CH 15
CH 15
Network Security
Chapter 15
Transport Level Security
Web Security
Web now widely used by business,
government, individuals
but Internet & Web are vulnerable
have a variety of threats
● integrity
● confidentiality
● denial of service
● authentication
need added security mechanisms
SSL (Secure Socket Layer)
transport layer security service
originally developed by Netscape
version 3 designed with public input
subsequently became Internet standard
known as TLS (Transport Layer Security)
uses TCP to provide a reliable end-to-end
service
SSL has two layers of protocols
SSL Architecture
SSL Architecture
SSL connection
● a transient, peer-to-peer, communication link
SSL session
● an association between client & server
● created by the Handshake Protocol
● define a set of cryptographic parameters
● may be shared by multiple SSL connections
A session state is defined by the following
parameters –
● Session identifier
● Peer certificate
● Compression method
● Cipher spec
● Master secret
● Is resumable
A connection state is defined by the
following parameters:
● Server and client random
● Server write MAC secret
● Client write MAC secret
● Server write key
● Client write key
● Initialization vectors
● Sequence numbers
SSL Record Protocol
Services
message integrity
● using a MAC with shared secret key
confidentiality
● using symmetric encryption with a shared
secret key defined by Handshake Protocol
● AES, IDEA, RC2-40, DES-40, DES, 3DES,
Fortezza, RC4-40, RC4-128
● message is compressed before encryption
SSL Record Protocol
Operation
SSL Header
SSL Change Cipher Spec
Protocol
● Ephemeral Diffie-Hellman
● Fixed Diffie-Hellman- Certificate with half keys
● Fortezza - is a registered trademark of the U.
S. National Security Agency (NSA). It is a
family of security protocols developed for the
Defense Department.
● Encryption/Decryption Algorithms
Hash Algorithms
Phase 2. server authentication
and Key exchange
Certificate, Server key exchange
certificate_request message includes two
parameters: certificate_type and
certificate_authorities.
● Not applicable to anonymous D-H
Connection Closure
Secure Shell (SSH)
Transport Layer Protocol
Host Keys
Two alternative trust models that can be
used:
● The client has a local database that
associates each host with the corresponding
public host key
● The host name-to-key association is certified
by a trusted certification authority
SSH Transport Layer Protocol
Packet Exchanges
Identification string exchange
Algorithm negotiation
Key exchange
● C is the client
● S is the server
● p is a large prime
● g is a generator for a subgroup of GF(p)
● q is the order of the subgroup
● V_S is S’s identification string
● V_C is C’s identification string
● K_S is S’s public host key
● I_C is C’s SSH_MSG_KEXINIT message and I_S is S’s
SSH_MSG_KEXINIT message
● The values of p, g, and q are known to both client and server
● The hash function hash() is also decided during algorithm
negotiation
Client
End of key exchange
● Key generation
Service request
● User Authentication or the Connection
Protocol.
User Authentication Protocol
● Authentication requests from the client have the format
● channel types
• Session, X11, forwarded-tcpip, direct-tcpip
● SSH_MSG_CHANNEL_OPEN_CONFIRMATION
message
● SSH_MSG_CHANNEL_OPEN_ FAILURE
message
● SSH_MSG_CHANNEL_ CLOSE
TLS (Transport Layer
Security)
IETF standard RFC 2246 similar to SSLv3
with minor differences
● in record format version number
● uses HMAC for MAC
● a pseudo-random function expands secrets
● has additional alert codes
● some changes in supported ciphers
● changes in certificate types & negotiations
● changes in crypto computations & padding
Thank You