{[ promptMessage ]}

Bookmark it

{[ promptMessage ]}

lecture3-4-SSL - Lecture 3-4 SSL TLS Adrian Perrig 18-731...

Info icon This preview shows pages 1–6. Sign up to view the full content.

View Full Document Right Arrow Icon
1/20/09 1 1 Lecture 3-4 SSL / TLS Adrian Perrig 18-731: Network Security Spring 2009 2 Overview Administrative issues Reading critiques due Thursday Office hours will be posted Next Tuesday lecture on TCG, syllabus updated soon Last 10 minutes of today’s lecture: brief crypto quiz for students who did not take 18-{6,7}30
Image of page 1

Info icon This preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
1/20/09 2 3 SSL / TLS Overview Goal: Perform secure e-commerce across Internet Secure bank transactions Secure online purchases Secure web login (e.g., Blackboard) Security requirements Secrecy to prevent eavesdroppers to learn sensitive information Entity and message authentication to prevent message alteration / injection 4 Position of Security in Protocol Stack Physical Layer Data Link Layer Network Layer Transport Layer Application Layer SSH, PGP, … SSL, TLS IPsec DNS, HTTP, SMTP TCP, UDP IP 802.3 MAC Ethernet Hourglass
Image of page 2
1/20/09 3 5 SSL History SSL: Secure Sockets Layer protocol SSL v1: Designed by Netscape, never deployed SSL v2: Deployed in Netscape Navigator 1.1 in 1995 SSL v3: Substantial overhaul, fixing security flaws, publicly reviewed TLS: Transport Layer Security protocol TLS v1: IETF standard improving on v3 6 SSL Protocol C S: client_hello S C: server_hello S C: certificate S C: server_key_exchange S C: certificate_request S C: server_hello_done C S: certificate C S: client_key_exchange C S: certificate_verify C S: change_cipher_spec C S: finished S C: change_cipher_spec S C: finished Blue => optional message Phase 1 Phase 2 Phase 3 Phase 4
Image of page 3

Info icon This preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
1/20/09 4 7 SSL Phase 1 Phase 1: Establish security capabilities {Client,Server}_hello_message Highest supported version Random = 32 bit timestamp || 28 bytes random Session id Client_hello: Supported cipher suite, ciphers are listed in decreasing order of preference Server_hello: chosen cipher Is this secure? 8 Cipher Suite Cipher suite = key exchange, cipher spec Key exchange methods RSA, encrypt key with receiver’s public key Fixed Diffie-Hellman, public key certificate contains public DH key Ephemeral Diffie-Hellman, public key is used to sign temporary DH key Anonymous Diffie-Hellman, DH without authentication Cipher spec Cipher Algorithm (RC4, RC2, DES, 3DES, DES40, IDEA) MAC Algorithm (MD5, SHA-1) Cipher Type (stream or block) Is Exportable (true or false) Hash size (0 or 16 for MD5, 20 for SHA-1)
Image of page 4
1/20/09 5 9 SSL Configuration 10
Image of page 5

Info icon This preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
Image of page 6
This is the end of the preview. Sign up to access the rest of the document.

{[ snackBarMessage ]}

What students are saying

  • Left Quote Icon

    As a current student on this bumpy collegiate pathway, I stumbled upon Course Hero, where I can find study resources for nearly all my courses, get online help from tutors 24/7, and even share my old projects, papers, and lecture notes with other students.

    Student Picture

    Kiran Temple University Fox School of Business ‘17, Course Hero Intern

  • Left Quote Icon

    I cannot even describe how much Course Hero helped me this summer. It’s truly become something I can always rely on and help me. In the end, I was not only able to survive summer classes, but I was able to thrive thanks to Course Hero.

    Student Picture

    Dana University of Pennsylvania ‘17, Course Hero Intern

  • Left Quote Icon

    The ability to access any university’s resources through Course Hero proved invaluable in my case. I was behind on Tulane coursework and actually used UCLA’s materials to help me move forward and get everything together on time.

    Student Picture

    Jill Tulane University ‘16, Course Hero Intern