Scribd
Upload
7 views

Network Security4

The document discusses network security protocols SSL and TLS, how they provide encryption, authentication, and data integrity. It also covers SSL/TLS certificates and how to implement and renew SSL/TLS on a web server.

Uploaded by

Ali Mohamed
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
7 views

Network Security4

The document discusses network security protocols SSL and TLS, how they provide encryption, authentication, and data integrity. It also covers SSL/TLS certificates and how to implement and renew SSL/TLS on a web server.

Uploaded by

Ali Mohamed
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 8

Network security

Dr.Aida Nasr
Eng.Mahmoud Goda
▪ SSL (Secure Socket Layer), TLS (Transport Layer
Security) : are cryptographic protocols that provide security and data
integrity for communications in transport layer over networks such as the
internet
Ssl and Tls ▪ SSL is an older protocol, and TLS is its more modern and
secure version
▪ What is SSL/TLS Basics ?
▪ Encryption:
▪ SSL/TLS protocols encrypt data during transmission,
making it unreadable to anyone who might intercept it.

▪ Authentication:
▪ SSL/TLS provides a mechanism for verifying the identity
SSL/TLS Basics of the parties involved in a communication. This is
typically done using digital certificates.

▪ Data Integrity:
▪ It ensures that the data has not been altered during
transit.


▪ What is SSL/TLS Certificates:
▪ Certificate Authority (CA):
▪ SSL/TLS certificates are issued by Certificate Authorities.
▪ The CA verifies the identity of the certificate holder.
▪ Types of Certificates:
SSL / TLS Certificates ▪ Domain Validation (DV): Checks the ownership of the
domain.
▪ Organization Validation (OV): Includes additional
checks on the organization.
▪ Extended Validation (EV): The highest level, involving
thorough validation of the organization's identity.
▪ How to Implement SSL/TLS?

▪ Obtain a Certificate:
▪ Purchase an SSL/TLS certificate from a trusted CA.
▪ Some CAs provide free certificates (e.g., Let's Encrypt).

▪ Install the Certificate:


▪ Install the certificate on your web server.
▪ This involves associating the certificate with the domain or subdomain you want to secure.

▪ Configure Web Server:


▪ Update your web server configuration to use the SSL/TLS certificate.
▪ Common web servers include Apache, Nginx, IIS, etc.

Implement SSL / TLS ▪ Testing:


▪ Test the SSL/TLS implementation to ensure it's functioning correctly.
▪ Use online tools to check the SSL configuration.

▪ Renewal:
▪ SSL/TLS certificates have an expiration date. Renew them before they expire.

▪ HSTS (HTTP Strict Transport Security):

▪ HSTS is a web security policy mechanism that helps to protect websites against man-in-the-
middle attacks.

▪ It forces web browsers to use only secure connections (HTTPS).


▪ What is Key Derivation?
▪ From the master secret, multiple keys are derived using
a key derivation function. These keys include:
▪ Encryption Keys(2): Used for encrypting data.

Key draivation ▪ MAC (Message Authentication Code) Keys: Used for


ensuring message integrity.
▪ IVs (Initialization Vectors): Used in certain encryption
modes.
▪ 4 keys
▪ Kc: encryprion from client to server
▪ Mc: mac from client to server
cont
▪ Ks : encryprion from server to client
▪ Ks : mac from server to client
▪ 1: attacker can capture and replay record or re_order ?
▪ Solve: puy sequence num in mac
Problem ▪ 2. attacker can capture and replay all record ?
▪ Solve: use nonce

You might also like