Download - Unit 9 ssl and tls
![Page 1: Unit 9 ssl and tls](https://reader034.vdocuments.us/reader034/viewer/2022042607/5575726ad8b42a2e248b52a4/html5/thumbnails/1.jpg)
Prof. Chintan Patel Information Security
MEFGI , RAJKOT Unit - 9
![Page 2: Unit 9 ssl and tls](https://reader034.vdocuments.us/reader034/viewer/2022042607/5575726ad8b42a2e248b52a4/html5/thumbnails/2.jpg)
• ”Client Server Application Running on Internet and TCP/IP Intranet”
![Page 3: Unit 9 ssl and tls](https://reader034.vdocuments.us/reader034/viewer/2022042607/5575726ad8b42a2e248b52a4/html5/thumbnails/3.jpg)
• Web is unprotected to attack on the web server over theinternet.
• Web is serving as a platform for many business transaction.
Reputation and Money can be lost if servers are destroyed.
• Web browser is easy to use , web content is easy to develope ,
• web server is easy to manage but
Complexity of underlying S/W hides defects in system.
• Untrained users are common user of web based services.
![Page 4: Unit 9 ssl and tls](https://reader034.vdocuments.us/reader034/viewer/2022042607/5575726ad8b42a2e248b52a4/html5/thumbnails/4.jpg)
![Page 5: Unit 9 ssl and tls](https://reader034.vdocuments.us/reader034/viewer/2022042607/5575726ad8b42a2e248b52a4/html5/thumbnails/5.jpg)
Integrity Modification of data
Loss of information Cryptographic checksum
Confidentiality Theft of data from client and server
Loss of information and privacy
•Encryption•Web proxies
Denial of services•Flooding on M/C•Killing original Threats
Preventing user from work
Difficult to prevent
Authentication Data forgery Belief that false information is valid
Cryptographic techniques like Digital signature
![Page 6: Unit 9 ssl and tls](https://reader034.vdocuments.us/reader034/viewer/2022042607/5575726ad8b42a2e248b52a4/html5/thumbnails/6.jpg)
• 1. Use of IPSec.
Transparent to end user and application
Only Selected traffic can flow
![Page 7: Unit 9 ssl and tls](https://reader034.vdocuments.us/reader034/viewer/2022042607/5575726ad8b42a2e248b52a4/html5/thumbnails/7.jpg)
• 2. Above the TCP
Secure socket layer (SSL)/ Transport layer security(TLS)
Can be embedded in specific packages like Netscape of Microsoft browsers
Can be provided as a part of basic protocol used.
![Page 8: Unit 9 ssl and tls](https://reader034.vdocuments.us/reader034/viewer/2022042607/5575726ad8b42a2e248b52a4/html5/thumbnails/8.jpg)
• 3. Application Layer
Security services are embedded within an application.
Security service can be tailored for specific needs of an application.
Example: Secure Electronic Transaction (SET).
![Page 9: Unit 9 ssl and tls](https://reader034.vdocuments.us/reader034/viewer/2022042607/5575726ad8b42a2e248b52a4/html5/thumbnails/9.jpg)
Secure Socket Layer (SSL)
• Implements three cryptographic assurances:
1. Authentication.
2. Confidentiality.
3. Message integrity.
> Also provides secure key exchange between a
browser (client) and server.
> Provides security parameters negotiation.
> Does not offer non-repudiation.
![Page 10: Unit 9 ssl and tls](https://reader034.vdocuments.us/reader034/viewer/2022042607/5575726ad8b42a2e248b52a4/html5/thumbnails/10.jpg)
• “Peer to peer connection Associated with Onesession”
• Parameters for connection state :
Server and Client Random : Byte Sequence.
Server write MAC secret : Secret key in MAC operation by server.
Client write MAC secret : Secret key in MAC Operation by client.
Server write key : key used by server to encrypt and used by clientto decrypt.
Client write key : key used by client to encrypt and used by serverto decrypt.
Initialization vector : Set by SSL Handshake protocol
Sequence number: for transmitted and received message for eachconnection.
![Page 11: Unit 9 ssl and tls](https://reader034.vdocuments.us/reader034/viewer/2022042607/5575726ad8b42a2e248b52a4/html5/thumbnails/11.jpg)
“Association Between client and server which is created bySSL Handshake protocol and used to avoid the expensivenegotiation of new security parameters for eachconnection”
Parameter for Session state :
Session Identifier : An arbitrary byte sequence chosen by server toidentify an active or resumable session state.
Peer Certificate : X509.V3 Certificate for peer.
Compression Method : Algo. Used for compress data.
Cipher spec : Specifies bulk Data encryption algorithm and Hashalgorithm. Also defines hash_size.
Master secret : 48 byte secret value shared by client and server.
Is resumable : flag to indicate whether session can be used to initiate newconnections.
![Page 12: Unit 9 ssl and tls](https://reader034.vdocuments.us/reader034/viewer/2022042607/5575726ad8b42a2e248b52a4/html5/thumbnails/12.jpg)
![Page 13: Unit 9 ssl and tls](https://reader034.vdocuments.us/reader034/viewer/2022042607/5575726ad8b42a2e248b52a4/html5/thumbnails/13.jpg)
• Provides two services for SSL Connection :
1. Confidentiality : Hand shake protocol defines shared secret key whichis used for encryption of SSL Payloads.
2. Integrity : Hand shake protocol also defines shared secret key used tofor MAC.
![Page 14: Unit 9 ssl and tls](https://reader034.vdocuments.us/reader034/viewer/2022042607/5575726ad8b42a2e248b52a4/html5/thumbnails/14.jpg)
• Hash(MAC_write_secret || pad_2 || hash(MAC_write_secret || pad_1 || seq_num || SSLCompressed.type || SSLCompressed.length || SSLCompressed.fragement))
• MAC_write_secret : shared secret key.
• Hash : MD5 or SHA
• SSLCompressed.type : higher level protocol used to process fragment.
• SSLCompressed.length : length of compressed fragment.
• SSLCompressed.fragment : Compressed fragment.
![Page 15: Unit 9 ssl and tls](https://reader034.vdocuments.us/reader034/viewer/2022042607/5575726ad8b42a2e248b52a4/html5/thumbnails/15.jpg)
![Page 16: Unit 9 ssl and tls](https://reader034.vdocuments.us/reader034/viewer/2022042607/5575726ad8b42a2e248b52a4/html5/thumbnails/16.jpg)
• Used for to cause the pending state to be copied into current state , whichupdates the cipher suite to be used on this connection
![Page 17: Unit 9 ssl and tls](https://reader034.vdocuments.us/reader034/viewer/2022042607/5575726ad8b42a2e248b52a4/html5/thumbnails/17.jpg)
• “Used to convey SSL related alert to the peer entity”
•
• Different types of Alerts :
• unexpected_message : In appropriate message
• bad_record_mac : Incorrect MAC
• decompress_failure : unable to decompress or invalid decompress o/p
• handshake_failure : unable to establish proper connection
• close_notify : notify the receiver that sender will not send any moremessages on this connection.
• no_certificate : no appropriate certificate is found
• bad_certificate : contain the signature that did not verify
• unsupported_certificate: type of received certificate is not supported.
• certificate_expired : A certificate has expired
![Page 18: Unit 9 ssl and tls](https://reader034.vdocuments.us/reader034/viewer/2022042607/5575726ad8b42a2e248b52a4/html5/thumbnails/18.jpg)
![Page 19: Unit 9 ssl and tls](https://reader034.vdocuments.us/reader034/viewer/2022042607/5575726ad8b42a2e248b52a4/html5/thumbnails/19.jpg)
![Page 20: Unit 9 ssl and tls](https://reader034.vdocuments.us/reader034/viewer/2022042607/5575726ad8b42a2e248b52a4/html5/thumbnails/20.jpg)
![Page 21: Unit 9 ssl and tls](https://reader034.vdocuments.us/reader034/viewer/2022042607/5575726ad8b42a2e248b52a4/html5/thumbnails/21.jpg)
![Page 22: Unit 9 ssl and tls](https://reader034.vdocuments.us/reader034/viewer/2022042607/5575726ad8b42a2e248b52a4/html5/thumbnails/22.jpg)
![Page 23: Unit 9 ssl and tls](https://reader034.vdocuments.us/reader034/viewer/2022042607/5575726ad8b42a2e248b52a4/html5/thumbnails/23.jpg)
• The same record format as the SSL record format.
• Defined in RFC 2246.
• Similar to SSLv3.
• Differences:
version number
For current version of TLS, the major version is 3 and minor version is 1.
message authentication code
TLS differs in actual algorithm and scope of the MAC calculation.
![Page 24: Unit 9 ssl and tls](https://reader034.vdocuments.us/reader034/viewer/2022042607/5575726ad8b42a2e248b52a4/html5/thumbnails/24.jpg)
• HMACk (M) = H[(K+ XOR opad)||H[(K+ XOR ipad)||M]]
• H = MD5 0r SHA 1
• M = Message
• K+ = Padded secret key, for MD5 , Its 512 bits
• Ipad = 36 in hexadecimal repeated 64 times..
• Opad = 5C in hexadecimal repeated 64 times
• HMAC Field in TLC consists of
HMAC_hash(MAC_write_secret, seq_num || TLSCompressed.type || TLSCompressed.version || TLSCompressed.length || TLSCompressed.fragment)
![Page 25: Unit 9 ssl and tls](https://reader034.vdocuments.us/reader034/viewer/2022042607/5575726ad8b42a2e248b52a4/html5/thumbnails/25.jpg)
• decryption_failed : A cipher text decrypted is invalid.
• record_overflow : payload with length more than2^14+2048.
• unknown_ca = could not match with known or trustedCA.
• accesss_denied = after verification sender decide notto proceed further.
• decode_error = A message could not be decoded.
• protocol_version : Not supporting attached protocolversion
• internal_error = internal error not related with peer.
![Page 26: Unit 9 ssl and tls](https://reader034.vdocuments.us/reader034/viewer/2022042607/5575726ad8b42a2e248b52a4/html5/thumbnails/26.jpg)
Thank You…………..
• Next lecture : SET