1 understanding secure socket layer (ssl) advisor advisor prof. tzonelih hwang presenter prosanta...
TRANSCRIPT
1
Understanding Secure Socket Understanding Secure Socket Layer (SSL)Layer (SSL)
AdvisorAdvisor
Prof. TzonelihProf. Tzonelih
HwangHwangPresenterPresenter
Prosanta GopeProsanta Gope
Flash BackFlash Back
22
3
AgendaAgenda
• SSL BasicsSSL Basics• Authentication in SSLAuthentication in SSL
4
SSL UsageSSL Usage
• Authenticate the server to the clientAuthenticate the server to the client
• Allow the client and server to select Allow the client and server to select cryptographic algorithms, or ciphers, cryptographic algorithms, or ciphers, that they both support using that they both support using CipherSuites in Hello messageCipherSuites in Hello message
E.g. SSL_RSA_With_RC4_128_MD5E.g. SSL_RSA_With_RC4_128_MD5
• Optionally authenticate the client to the Optionally authenticate the client to the serverserver
• Use public key encryption techniques to Use public key encryption techniques to generate shared secretgenerate shared secret
• Establish an encrypted SSL connection Establish an encrypted SSL connection
5
Secure Socket LayerSecure Socket LayerSSL is a secure protocol which runs SSL is a secure protocol which runs above TCP/IP and allows users to encrypt above TCP/IP and allows users to encrypt data and authenticate servers/vendors data and authenticate servers/vendors identity securelyidentity securely
Application layer
Transport layerTCP/IP layer
SMTPSFTPSHTTPS
SECURE SOCKET LAYER
6
SSL StackSSL Stack
7
SSL HandshakeSSL Handshake
SSL handshake verifies the server SSL handshake verifies the server and allows client and server to and allows client and server to agree on an encryption set agree on an encryption set before before any data is sent outany data is sent out
8
SSL HandshakeSSL Handshake
Understanding the Concept Understanding the Concept of of
Public Key CertificatePublic Key Certificate
99
Public Key CertificatesPublic Key Certificates
1010
11
SSL HandshakeSSL Handshake
Server
Client
Public key
Private key
Client request
Public key
PreciselyPrecisely1212
13
SSL HandshakeSSL Handshake
SSL version number client supported (v2, v3)
Ciphers supported client (DES, RC2, RC4)
Client Random Number
SSL version number server picked (v2, v3)
Ciphers server picked (DES, RC2, RC4)
Server Random Number
Server
Client
Public key
Private key
Public key
Certificate
14
Verify CertificateVerify Certificate
Checking
Server
Client
Public key
Private key
Client request
Certificate
Certificate
Valid
Public key
Certificate is Good and Valid
Server/vendor has been verified and authenticated
Client has vendor’s public key and Client has vendor’s public key and can now encrypt pre-master to send can now encrypt pre-master to send to server/vendorto server/vendor
15
Verify Server CertificateVerify Server Certificate
16
Not-recognizable Not-recognizable CertificateCertificate
17
SSL Session KeySSL Session Key
Server
Client
Public key
Private key
Public key Pre-Master
Pre-Master
Pre-Master
Session key
Session key
18
Secure Data on Secure Data on NetworkNetwork
Server
Client
Public key
Private key
Session key
Data Session key Data
Data
Data Session key Data
SSL Handshake - SSL Handshake - detailsdetailsClient Server
Generate Challenge
Return Server Certificate
Decrypt pre-master session keyGenerates pre-master session keyEncyrpt: pre-master session key
Verify server certificate
Encrypt random challenge phraseDecrypt and verify challenge phrase
Hello, Challenge
Server Cert
{pre-master session Key}Server's publickey
{Client's Challenge}sessionKey
Server Authentication
SSL Handshake SSL Handshake
Client Server
Decrypt challenge
Decrypt Message Digest
Verify Client certificate andrecompute message digestDone
Calculate message digeston Challenge and Servercertificate
(Challenge phrase)Server private key
[Message Digest ]Client private keyClient Certificate
(Session Identifier)sessionKey
Client Authentication
Generate new challengeRequests Client certificate
21
Client Certificate Client Certificate ((optional)optional)
Client only sends a certificate upon Client only sends a certificate upon the receipt of a certificate requestthe receipt of a certificate request
– Sends after receiving server hello Sends after receiving server hello donedone
– If the client does not have a If the client does not have a suitable certificate, it sends a no suitable certificate, it sends a no certificate alertcertificate alert•Server will respond with a fatal Server will respond with a fatal handshake failure if a client handshake failure if a client certificate is necessarycertificate is necessary
22
Verify Client CertificateVerify Client Certificate
23
SSL ArchitectureSSL Architecture
24
Change Cipher Spec Change Cipher Spec ProtocolProtocol
• The change cipher spec protocol is The change cipher spec protocol is used to change the encryption being used to change the encryption being used by the client and server. It is used by the client and server. It is normally used as part of normally used as part of the handshake process to switch to the handshake process to switch to symmetric key encryption.symmetric key encryption.
• Before the Finished messageBefore the Finished message
25
SSL ArchitectureSSL Architecture
26
Alert LayerAlert Layer
• Explain severity of the message and a Explain severity of the message and a descriptiondescription–fatalfatal
•Immediate terminationImmediate termination•Other connections in session may continueOther connections in session may continue•Session ID invalidated to prevent failed Session ID invalidated to prevent failed session to open new sessionssession to open new sessions
• Alerts are compressed same as other Alerts are compressed same as other datadata
27
SSL ArchitectureSSL Architecture
28
SSL Record Protocol SSL Record Protocol OperationOperation
29
Record LayerRecord Layer
• Compression and decompressionCompression and decompression
• A MAC is applied to each record A MAC is applied to each record using the MAC algorithm defined in using the MAC algorithm defined in the current cipher specthe current cipher spec
• Encryption occurs Encryption occurs afterafter compression compression• May need fragmentationMay need fragmentation
30
Review the SSL Review the SSL HandshakeHandshake
31
SSL HandshakeSSL HandshakeClient hello
Server hello
Present Server Certificate*Request Client Certificate
Server Key Exchange
Client Finish
*Present Client CertificateClient Key Exchange
*Certificate VerifyChange Cipher Spec
Server Finish
Change Cipher Spec
Client
Server
Application Data
3333
古早密碼學
古典密碼學資安號
Privacy Integrity Authentication
Network Security Services
34
Thanks!