Secure socket layer
- 1. 1 Secure Socket Layer •Dr Paras Kothari
- 2. 2 SSL Facts • SSL was first developed by Netscape in 1994 and became an internet standard in 1996 ( RFC 2246 – TLS V1.0) • SSL is a cryptographic protocol to secure network across a connection-oriented layer • Any program using TCP can be modified to use SSL connection
- 3. 3 SSL Facts • SSL connection uses a dedicated TCP/IP socket(e.g. port 443 for https) • SSL is flexible in choice of which symmetric encryption, message digest, and authentication can be used • SSL provides built in data compression
- 4. 4 SSL Usage • Authenticate the server to the client • Allow the client and server to select cryptographic algorithms, or ciphers, that they both support • Optionally authenticate the client to the server • Use public key encryption techniques to generate shared secret • Establish an encrypted SSL connection
- 5. 5 Secure Socket Layer SSL is a secure protocol which runs above TCP/IP and allows users to encrypt data and authenticate servers/vendors identity securely Application layer Transport layerTCP/IP Layer SMTPSFTPSHTTPS SECURE SOCKET LAYER
- 6. 6 SSL Stack
- 7. 7 SSL Record Protocol Operation
- 9. 9 SSL Handshake SSL handshake verifies the server and allows client and server to agree on an encryption set before any data is sent out
- 10. 10 SSL Handshake
- 12. 12 SSL Session Key Server Client Public key Private key Public key Pre-Master Pre- Master Pre- Master Session key Session key
- 13. 13 Secure Data on Network Server Client Public key Private key Session key Data Session key Data Data Data Session key Data
- 15. 15 Key exchange and certificate SSL version number client supported (v2, v3) Ciphers supported client (DES, RC2, RC4) Client Random Number SSL version number server picked (v2, v3) Ciphers server picked (DES, RC2, RC4) Server Random Number Server Client Public key Private key Public key Certificate
- 16. 16 Verify Certificate Checking Server Client Public key Private key Client request Certificate Certificate Valid Public key Certificate is Good and Valid Server/vendor has been verified and authenticated Client has vendor’s public key and can now encrypt pre-master to send to server/vendor
- 18. 18 SSL Handshake Client hello Server hello Present Server Certificate *Request Client Certificate Server Key Exchange Client Finish *Present Client Certificate Client Key Exchange *Certificate Verify Change Cipher Spec Server Finish Change Cipher Spec Client Server Application Data
- 19. 19 Server Hello Request • Notifies the client that they should send a client hello message to begin the negotiation process • Sent by the server at any time • After the server sends a request, it does not send another one until a handshake has been completed • Client can choose to ignore them or send a Client Hello
- 20. 20 Client Hello • Sent by the client –When first connecting to a server –In response to a hello request or on its own • Contains –32 bytes random number created by a secure random number generator –Protocol version –Session ID –A list of supported ciphers –A list of compression methods
- 21. 21 Server Hello • Sent as response if client hello is accepted – If not, a handshake failure alert is sent • Contains – 32 bytes random number created by a secure random number generator – Protocol version – Session ID – Cipher suite chosen – Compression method selected
- 22. 22 Server Certificates • Immediately following the server hello, the server sends its certificate – Generally an X.509.v3 certificate • Server sends server hello done message
- 23. 23 Key Exchange • Client sends 48-bytes pre-master, encrypted using server’s public key, to the server • Both server and client use the pre-master to generate the master secret • A same session key is generated on both client and server side using the master secret
- 25. 25 Record Layer • Compression and decompression • A MAC is applied to each record using the MAC algorithm defined in the current cipher spec • Encryption occurs after compression • May need fragmentation
- 27. 27 Alert Layer • Explain severity of the message and a description –fatal •Immediate termination •Other connections in session may continue •Session ID invalidated to prevent failed session to open new sessions • Alerts are compressed same as other data
- 29. 29 Change Cipher Spec Protocol • Notify the other party to use the new cipher suite • Before the Finished message
- 30. 30 Comparison of SSL V2.0 and V3.0 • SSL 2.0 is vulnerable to “man-in-the- middle” attack. The hello message can be modified to use 40 bits encryption. SSL 3.0 defends against this attack by having the last handshake message include a hash of all the previous handshake message
- 31. 31 Comparison of SSL V2.0 and V3.0 • SSL 2.0 uses a weak MAC construction • In SSL 3.0, the Message Authentication Hash uses a full 128 bits of key material for Export cipher, while SSL 2.0 uses only 40 bits
- 32. 32 Comparison of SSL V2.0 and V3.0 • SSL 2.0 only allows a handshake at the beginning of the connection. In 3.0, the client can initiate a handshake routine any time • SSL 3.0 allows server and client to send chains of certificate • SSL 3.0 has a generalized key exchange protocol. It allows Diffie-Hellman and Fortezza key exchange • SSL 3.0 allows for record compression and decompression
- 33. Query Session Still if you have … 33