11_tls - TLS/SSL Peter Sjdin psj@kth.se Based on material...

Info iconThis preview shows pages 1–9. Sign up to view the full content.

View Full Document Right Arrow Icon
1 TLS/SSL Peter Sjödin psj@kth.se Based on material by Vitaly Shmatikov, Univ. of Texas, and by the previous course teachers
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
2 What is SSL / TLS? Transport Layer Security protocol, version 1.0 – De facto standard for Internet security – “The primary goal of the TLS protocol is to provide privacy and data integrity between two communicating applications” – In practice, used to protect information transmitted between browsers and Web servers Based on Secure Sockets Layers protocol, ver 3.0 – Same protocol design, different algorithms Deployed in nearly every Web browser
Background image of page 2
3 SSL/TLS in Practice
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
4 Application-Level Protection application presentation session transport network data link physical IP TCP email, Web , NFS RPC 802.11 Protects againt application-level threats (e.g., server impersonation), NOT against IP-level threats (spoofing, SYN flood, DDoS by data flood)
Background image of page 4
5 History of the Protocol SSL 1.0 – Internal Netscape design, early 1994? – Lost in the mists of time SSL 2.0 – Published by Netscape, November 1994 – Several weaknesses SSL 3.0 – Designed by Netscape and Paul Kocher, November 1996 TLS 1.0 – Internet standard based on SSL 3.0, January 1999 – Not interoperable with SSL 3.0 • TLS uses HMAC instead of MAC; can run on any port
Background image of page 5

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
6 TLS Basics TLS consists of two protocols – Familiar pattern for key exchange protocols Handshake protocol – Use public-key cryptography to establish a shared (master) secret key between the client and the server Record protocol – Use the secret key established in the handshake protocol to protect communication between the client and the server
Background image of page 6
7 SSL/TLS Record Protection Use symmetric keys established in handshake protocol
Background image of page 7

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
8 Master Secret Master Secret Client to Server Server to Client Integrity Protection Key Encryption Key IV Integrity Protection Key Encryption Key IV Master Secret used for deriving six secrets Three in each direction
Background image of page 8
Image of page 9
This is the end of the preview. Sign up to access the rest of the document.

This note was uploaded on 02/16/2011 for the course ICT 2 taught by Professor 2 during the Spring '11 term at Kungliga Tekniska högskolan.

Page1 / 23

11_tls - TLS/SSL Peter Sjdin psj@kth.se Based on material...

This preview shows document pages 1 - 9. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online