8.SSL - Announcement Final exam: Wed, June 9, 9:30-11:18...

Info iconThis preview shows pages 1–12. Sign up to view the full content.

View Full Document Right Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: Announcement Final exam: Wed, June 9, 9:30-11:18 Scope: materials after RSA (but you need to know RSA ) Open books, open notes. Calculators allowed. 1 We have learned Symmetric encryption: DES, 3DES, AES, RC4 Public-key encryption: RSA Hash: SHA-1 MAC: CBC-MAC, CMAC, HMAC Digital signature: RSA Entity authentication: challenge and response Key agreement: Diffie-Hellman, RSA Certicificate 2 SSL-Secure Socket Layer SSL (Secure Socket Layer) TCP: provides a reliable end-to-end service. TCP & SSL: provides a reliable & secure end-to-end service. HTTPS: HTTP over SSL (or TLS) Typically on port 443 (regular http on port 80) SSL originally developed by Netscape subsequently became Internet standard known as TLS (Transport Layer Security) SSL has two layers of protocols SSL Architecture SSL Record Protocol Services SSL Record Protocol provides two services. Message integrity using a MAC with a shared secret key similar to HMAC but with different padding hash functions: MD5, SHA-1 Message confidentiality using symmetric encryption with a shared secret key Encryption algorithms: AES, IDEA, RC2-40, DES-40, DES, 3DES, RC4-40, RC4-128 SSL Record Protocol Operation (optional; default: null) 2 14 bytes ( 29 Similar to HMAC, using MD5 or SHA-1. HMAC ( ) ( ) The SSL MAC is MAC_write_secret pa computed as: ( ( d_2 MAC_write_sec seq_num ha ret pad_ sh hash has 1 h hash SSL MAC k k opad k ipad m m = P P P P P P SSLCompression.type SSLCompression.length SSLC ompression.fragmen )) t P P P SSL Handshake Protocol Allows server & client to: authenticate each other to negotiate encryption & MAC algorithms and keys Comprises a series of messages exchanged in phases: 1.Establish Security Capabilities (to agree on encryption, MAC, and key-exchange algorithms ) 2.Server Authentication and Key Exchange 3.Client Authentication and Key Exchange 4.Finish Stallings Figure 17.6 client_hello server_hello Client Server client_hello: contains a c Phase1: Establish Security Capabilities...
View Full Document

This note was uploaded on 01/22/2011 for the course CSE 651 taught by Professor Tenh.lai during the Spring '10 term at Ohio State.

Page1 / 29

8.SSL - Announcement Final exam: Wed, June 9, 9:30-11:18...

This preview shows document pages 1 - 12. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online