Scribd
Upload
29 views

Module7 6

This document discusses real-world protocols for secure communication. It describes several protocols including Secure Sockets Layer (SSL) which provides encryption and authentication between a client and server. The basics steps of protocols are to authenticate parties, exchange encryption keys, and provide confidentiality, integrity and nonrepudiation. SSL specifically encrypts connections, authenticates servers and optionally clients, and runs above transport layers to provide security for applications like HTTP. It details how SSL provides server and client authentication through certificate verification.

Uploaded by

Harpreet Singh
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
29 views

Module7 6

This document discusses real-world protocols for secure communication. It describes several protocols including Secure Sockets Layer (SSL) which provides encryption and authentication between a client and server. The basics steps of protocols are to authenticate parties, exchange encryption keys, and provide confidentiality, integrity and nonrepudiation. SSL specifically encrypts connections, authenticates servers and optionally clients, and runs above transport layers to provide security for applications like HTTP. It details how SSL provides server and client authentication through certificate verification.

Uploaded by

Harpreet Singh
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPTX, PDF, TXT or read online on Scribd
You are on page 1/ 8

Module 7.

6
Real World Protocols
Real-World Protocols
Secure Sockets Layer (SSL)
Client/server authentication, secure data exchange
Secure Multipurpose Internet Mail Extensions
Protocol (S/MIME), PGP
Secure Electronic Transactions (SET)
Internet Protocol Secure Standard (IPSec)
Authentication for networked devices

2
Basics Steps
Authenticate (validate the other side)
Key agreement/exchange (agree on or exchange a secret
key)
Confidentiality (exchange encrypted messages)
Integrity (proof message not modified)
Nonrepudiation (proof you got exactly what you want)

3
Secure Sockets Layer (SSL)
Developed by Netscape
Provides privacy
Encrypted connection
Confidentiality and tamper-detection
Provides authentication
Authenticate server
Authenticate client optionally

4
Secure Sockets Layer (cont.)

Lies above transport layer, below


application layer
Can lie atop any transport protocol, not just
TCP/IP
Runs under application protocols like HTTP, FTP,
and TELNET
5
SSL: Server Authentication

6
SSL: Client Authentication

7
References
J. Bradley. The SSLP Reference Implementation Project.
Department of Computer Science, University of Bristol,
UK.
C. Ellison and B. Schneier. Ten Risks of PKI: What Youre
not Being Told about Public Key Infrastructure, Computer
Security Journal, Vol. XVI, No. 1, 2000.
P. Gutmann. Encryption and Security Tutorial.
Department of Computer Science, University of Auckland,
NZ.
Netscape Communications Corporation website.
B. Schneier. Chapter 1: Foundations, Applied 8

You might also like