Fundamental Network

Programming
TCP over SSL in C#

Lecturer: MSc. Dang Le Bao Chuong Spring 2022

Agenda

I. TCP over SSL

I. What is SSL/TLS ?

II. SslStream in C#
 Secure socket layer protocol history
• In Aug 1986, an initiative lead by NSA started a
project called Secure Data Network System
(SDNS), which contained founding principles for
today Transport Layer Security Protocol (TLS).
• First version of Secure Sockets Layer (SSL) protocol
was developed by Netscape Communications
Corporation in 1993, but unpublished. Only SSL 2.0,
3.0 was adopted in use for secured connection.
• Mature version of TLS which are widely adopted and
used today is 1.2 and 1.3.
Network communication SSL vs. no-SSL
Digital certificates – Public key cryptography

asymmetric key
encryption Digital Signature
scheme scheme

In the
Diffie–Hellman key exc
hange
scheme
Digital certificates
• A digital certificate certifies the ownership of a public key by the
named subject of the certificate, and indicates certain expected
usages of that key.
• This allows others (relying parties) to rely upon signatures or on
assertions made by the private key that corresponds to the
certified public key
Certificate authorities
• TLS typically relies on a set of trusted third-party certificate authorities to establish the
authenticity of certificates. Trust is usually anchored in a list of certificates distributed with
user agent software, and can be modified by the relying party.

• IdenTrust, DigiCert, and Sectigo are the top 3 certificate authorities in terms of market share
account for 47%, 18.8% and 16% respectively in Apr 2022.

• In X.509 certificate, certificate authorities and a public key infrastructure are necessary to
verify the relation between a certificate and its owner, as well as to generate, sign, and
administer the validity of certificates
Establish SSL/TLS handshake
SSL support in C#
• SslStream is class which enable SSL/TLS communication for Socket,
TcpClient, TcpListener classes.
• Wrapping NetworkStream into SslStream class and using the
Certificate, then we could secure the connection
Create digital certificate for SSL
• Required: installed visual studio Window SDK 10.x
• Go to: C:\Program Files (x86)\Windows Kits\10\bin\10.0.{build_version}\x86
• Open command line prompt inside above folder and type this command:
makecert.exe -r -pe -n "CN=MySslSocketCertificate" -b 01/01/2022 -e 12/31/2022 -
sk exchange -ss my

• Then, press “Window key” ,

• search for “Certificate”
Create digital certificate for SSL

Your certificate will be stored at: Certificate –Current User/Personal/Certificates

References
1. https://en.wikipedia.org/wiki/Transport_Layer_Security
2. https://en.wikipedia.org/wiki/Public-key_cryptography
3. https://www.ibm.com/docs/en/ibm-mq/7.5?topic=ssl-overview-tls-handshake
4. https://docs.microsoft.com/en-us/dotnet/api/system.net.security.sslstream?view=net-6.0
No assignment this week
• Last Q&A about the final project