ODU CS 772 - SSL/TLS Protocols (7 pages)

Previewing pages 1, 2 of 7 page document View the full content.
View Full Document

SSL/TLS Protocols



Previewing pages 1, 2 of actual document.

View the full content.
View Full Document
View Full Document

SSL/TLS Protocols

70 views


Pages:
7
School:
Old Dominion University
Course:
Cs 772 - N/w Secur Cncpt-Prtcl-Prgrm
Unformatted text preview:

SSL TLS Protocols SSL Secure Socket Layer developed by Netscape TLS Transport Layer Security is an IETF standard Are almost the same They run as a user level processes on top of TCP IP The Basic Protocol Alice Bob I want to talk ciphers I support Ra certificate cipher I choose Rb choose secret S compute K f S Ra Rb S Bob keyed hash of handshake msgs compute K f S Ra Rb keyed hash of handshake msgs data protected with keys derived from K Keys Alice chooses a random number S as pre master secret It is shuffled with Ra and Rb to produce a master secret K Ra and Rb are 32 octets long the first 4 are the UNIX time seconds since Jan 1 1970 This is to ensure that Rs are always different The master secret is shuffled with Rs to produce six 6 keys Three 3 for each side for encryption integrity and IV The three keys used for transmission are known as the write keys while the three keys used for receipt are known as the read kyes Thus Alice s write keys are Bob s read keys and vice versa To ensure that the keyed hash Alice sends is different from the keyed hash Bob sends Alice include the string CLNT and the Bob include SRVR in the hash Note that Alice has authenticated Bob but Bob has no idea to whom he s talking to In SSL it is optional for the server to authenticate the client if it has a certificate Normally the server authenticates the client using name password sent securely over the ssl connection Session Resumption If the server support session resumption it sends session id for the client Alice Bob I want to talk ciphers I support Ra session id certificate cipher I choose Rb choose secret S compute K f S Ra Rb S Bob keyed hash of handshake msgs compute K f S Ra Rb keyed hash of handshake msgs data protected with keys derived from K Session resuption if both sides remember the session id Alice Bob session id ciphers Ra session id cipher Rb keyed hash of msgs keyed hash of msgs data protected with keys derived from K Note that they still have to negotiate ciphers But the pre master secret S is the same which is expensive to generate Encrypted Records SeqNum Header Data HMAC integriy key V V V Header Data HMAC pad ENCRYPT encryption key V V Header encrypted integrity protected record If block cipher is used the IV is used to encrypt the first record The final block of each record is used as the IV for the next record Connection Closure The sender should send close notify message to signal the other end that it has no more data to send The purpose is to prevent a trunctation attack in which the attacker inserts a TCP FIN segment before the sender is finished sending data forcing the receiver to think that all data has been received If a party receives FIN without first receiving close notify it must mark the session as not resumable HTTP Over SSL https HTTP HTTP HyperText Transfer Protocol is the Web basic transport protocol The basic unit of HTTP interaction is the request response pair The client opens a TCP connection to the server and writes the request The server writes back the response and indicates the end of response either with a length header or by closing the connection Example Client Request GET HTTP 1 0 Connection Keep Alive Host www cs odu edu Serever Response HTTP 1 0 200 OK Content Length 1650 Connection Keep Alive Content Type text html URLs scheme host port path query Examples scheme http default port 80 scheme ftp default port 21 schems https default port 443 HTTPS The client makes a connection to the server negotiates an SSL connection and transmits http data over the established secure connection Reference integrity Match the URL reference to the server s identity with the CN name in the server s certificate OpenSSL s server s client s server openssl s server dhparam dh1024 pem accept 1234 cert server cert pem key server privatekey pem openssl s server dhparam dh1024 pem accept 1234 cert server cert pem key server privatekey pem WWW The option WWW causes the server to emulate a simple http server openssl s server dhparam dh1024 pem accept 1234 cert server cert pem key server privatekey pem verify 2 CAfile ca cert pem The option verify causes the server to demand a certificate from the client and the depth of the chain should not exceed 2 and the option CAfile specify the trusted certificate To create the dh1024 pem openssl dhparam check text 5 1024 out dh1024 pem Or use the option no dhe e g openssl s server no dhe accept 1234 cert server cert pem key server privatekey pem s client openssl s client connect localhost 1234 verify 2 CAfile ca cert pem openssl s client connect localhost 1234 verify 2 CAfile ca cert pem cert client cert pem key client privatekey pem openssl s client connect localhost 1234 verify 2 CAfile ca cert pem reconnect The option reconnect causes 5 connections to the server using the same session ID to test session cashing To test the WWW mode of server type GET server pem HTTP 1 0


View Full Document

Access the best Study Guides, Lecture Notes and Practice Exams

Loading Unlocking...
Login

Join to view SSL/TLS Protocols and access 3M+ class-specific study document.

or
We will never post anything without your permission.
Don't have an account?
Sign Up

Join to view SSL/TLS Protocols and access 3M+ class-specific study document.

or

By creating an account you agree to our Privacy Policy and Terms Of Use

Already a member?