  • 2. Web Security Essential • Web now widely used by business, government, individuals for multiple application • But Internet & Web are vulnerable • Have a variety of threats • integrity • confidentiality • denial of service • authentication • Need added security mechanisms 2
  • 3. Security Architecture • ITU-T Recommendation X.805 Security architecture for systems providing end‑to‑end communications had been developed by ITU-T SG 17 (ITU-T Lead Study Group on Telecommunication Security) and was published in October 2003. • The group has developed a set of the well-recognized Recommendations on security. Among them are X.800 Series of Recommendations on security and X.509 v3 - Public-key and Attribute Certificate Frameworks. 3
  • 4. ITU-T X.800 Threat Model (simplified) X 1 - Destruction (an attack on availability): – Destruction of information and/or network resources 2 - Corruption (an attack on integrity): – Unauthorized tampering with an asset 3 - Removal (an attack on availability): – Theft, removal or loss of information and/or other resources 4 - Disclosure (an attack on confidentiality): – Unauthorized access to an asset 5 - Interruption (an attack on availability): – Interruption of services. Network becomes unavailable or unusable X 4 4
  • 5. ITU-T X.800 Eight Security Dimensions Address the Breadth of Network • Limit & control access to Vulnerabilities network elements, services & Access Control • Provide Proof of Identity applications • Examples: shared secret, • Examples: password, ACL, firewall Authentication PKI, digital signature, digital certificate • Prevent ability to deny that an activity on the network Non-repudiation • Ensure confidentiality of data occurred • Example: encryption • Examples: system logs, Data Confidentiality digital signatures • Ensure data is received as • Ensure information only flows Communication Security sent or retrieved as stored from source to destination • Examples: MD5, digital • Examples: VPN, MPLS, signature, anti-virus software L2TP Data Integrity Availability • Ensure network elements, • Ensure identification and services and application network use is kept private available to legitimate users Privacy • Examples: NAT, encryption 5 • Examples: IDS/IPS, network redundancy, BC/DR Eight Security Dimensions applied to each Security Perspective (layer and 5
  • 6. ITU-T X.800 Three Security Layers Applications Security 3 - Applications Security Layer: THREATS • Network-based applications accessed by Services Security Destruction end-users Corruption VULNERABILITIES Removal • Examples: Disclosure – Web browsing Vulnerabilities Can Exist Interruption In Each Layer Infrastructure Security – Directory assistance ATTACKS – Email – E-commerce 1 - Infrastructure Security Layer: 2 - Services Security Layer: • Fundamental building blocks of networks • Services Provided to End-Users services and applications • Examples: • Examples: – Frame Relay, ATM, IP – Individual routers, switches, servers – Cellular, Wi-Fi, – Point-to-point WAN links – VoIP, QoS, IM, Location services – Ethernet links – Toll free call services • Each Security Layer has unique vulnerabilities, threats 6 • Infrastructure security enables services security enables applications security 6
  • 7. ITU-T X.800 Applying Security Planes to Network Protocols End User Security Plane Activities Protocols •End-user data transfer • HTTP, RTP, POP, IMAP •End-user – application • TCP, UDP, FTP interactions • IPsec, TLS Control/Signaling Security Plane Activities Protocols •Update of routing/switching tables • BGP, OSPF, IS-IS, RIP, •Service initiation, control, and PIM teardown • SIP, RSVP, H.323, SS7. •Application control • IKE, ICMP • PKI, DNS, DHCP, SMTP Management Security Plane Activities Protocols •Operations •SNMP •Administration •Telnet 7 •Management •FTP •Provisioning •HTTP 7
  • 8. SSL (Secure Socket Layer) • transport layer security service • originally developed by Netscape • version 3 designed with public input • subsequently became Internet standard known as TLS (Transport Layer Security) • uses TCP to provide a reliable end-to-end service • SSL has two layers of protocols
  • 9. Where SSL Fits HTTP SMTP POP3 HTTPS SSMTP SPOP3 80 25 110 443 465 995 Secure Sockets Layer Transport Network Link
  • 10. Uses Public Key Scheme • Each client-server pair uses • 2 public keys • one for client (browser) • created when browser is installed on client machine • one for server (http server) • created when server is installed on server hardware • 2 private keys • one for client browser • one for server (http server)
  • 12. SSL Architecture • SSL session • an association between client & server • created by the Handshake Protocol • define a set of cryptographic parameters • may be shared by multiple SSL connections (by using same session symmetric key) • SSL connection • a transient, peer-to-peer, communications link • associated with 1 SSL session
  • 13. SSL Record Protocol • confidentiality • using symmetric encryption with a shared secret key defined by Handshake Protocol • IDEA, RC2-40, DES-40, DES, 3DES, Fortezza, RC4-40, RC4-128 • message is compressed before encryption • message integrity • using a MAC (Message Authentication Code) created using a shared secret key and a short message
  • 14. SSL Alert Protocol • conveys SSL-related alerts to peer entity • severity • warning or fatal • specific alert • unexpected message, bad record mac, decompression failure, handshake failure, illegal parameter • close notify, no certificate, bad certificate, unsupported certificate, certificate revoked, certificate expired, certificate unknown • compressed & encrypted like all SSL data
  • 15. SSL Handshake Protocol • allows server & client to: • authenticate each other • to negotiate encryption & MAC algorithms • to negotiate cryptographic keys to be used • comprises a series of messages in phases • Establish Security Capabilities • Server Authentication and Key Exchange • Client Authentication and Key Exchange • Finish
  • 17. Changes from SSL 3.0 to TLS • Fortezza removed • Additional Alerts added 17 • Modification to hash calculations • Protocol version 3.1 in ClientHello, ServerHello
  • 18. TLS (Transport Layer Security) • IETF standard RFC 2246 similar to SSLv3 • with minor differences • in record format version number • uses HMAC for MAC • a pseudo-random function expands secrets • has additional alert codes • some changes in supported ciphers • changes in certificate negotiations • changes in use of padding
  • 19. TLS:Key Exchange • Need secure method to exchange secret key • Use public key encryption for this • “key pair” is used - either one can encrypt and 19 then the other can decrypt • slower than conventional cryptography • share one key, keep the other private • Choices are RSA or Diffie-Hellman
  • 20. TLS: Integrity • Compute fixed-length Message Authentication Code (MAC) • Includes hash of message 20 • Includes a shared secret • Include sequence number • Transmit MAC with message
  • 21. TLS: Integrity • Receiver creates new MAC • should match transmitted MAC • TLS allows MD5, SHA-1 21 A B Message Message’ MAC MAC MAC’ =?
  • 22. TLS: Authentication • Verify identities of participants • Client authentication is optional • Certificate is used to associate identity with 22 public key and other attributes A B Certificate Certificate
  • 23. TLS: Overview • Establish a session • Agree on algorithms • Share secrets 23 • Perform authentication • Transfer application data • Ensure privacy and integrity
  • 24. TLS: Architecture • TLS defines Record Protocol to transfer application and TLS information • A session is established using a Handshake 24 Protocol Handshake Change Alert Protocol Cipher Spec Protocol TLS Record Protocol
  • 26. TLS: Handshake • Negotiate Cipher-Suite Algorithms • Symmetric cipher to use • Key exchange method 26 • Message digest function • Establish and share master secret • Optionally authenticate server and/or client
  • 27. Handshake Phases • Hello messages • Certificate and Key Exchange messages • Change CipherSpec and Finished messages 27
  • 28. TLS: Hello • Client “Hello” - initiates session • Propose protocol version • Propose cipher suite 28 • Server chooses protocol and suite • Client may request use of cached session • Server chooses whether to honor request
  • 29. TLS: Key Exchange • Server sends certificate containing public key (RSA) or Diffie-Hellman parameters • Client sends encrypted “pre-master” secret to 29 server using Client Key Exchange message • Master secret calculated • Use random values passed in Client and Server Hello messages
  • 30. Public Key Certificates • X.509 Certificate associates public key with identity • Certification Authority (CA) creates certificate 30 • Adheres to policies and verifies identity • Signs certificate • User of Certificate must ensure it is valid
  • 31. Validating a Certificate • Must recognize accepted CA in certificate chain • One CA may issue certificate for another CA • Must verify that certificate has not been revoked 31 • CA publishes Certificate Revocation List (CRL)
  • 32. X.509: Certificate Content • Version • Subject X.500 name • Serial Number • Subject Public Key • Signature Algorithm Identifier • Algorithm • Object Identifier (OID) • Value 32 • e.g. id-dsa: {iso(1) member- body(2) us(840) x9-57 (10040) • Issuer Unique Id (Version 2 ,3) x9algorithm(4) 1} • Subject Unique Id (Version • Issuer (CA) X.500 name 2,3) • Validity Period (Start,End) • Extensions (version 3) • optional • CA digital Signature
  • 33. Subject Names • X.500 Distinguished Name (DN) • Associated with node in hierarchical directory (X.500) 33 • Each node has Relative Distinguished Name (RDN) • Path for parent node • Unique set of attribute/value pairs for this node
  • 34. Example Subject Name • Country at Highest Level (e.g. US) • Organization typically at next level (e.g. CertCo) • Individual below (e.g. Common Name 34 “Elizabeth” with Id = 1) DN = { • C=US; • O=CertCo; • CN=Elizabeth, ID=1}
  • 35. Version 3 Certificates • Version 3 X.509 Certificates support alternative name formats as extensions • X.500 names 35 • Internet domain names • e-mail addresses • URLs • Certificate may include more than one name
  • 36. Certificate Signature • RSA Signature • Create hash of certificate • Encrypt using CA’s private key 36 • Signature verification • Decrypt using CA’s public key • Verify hash
  • 37. TLS: ServerKeyExchange Client Server ClientHello  ServerHello 37  Certificate  ServerKeyExchange
  • 38. TLS: Certificate Request Client Server ClientHello  ServerHello 38  Certificate  ServerKeyExchange  CertificateRequest
  • 39. TLS: Client Certificate Client Server ClientHello  ServerHello 39  Certificate  ServerKeyExchange  CertificateRequest ClientCertificate ClientKeyExchange
  • 40. TLS: Change Cipher Spec, Finished Client Server [ChangeCipherSpec] Finished 40 [ChangeCipherSpec]  Finished Application Data Application Data
  • 41. TLS: Change Cipher Spec/Finished • Change Cipher Spec • Announce switch to negotiated algorithms and values 41 • Finished • Send copy of handshake using new session • Permits validation of handshake
  • 42. TLS: Using a Session Client Server ClientHello (Session #) ServerHello (Session #) 42 [ChangeCipherSpec]  Finished [ChangeCipherSpec] Finished Application Data Application Data
  • 43. TLS: HTTP Application • HTTP most common TLS application • https:// • Requires TLS-capable web server 43 • Requires TLS-capable web browser • Netscape Navigator • Internet Explorer • Cryptozilla • Netscape Mozilla sources with SSLeay
  • 44. X.509 Certificate Issues • Certificate Administration is complex • Hierarchy of Certification Authorities • Mechanisms for requesting, issuing, revoking 44 certificates • X.500 names are complicated • Description formats are cumbersome (ASN.1)
  • 45. X.509 Alternative: SDSI • SDSI: Simple Distributed Security Infrastructure (Rivest, Lampson) • Merging with IETF SPKI: Simple Public-Key 45 Infrastructure in SDSI 2.0 • Eliminate X.500 names - use DNS and text • Everyone is their own CA • Instead of ASN.1 use “S-expressions” and simple syntax • Name and Authorization certificates
  • 46. TLS “Alternatives” • S-HTTP: secure HTTP protocol, shttp:// • IPSec: secure IP • SET: Secure Electronic Transaction 46 • Protocol and infrastructure for bank card payments • SASL: Simple Authentication and Security Layer (RFC 2222)
  • 47. Summary • SSL/TLS addresses the need for security in Internet communications • Privacy - conventional encryption 47 • Integrity - Message Authentication Codes • Authentication - X.509 certificates • SSL in use today with web browsers and servers • Equivalent to TLS

Notes de l'éditeur

  1. ITU-T X.800 Threat Model Confidential Issue Availability Issue Integrity Issue
  2. SSL probably most widely used Web security mechanism. Its implemented at the Transport layer; cf IPSec at Network layer; or various Application layer mechanisms eg. S/MIME & SET (later).
  3. Stallings Fig 17-2.
  4. SSL Record Protocol defines these two services for SSL connections.
  5. Stallings Fig 17-6.
  6. Hash includes Finished and CertificateVerify messages following client cert types removed: rsa_ephemeral_dh dss_ephemeral_dh fortezza_dms SSL 2 -> SSL 3.0 major changes
  7. Secret is used so that someone cannot replace both message and MAC, putting a new matching MAC in place of the original
  8. Operational and pending states
  9. Currently no compression defined but could be client boundaries are not preserved 2^14 bytes or less in protocol unit md5, sha-1, none MAC des, 3des, des40, rc2, rc4, idea none encryption
  10. Encryption mac key exchange Des/3des/des40 md5, sha1, none rsa, dh rc2 rc4 idea none
  11. Server “ Hello Request ”- ask client to restart hello includes some random data for creating the master secret
  12. Client generates 48-byte secret random # , encrypts using server’s public key, sends to server if diffie-hellman, p,g
  13. PKCS standards from RSA for RSA certificates PKCS #10 cert requests PKCS #9 cert attributes PKCS #7 cert chain format application/x-pkcs7-mime used to load CA chain into browser
  14. Possible to have more than one DN for an entry
  15. DSS digital signature standard also
  16. Certificate specifies public key must be appropriate for key exchange algorithm required for non-anonymous key exchange includes certificate chain - certs which verify previous ones in the chain PKCS#7 is not used since defined in sets rather than sequences
  17. Certificate request is optional specifies list of acceptable certificate authorities specifies types of certificates requested (e.g. RSA, dh)
  18. See next slide
  19. Change Cipher Spec not part of handshake
  20. Server can refuse to use session by not including session # in server hello keys for session are calculated fresh using shared master secret and new random numbers from Hello messages
  21. Mention different kinds of certificates identity encryption etc
  22. S-HTTP inter-operates with http signature authentication encryption public key key exchange, & externally arranged Secure * Secure-HTTP/1.4 : Request URI Secure-HTTP/1.4 200 OK response header lines convey information e.g. Certificate-Info: has cert, Encryption-Identity: x500 name ------------ IPSec RFC 1825-1829 required for IPv6, optional for IPv4 transport mode - protect contents of IP packet tunnel mode - protect entire IP packet encryption, MAC SASL Means to add authentication to connection-based protocol Variety of mechanisms Kerberos V4, GSSAPI, “External” Allows separation of authorization identity from client identity in credentials Permits authenticated state in protocol