Scribd
Upload
118 views

Transport Layer Security: Presented by Abhiram Sahu

TLS (Transport Layer Security) is a protocol that establishes an encrypted connection between a web browser and server to securely transmit data. It provides privacy, authentication of servers, and data integrity. TLS has evolved over time, with recent versions like TLS 1.2 supporting stronger encryption algorithms. TLS is widely used to secure email, VPNs, databases and other network communications involving sensitive information.

Uploaded by

Abhiram Sahu
Copyright
© Attribution Non-Commercial (BY-NC)
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
118 views

Transport Layer Security: Presented by Abhiram Sahu

TLS (Transport Layer Security) is a protocol that establishes an encrypted connection between a web browser and server to securely transmit data. It provides privacy, authentication of servers, and data integrity. TLS has evolved over time, with recent versions like TLS 1.2 supporting stronger encryption algorithms. TLS is widely used to secure email, VPNs, databases and other network communications involving sensitive information.

Uploaded by

Abhiram Sahu
Copyright
© Attribution Non-Commercial (BY-NC)
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 19

INTRODUCTION

TRANSPORT LAYER SECURITY

Presented by Abhiram Sahu

Contents

TLS stands for Transport Layer Security.

It is a protocol that establishes a secure connection between the visitors


web browser and your website so that all communications transmitted through this link are encrypted . TLS ensures that no third party may tamper with any message. It is the successor to the Secure Sockets Layer (SSL). It provide security for applications such as email, Instant Messaging, Web browsing, VoIP (Voice over Internet Protocol).

Transport Layer Security is used within organizations that use payment


processes, store sensitive data such as medical information, or collect confidential information from the users on the network. It can also be used by other businesses that want to secure network connections between the client and the server. Transport Layer Security involves the use of an encryption system which

utilizes a digital certificate which is formulated to identify the network owner.

TLS is the successor to Secure Sockets Layer (SSL). SSL and TLS are frameworks that include cryptographic protocols They are intended to provide secure communications on the Internet.

Different Types of Transport Layer Security


Web Server Transport Layer Security: This type of encryption protects the data when the client connects to the Internet to send data through a Web browser or website.
Email Server Transport Layer Security: To secure communications between the email client and the server, a digital certificate is installed on the email server to provide encrypted communications when sending and receiving confidential information via email. Virtual Private Network Security: TLS works to secure a virtual private network by installing a digital certificate on the VPN that provides an encrypted connection between the remote user and the network that they are accessing. Database and Directory Security: Organizations deploy Transport Layer Security to encrypt server queries for databases and directories that contain sensitive data and information.
7

The TLS protocol is consists of two layers TLS Record Protocol The TLS Record Protocol provides connection security with some encryption method such as the Data Encryption Standard (DES).

TLS Handshake Protocol The TLS Handshake Protocol allows the server and client to authenticate each

other and to negotiate an encryption algorithm and cryptographic keys before


data is exchanged.

TLS 1.0 TLS 1.0 was first published by IETF 1999 as an upgrade of SSL Version 3.0. This protocol is based on SSL v3.0 and PCT both Netscape's and

Microsoft's approaches.
TLS 1.1 TLS 1.1 was defined in RFC 4346 in April 2006. It is an update version of TLS version 1.0. Added protection against Cipher block chaining (CBC). Change in handling of padding errors.
9

TLS 1.2

TLS 1.2 was defined in RFC 5246 in August 2008. It is based on the earlier TLS 1.1 specification. The MD5-SHA-1 combination in the pseudorandom function (PRF) was

replaced with SHA-256, with an option to use cipher-suite specified PRFs.


Expansion of support for authenticated encryption ciphers

Certificate is out of date, invalid, or has an error, phishing. Certification authority that issued it cannot be verified. The certificate has normal validation, no personal information. The certificate uses extended validation.

Red

Yellow

White

Green

11

Strong authentication Message privacy, and integrity TLS can help to secure transmitted data using encryption. TLS also authenticates servers.

It also provides data integrity through an integrity check value.

12

TLS security protocol protect against masquerade attacks

Every e-mail sent and received is encrypted

Replay attacks.

Ease of deployment

Ease of use
13

E-mail encryption is transparent TLS is globally accepted

Industry Standard
E-mail can be easily inspected for viruses Reduced cost No overhead for end-users. Rapid deployment
14

This is the most significant limitation to implementing TLS. The performance varies, depending on how often connections are established and how long they last. TLS uses the greatest resources while it is setting up connections.

A TLS environment is complex and requires maintenance; the system administrator must configure the system and manage certificates.

15

Now a days it is open source and used by almost every web developer for secure data transmission . There are so many banking company are there, they allowed user to transfer data over internet . its very important to make the data secure . So TLS is very important for secure connection in the information age.
16

Stephen A. Thomas (2000). SSL and TLS essentials securing the Web. New York: Wiley. ISBN 0-471-38354-6. Bard, Gregory (2006). "A Challenging But Feasible Blockwise-Adaptive ChosenPlaintext Attack On Ssl". International Association for Cryptologic Research (136).

Retrieved 2007-04-20.
URL http://en.wikipedia.org/wiki/Transport_Layer_Security http://www.mozilla.org/projects/security/pki/nss/ssl/fips-ssl-ciphersuites.html http://www.csrc.nist.gov/archive/pki-twg/y2002/presentations/twg-02-15.pdf http://msdn.microsoft.com/en-us/library/windows/desktop/aa380516(v=vs.85).aspx http://www.ibm.com/developerworks/webservices/library/ws-ssl-security/index.html

http://datatracker.ietf.org/wg/tls/charter/

19

You might also like