SlideShare a Scribd company logo

IS - SSL

F
FumikageTokoyami4

This document discusses various methods of implementing information security. It describes message/data security, channel security, security internal and external to applications, and Secure Sockets Layer (SSL). SSL provides secure transport channels using authentication, encryption, and message integrity. The document also discusses IPsec, which implements security at the network layer and can protect all network traffic and applications transparently. It describes how IPsec uses Authentication Headers (AH) and Encapsulating Security Payloads (ESP) to provide integrity, authentication, confidentiality, and anti-replay protection to IP packets.

Technology
1 of 36
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
Information Security CS 3002 Dr. Haroon Mahmood Assistant Professor NUCES Lahore
2 Information Security Message/data security  authentication (single), integrity and privacy self contained in the message  possibility of non repudiation  requires modification of applications
3 Information Security Channel Security  authentication (single or mutual), integrity and privacy only during the transit inside the communication channel  no possibility of non repudiation  requires no (or small) modification of applications
4 Information Security Security internal to applications  each application implements security internally  the common part is limited to the communication channels (socket)  possible implementation errors (inventing security protocols is not simple!)  does not guarantee interoperability
5 Information Security Security External to Applications  the session level would be the ideal one to be used to implement many security functions  … but it does not exist in TCP/IP!  a “secure session” level was proposed:  it simplifies the work of application developers  it avoids implementation errors  it is up to the application to select it (or not)
6 Information Security SSL what is it?  Security at layer 4 (Transport layer)  Secure Sockets Layer (SSL)  secure transport channel (session level):  peer authentication (server, server+client)  message confidentiality  message authentication and integrity  protection against replay attacks  Easily applicable to all protocols based on TCP:  HTTP, SMTP, FTP, TELNET, ...  e.g. the famous secure HTTP (https://....) = 443/TCP
7 Information Security SSL/TLS  Philosophy of SSL: Easier to deploy something if no changes in OS required  Application’s API (Socket) is interface to SSL: Hence secure socket layer  API to SSL is the superset of API to TCP  SSL/TLS operate above TCP. OS doesn’t change applications do!
8 Information Security SSL handshake  agree on a set of algorithms for confidentiality, integrity and authentication  exchange random numbers between the client and the server to be used for the subsequent generation of the keys  establish a symmetric key by means of public key operations, e.g. RSA  negotiate the session-id  exchange the necessary certificates
9 Information Security SSL handshake simplified  Secrets are: Pre-master key S, Master Key K  Server authentication  Client authentication by password (optional)
10 Information Security SSL handshake in detail
11 Information Security Key Terms  HELLO Extensions: request extended functionality by sending data in the extensions field.  E.g: max_fragment_length, status request  The server may not oblige  Client may abort the handshake  Pre-shared Secret (key): generated by client OR directly obtained from the key exchange. E.g: (DH: gab mod p)  Master keys: generated from the pre-shared secret + random.client + random.server by applying a PRF  Master key = PRF (pre-shared secret, random.client, random.server)  PRF = Pseudo Random Function
12 Information Security SSL V3 Architecture  Handshake: enables the SSL or TLS client and server to establish the secret keys with which they communicate  Change cipher spec: indicates the usage of secret key for data communication  Alert: signal problems with SSL connection, give current status  Record protocol: permits the encapsulation of higher level protocols
13 Information Security SSL3/TLS record protocol
14 Information Security SSL MAC computation  MAC = message_digest ( key, seq_number | type | version | length | fragment )  message_digest  depends on the chosen algorithm  key  sender-write-key or receiver-read-key  seq_number  32-bit integer  Type  Type of record  change cipher spec (20)  alert (21)  Handshake (22)  Application data (23)  length  length of the fragment/plaintext
15 Information Security Data protection in SSL
16 Information Security SSL-3 new features with respect to SSL-2  data compression:  optional  Done before encryption  data encryption is optional: in order to have only authentication and integrity  possibility to re-negotiate the SSL connection:  periodical change of keys  change of the algorithms
17 Information Security IPsec  Philosophy of IPsec: implementing security within the operating systems automatically causes applications to be protected without changing applications  IPsec is within the OS. OS changes, applications and API to TCP don’t.
18 Information Security End-to-end security with basic VPN
19 Information Security Transport mode IPsec  used for end-to-end security, that is used by hosts, not gateways (exception: traffic for the gateway itself e.g: SNMP, ICMP)  pro: computationally light  con: no protection of header variable fields
20 Information Security Tunnel Mode IPsec  used to create a VPN, usually by gateways  Gateway-to-gateway mode  pro: protection of header variable fields  con: computationally heavy
21 Information Security IPsec  Security at layer 3  IPsec ensures:  Confidentiality, integrity, and authenticity  Allows secure communication in the Internet  Independent from the application or higher protocols  Network-layer security instead of application-layer security  Compatible with schemes providing security at the application layer  Can be applied simultaneously
22 Information Security IPSec  Further advantages:  Can be applied to all network traffic  Routers/firewalls vendors can implement it (Can't implement SSL)  Transparent to the applications  Transparent to the users  Limitations:  Limited to IP Addresses  Has no concept of application users
23 Information Security Applications of IPsec  Secure connection among different branches of the same company  Virtual Private Network (VPN)  Secure remote access to an Intranet through the (insecure) Internet  Allows secure remote workers  Secure communication between peers  Adding security for electronic commerce applications
24 Information Security IPsec overview  IETF architecture for L3 security in IPv4 / IPv6:  definition of two specific packet types:  AH (Authentication Header)  for integrity, authentication, no replay  ESP (Encapsulating Security Payload)  for confidentiality, integrity, authentication, no replay  protocol for key exchange:  IKE (Internet Key Exchange)
25 Information Security Security Association  Establishment of shared security attributes between sender and receiver to support secure communication  Usually considered unidirectional  contain all the information required for execution of various network security services  Three SA identification parameters  Security parameter index  IP destination address  Security protocol identifier  two SA are needed to get complete protection of a bidirectional packet flow in IPsec
26 Information Security IPsec local databases  SAD (SA Database)  list of active SA and their characteristics (algorithms, keys, parameters)  maintained by user-processes  SPD (Security Policy Database)  list of security policies to apply to the different packet flows  a-priori configured (e.g. manually) or connected to an automatic system (e.g. ISPS, Internet Security Policy System)
27 Information Security How IPsec works (sending)
28 Information Security AH  Authentication Header  mechanism (first version, RFC-1826):  data integrity and sender authentication  compulsory support of keyed-MD5 (RFC-1828)  optional support of keyed-SHA-1 (RFC-1852)  mechanism (second version, RFC-2402):  data integrity, sender authentication and protection from replay attack  HMAC-MD5  HMAC-SHA-1
29 Information Security AH Packet  Next header: identifies the nature of the payload (TCP/UDP)  Length: Indicates the length of the AH header  SPI: Identifies the correct security association for the communication  Sequence Number: Provides anti-replay protection for the SA  Auth. Data: contains the Integrity Check Value (ICV) that is used to verify the integrity of the message. The receiver calculates the hash value and checks it against this value (calculated by the sender) to verify integrity.
30 Information Security AH verification
31 Information Security ESP  Encapsulating Security Payload (ESP)  first version (RFC-1827) gave only confidentiality  base mechanism: DES-CBC (RFC-1829)  Second version (RFC-2406):  provides confidentiality & authentication (but not the IP header, so the coverage is not equivalent to that of AH)
32 Information Security ESP in transport mode  pro: the payload is hidden (including info needed for QoS or intrusion detection)  con: the header remains in clear
33 Information Security ESP Packet  SPI: Identifies the correct security association for the communication  Sequence number: Provides anti-replay protection for the SA  Next header: Identifies the nature of the payload (TCP/UDP)  Auth. Data: Contains the Integrity Check Value (ICV), and a message authentication code that is used to verify the sender's identity and message integrity. The ICV is calculated over the ESP header, the payload data and the ESP trailer  Initialization Vector (IV): optional. Is after the Sequence number
34 Information Security ESP Packet: Encryption & Authentication Next header
35 Information Security ESP tunnel mode  pro: hides both the payload and (original) header  con: larger packet size
36 Information Security IPSec: AH & ESP packet format

More Related Content

Similar to IS - SSL (20)

PPT
Ip security
Dr.K.Sreenivas Rao
 
PPTX
CNS UNIT-VI.pptx
nandan543979
 
PPT
Ipsec vpn v0.1
Sankaranarayanan Subramanian
 
PPTX
Ipsecurity
Jyoshna Cec Cse Staf bejjam
 
PPTX
Ipsecurity
Chinmay Patel
 
PPTX
Network security Slides fir bs-13.PPT.pptx
ahsanAli918806
 
PPT
Network security
anoop negi
 
PPT
WLAN and IP security
Chaitanya Tata, PMP
 
PPT
Ch16
Joe Christensen
 
PPT
csce813-lect6csce813-lect6csce813-lect6csce813-lect6.ppt
abhimannyubanerjee
 
PPT
Ip Sec
Ram Dutt Shukla
 
PPTX
IPSec and VPN
Abdullaziz Tagawy
 
PPT
2800967 for internet and networkings.ppt
allfather027
 
PPTX
1643129870-internet-security.pptx
MARIA401634
 
PDF
Network IP Security.pdf
georgejustymirobi1
 
PPT
Ip Sec Rev1
Ram Dutt Shukla
 
PPT
Ip Sec
Ram Dutt Shukla
 
DOCX
Unit 6
Vinod Kumar Gorrepati
 
PPTX
chAPTER 19 INTERNET PROTOCOL SECURITY PRESENTATION
PragyanshuParadkar1
 
PDF
IP Security
Ambo University
 
Ip security
Dr.K.Sreenivas Rao
 
CNS UNIT-VI.pptx
nandan543979
 
Ipsec vpn v0.1
Sankaranarayanan Subramanian
 
Ipsecurity
Jyoshna Cec Cse Staf bejjam
 
Ipsecurity
Chinmay Patel
 
Network security Slides fir bs-13.PPT.pptx
ahsanAli918806
 
Network security
anoop negi
 
WLAN and IP security
Chaitanya Tata, PMP
 
Ch16
Joe Christensen
 
csce813-lect6csce813-lect6csce813-lect6csce813-lect6.ppt
abhimannyubanerjee
 
Ip Sec
Ram Dutt Shukla
 
IPSec and VPN
Abdullaziz Tagawy
 
2800967 for internet and networkings.ppt
allfather027
 
1643129870-internet-security.pptx
MARIA401634
 
Network IP Security.pdf
georgejustymirobi1
 
Ip Sec Rev1
Ram Dutt Shukla
 
Ip Sec
Ram Dutt Shukla
 
Unit 6
Vinod Kumar Gorrepati
 
chAPTER 19 INTERNET PROTOCOL SECURITY PRESENTATION
PragyanshuParadkar1
 
IP Security
Ambo University
 

More from FumikageTokoyami4 (9)

PDF
Chap014.pdf
FumikageTokoyami4
 
PPTX
Lecture 2 - Profession and Professional Bodies in IT.pptx
FumikageTokoyami4
 
PPTX
Lecture 1 - Introduction-LAW.pptx
FumikageTokoyami4
 
PDF
Lecture 15-16.pdf
FumikageTokoyami4
 
PPTX
a STORY OF A GREAT LEADER.pptx
FumikageTokoyami4
 
PDF
lec-01-WP.pdf
FumikageTokoyami4
 
PDF
IS - Firewall
FumikageTokoyami4
 
PDF
IS - User Authentication
FumikageTokoyami4
 
PDF
Lecture 1-2.pdf
FumikageTokoyami4
 
Chap014.pdf
FumikageTokoyami4
 
Lecture 2 - Profession and Professional Bodies in IT.pptx
FumikageTokoyami4
 
Lecture 1 - Introduction-LAW.pptx
FumikageTokoyami4
 
Lecture 15-16.pdf
FumikageTokoyami4
 
a STORY OF A GREAT LEADER.pptx
FumikageTokoyami4
 
lec-01-WP.pdf
FumikageTokoyami4
 
IS - Firewall
FumikageTokoyami4
 
IS - User Authentication
FumikageTokoyami4
 
Lecture 1-2.pdf
FumikageTokoyami4
 
Ad

Recently uploaded (20)

PDF
introduction to computer hardware and sofeware
chauhanshraddha2007
 
PPTX
AI in Daily Life: How Artificial Intelligence Helps Us Every Day
vanshrpatil7
 
PPTX
IT Runs Better with ThousandEyes AI-driven Assurance
ThousandEyes
 
PDF
Google I/O Extended 2025 Baku - all ppts
HusseinMalikMammadli
 
PDF
OFFOFFBOX™ – A New Era for African Film | Startup Presentation
ambaicciwalkerbrian
 
PDF
Research-Fundamentals-and-Topic-Development.pdf
ayesha butalia
 
PDF
Market Insight : ETH Dominance Returns
CIFDAQ
 
PDF
State-Dependent Conformal Perception Bounds for Neuro-Symbolic Verification
Ivan Ruchkin
 
PDF
Tea4chat - another LLM Project by Kerem Atam
a0m0rajab1
 
PDF
Brief History of Internet - Early Days of Internet
sutharharshit158
 
PPTX
AVL ( audio, visuals or led ), technology.
Rajeshwri Panchal
 
PPTX
Farrell_Programming Logic and Design slides_10e_ch02_PowerPoint.pptx
bashnahara11
 
PPTX
cloud computing vai.pptx for the project
vaibhavdobariyal79
 
PDF
The Future of Mobile Is Context-Aware—Are You Ready?
iProgrammer Solutions Private Limited
 
PPTX
Agile Chennai 18-19 July 2025 Ideathon | AI Powered Microfinance Literacy Gui...
AgileNetwork
 
PPTX
Agentic AI in Healthcare Driving the Next Wave of Digital Transformation
danielle hunter
 
PDF
A Strategic Analysis of the MVNO Wave in Emerging Markets.pdf
IPLOOK Networks
 
PPTX
Simple and concise overview about Quantum computing..pptx
mughal641
 
PDF
MASTERDECK GRAPHSUMMIT SYDNEY (Public).pdf
Neo4j
 
PDF
TrustArc Webinar - Navigating Data Privacy in LATAM: Laws, Trends, and Compli...
TrustArc
 
introduction to computer hardware and sofeware
chauhanshraddha2007
 
AI in Daily Life: How Artificial Intelligence Helps Us Every Day
vanshrpatil7
 
IT Runs Better with ThousandEyes AI-driven Assurance
ThousandEyes
 
Google I/O Extended 2025 Baku - all ppts
HusseinMalikMammadli
 
OFFOFFBOX™ – A New Era for African Film | Startup Presentation
ambaicciwalkerbrian
 
Research-Fundamentals-and-Topic-Development.pdf
ayesha butalia
 
Market Insight : ETH Dominance Returns
CIFDAQ
 
State-Dependent Conformal Perception Bounds for Neuro-Symbolic Verification
Ivan Ruchkin
 
Tea4chat - another LLM Project by Kerem Atam
a0m0rajab1
 
Brief History of Internet - Early Days of Internet
sutharharshit158
 
AVL ( audio, visuals or led ), technology.
Rajeshwri Panchal
 
Farrell_Programming Logic and Design slides_10e_ch02_PowerPoint.pptx
bashnahara11
 
cloud computing vai.pptx for the project
vaibhavdobariyal79
 
The Future of Mobile Is Context-Aware—Are You Ready?
iProgrammer Solutions Private Limited
 
Agile Chennai 18-19 July 2025 Ideathon | AI Powered Microfinance Literacy Gui...
AgileNetwork
 
Agentic AI in Healthcare Driving the Next Wave of Digital Transformation
danielle hunter
 
A Strategic Analysis of the MVNO Wave in Emerging Markets.pdf
IPLOOK Networks
 
Simple and concise overview about Quantum computing..pptx
mughal641
 
MASTERDECK GRAPHSUMMIT SYDNEY (Public).pdf
Neo4j
 
TrustArc Webinar - Navigating Data Privacy in LATAM: Laws, Trends, and Compli...
TrustArc
 
Ad

IS - SSL

  • 1. Information Security CS 3002 Dr. Haroon Mahmood Assistant Professor NUCES Lahore
  • 2. 2 Information Security Message/data security  authentication (single), integrity and privacy self contained in the message  possibility of non repudiation  requires modification of applications
  • 3. 3 Information Security Channel Security  authentication (single or mutual), integrity and privacy only during the transit inside the communication channel  no possibility of non repudiation  requires no (or small) modification of applications
  • 4. 4 Information Security Security internal to applications  each application implements security internally  the common part is limited to the communication channels (socket)  possible implementation errors (inventing security protocols is not simple!)  does not guarantee interoperability
  • 5. 5 Information Security Security External to Applications  the session level would be the ideal one to be used to implement many security functions  … but it does not exist in TCP/IP!  a “secure session” level was proposed:  it simplifies the work of application developers  it avoids implementation errors  it is up to the application to select it (or not)
  • 6. 6 Information Security SSL what is it?  Security at layer 4 (Transport layer)  Secure Sockets Layer (SSL)  secure transport channel (session level):  peer authentication (server, server+client)  message confidentiality  message authentication and integrity  protection against replay attacks  Easily applicable to all protocols based on TCP:  HTTP, SMTP, FTP, TELNET, ...  e.g. the famous secure HTTP (https://....) = 443/TCP
  • 7. 7 Information Security SSL/TLS  Philosophy of SSL: Easier to deploy something if no changes in OS required  Application’s API (Socket) is interface to SSL: Hence secure socket layer  API to SSL is the superset of API to TCP  SSL/TLS operate above TCP. OS doesn’t change applications do!
  • 8. 8 Information Security SSL handshake  agree on a set of algorithms for confidentiality, integrity and authentication  exchange random numbers between the client and the server to be used for the subsequent generation of the keys  establish a symmetric key by means of public key operations, e.g. RSA  negotiate the session-id  exchange the necessary certificates
  • 9. 9 Information Security SSL handshake simplified  Secrets are: Pre-master key S, Master Key K  Server authentication  Client authentication by password (optional)
  • 11. 11 Information Security Key Terms  HELLO Extensions: request extended functionality by sending data in the extensions field.  E.g: max_fragment_length, status request  The server may not oblige  Client may abort the handshake  Pre-shared Secret (key): generated by client OR directly obtained from the key exchange. E.g: (DH: gab mod p)  Master keys: generated from the pre-shared secret + random.client + random.server by applying a PRF  Master key = PRF (pre-shared secret, random.client, random.server)  PRF = Pseudo Random Function
  • 12. 12 Information Security SSL V3 Architecture  Handshake: enables the SSL or TLS client and server to establish the secret keys with which they communicate  Change cipher spec: indicates the usage of secret key for data communication  Alert: signal problems with SSL connection, give current status  Record protocol: permits the encapsulation of higher level protocols
  • 14. 14 Information Security SSL MAC computation  MAC = message_digest ( key, seq_number | type | version | length | fragment )  message_digest  depends on the chosen algorithm  key  sender-write-key or receiver-read-key  seq_number  32-bit integer  Type  Type of record  change cipher spec (20)  alert (21)  Handshake (22)  Application data (23)  length  length of the fragment/plaintext
  • 16. 16 Information Security SSL-3 new features with respect to SSL-2  data compression:  optional  Done before encryption  data encryption is optional: in order to have only authentication and integrity  possibility to re-negotiate the SSL connection:  periodical change of keys  change of the algorithms
  • 17. 17 Information Security IPsec  Philosophy of IPsec: implementing security within the operating systems automatically causes applications to be protected without changing applications  IPsec is within the OS. OS changes, applications and API to TCP don’t.
  • 19. 19 Information Security Transport mode IPsec  used for end-to-end security, that is used by hosts, not gateways (exception: traffic for the gateway itself e.g: SNMP, ICMP)  pro: computationally light  con: no protection of header variable fields
  • 20. 20 Information Security Tunnel Mode IPsec  used to create a VPN, usually by gateways  Gateway-to-gateway mode  pro: protection of header variable fields  con: computationally heavy
  • 21. 21 Information Security IPsec  Security at layer 3  IPsec ensures:  Confidentiality, integrity, and authenticity  Allows secure communication in the Internet  Independent from the application or higher protocols  Network-layer security instead of application-layer security  Compatible with schemes providing security at the application layer  Can be applied simultaneously
  • 22. 22 Information Security IPSec  Further advantages:  Can be applied to all network traffic  Routers/firewalls vendors can implement it (Can't implement SSL)  Transparent to the applications  Transparent to the users  Limitations:  Limited to IP Addresses  Has no concept of application users
  • 23. 23 Information Security Applications of IPsec  Secure connection among different branches of the same company  Virtual Private Network (VPN)  Secure remote access to an Intranet through the (insecure) Internet  Allows secure remote workers  Secure communication between peers  Adding security for electronic commerce applications
  • 24. 24 Information Security IPsec overview  IETF architecture for L3 security in IPv4 / IPv6:  definition of two specific packet types:  AH (Authentication Header)  for integrity, authentication, no replay  ESP (Encapsulating Security Payload)  for confidentiality, integrity, authentication, no replay  protocol for key exchange:  IKE (Internet Key Exchange)
  • 25. 25 Information Security Security Association  Establishment of shared security attributes between sender and receiver to support secure communication  Usually considered unidirectional  contain all the information required for execution of various network security services  Three SA identification parameters  Security parameter index  IP destination address  Security protocol identifier  two SA are needed to get complete protection of a bidirectional packet flow in IPsec
  • 26. 26 Information Security IPsec local databases  SAD (SA Database)  list of active SA and their characteristics (algorithms, keys, parameters)  maintained by user-processes  SPD (Security Policy Database)  list of security policies to apply to the different packet flows  a-priori configured (e.g. manually) or connected to an automatic system (e.g. ISPS, Internet Security Policy System)
  • 28. 28 Information Security AH  Authentication Header  mechanism (first version, RFC-1826):  data integrity and sender authentication  compulsory support of keyed-MD5 (RFC-1828)  optional support of keyed-SHA-1 (RFC-1852)  mechanism (second version, RFC-2402):  data integrity, sender authentication and protection from replay attack  HMAC-MD5  HMAC-SHA-1
  • 29. 29 Information Security AH Packet  Next header: identifies the nature of the payload (TCP/UDP)  Length: Indicates the length of the AH header  SPI: Identifies the correct security association for the communication  Sequence Number: Provides anti-replay protection for the SA  Auth. Data: contains the Integrity Check Value (ICV) that is used to verify the integrity of the message. The receiver calculates the hash value and checks it against this value (calculated by the sender) to verify integrity.
  • 31. 31 Information Security ESP  Encapsulating Security Payload (ESP)  first version (RFC-1827) gave only confidentiality  base mechanism: DES-CBC (RFC-1829)  Second version (RFC-2406):  provides confidentiality & authentication (but not the IP header, so the coverage is not equivalent to that of AH)
  • 32. 32 Information Security ESP in transport mode  pro: the payload is hidden (including info needed for QoS or intrusion detection)  con: the header remains in clear
  • 33. 33 Information Security ESP Packet  SPI: Identifies the correct security association for the communication  Sequence number: Provides anti-replay protection for the SA  Next header: Identifies the nature of the payload (TCP/UDP)  Auth. Data: Contains the Integrity Check Value (ICV), and a message authentication code that is used to verify the sender's identity and message integrity. The ICV is calculated over the ESP header, the payload data and the ESP trailer  Initialization Vector (IV): optional. Is after the Sequence number
  • 34. 34 Information Security ESP Packet: Encryption & Authentication Next header
  • 35. 35 Information Security ESP tunnel mode  pro: hides both the payload and (original) header  con: larger packet size
  • 36. 36 Information Security IPSec: AH & ESP packet format