Secure Socket LayerAgendaSSL FactsSlide 4SSL UsageSlide 6SSL StackSSL Record Protocol OperationSSL Record FormatSSL HandshakeSlide 11Slide 12SSL Session KeySecure Data on NetworkMan-in-the-Middle AttackKey exchange and certificateVerify CertificateNot-recognizable CertificateReview the Certificate In IESlide 20Server Hello RequestClient HelloServer HelloServer CertificatesVerify Server CertificateClient Certificate (optional)Verify Client CertificateKey ExchangeFinal StepsSSL ArchitectureRecord LayerPowerPoint PresentationAlert LayerSlide 34Change Cipher Spec ProtocolComparison of SSL V2.0 and V3.0Slide 37Comparison of SSL V2.0 and V3.0Problem Free?Wireless Transport Layer SecurityWTLS OverviewWTLS FactsSlide 43Web Service SecurityComparison of Traditional Web Application and Web ServiceSlide 46Slide 47WS-SecuritySlide 49Slide 50Reference1Secure Socket LayerSecure Socket Layer•Yu YangYu Yang•Lilly Lilly WangWang2AgendaAgenda• SSL BasicsSSL Basics• WTLSWTLS• Security for Web ServiceSecurity for Web Service3SSL FactsSSL Facts•SSL was first developed by SSL was first developed by Netscape in 1994 and became an Netscape in 1994 and became an internet standard in 1996 ( RFC internet standard in 1996 ( RFC 2246 – TLS V1.0)2246 – TLS V1.0)•SSL is a cryptographic protocol to SSL is a cryptographic protocol to secure network across a secure network across a connection-orientedconnection-oriented layer layer•Any program using TCP can be Any program using TCP can be modified to use SSL connectionmodified to use SSL connection4SSL FactsSSL Facts•SSL connection uses a dedicated SSL connection uses a dedicated TCP/IP socket(e.g. port 443 for https)TCP/IP socket(e.g. port 443 for https)•SSL is flexible in choice of which SSL is flexible in choice of which symmetric encryption, message symmetric encryption, message digest, and authentication can be useddigest, and authentication can be used•SSL provides built in data SSL provides built in data compressioncompression5SSL UsageSSL Usage•Authenticate the server to the clientAuthenticate the server to the client•Allow the client and server to select Allow the client and server to select cryptographic algorithms, or ciphers, cryptographic algorithms, or ciphers, that they both supportthat they both support•Optionally authenticate the client to the Optionally authenticate the client to the serverserver•Use public key encryption techniques to Use public key encryption techniques to generate shared secretgenerate shared secret•Establish an encrypted SSL connection Establish an encrypted SSL connection6Secure Socket LayerSecure Socket LayerSSL is a secure protocol which runs SSL is a secure protocol which runs above TCP/IP and allows users to encrypt above TCP/IP and allows users to encrypt data and authenticate servers/vendors data and authenticate servers/vendors identity securelyidentity securelyApplication layerTransport layerTCP/IP layerSMTPSFTPSHTTPSSECURE SOCKET LAYER7SSL StackSSL Stack8SSL Record Protocol SSL Record Protocol OperationOperation9SSL Record FormatSSL Record Format10SSL HandshakeSSL HandshakeSSL handshake verifies the server SSL handshake verifies the server and allows client and server to and allows client and server to agree on an encryption set agree on an encryption set before before any data is sent outany data is sent out11SSL HandshakeSSL Handshake12SSL HandshakeSSL HandshakeServerClientPublic keyPrivate keyClient requestPublic key13SSL Session KeySSL Session KeyServerClientPublic keyPrivate keyPublic key Pre-MasterPre-MasterPre-MasterSession keySession key14Secure Data on Secure Data on NetworkNetworkServerClientPublic keyPrivate keySession keyDataSession keyDataDataDataSession keyData15Man-in-the-Middle Man-in-the-Middle AttackAttackServerClientPublic keyPrivate keyHackerPublic keyPrivate keyPre-masterPublic keyPublic keyPublic keySession keyPre-masterPublic keyPre-masterPre-masterSession key16Key exchange and Key exchange and certificatecertificateSSL version number client supported (v2, v3)Ciphers supported client (DES, RC2, RC4)Client Random NumberSSL version number server picked (v2, v3)Ciphers server picked (DES, RC2, RC4)Server Random NumberServerClientPublic keyPrivate keyPublic keyCertificate17Verify CertificateVerify CertificateCheckingServerClientPublic keyPrivate keyClient requestCertificateCertificateValidPublic keyCertificate is Good and ValidServer/vendor has been verified and authenticatedClient has vendor’s public key and Client has vendor’s public key and can now encrypt pre-master to send can now encrypt pre-master to send to server/vendorto server/vendor18Not-recognizable Not-recognizable CertificateCertificate19Review the Certificate Review the Certificate In IEIn IE20SSL HandshakeSSL HandshakeClient helloServer helloPresent Server Certificate*Request Client CertificateServer Key ExchangeClient Finish*Present Client CertificateClient Key Exchange*Certificate VerifyChange Cipher SpecServer FinishChange Cipher SpecClientServerApplication Data21Server Hello RequestServer Hello Request•Notifies the client that they should send a Notifies the client that they should send a client hello message to begin the client hello message to begin the negotiation processnegotiation process•Sent by the server at any timeSent by the server at any time•After the server sends a request, it does After the server sends a request, it does not send another one until a handshake not send another one until a handshake has been completedhas been completed•Client can choose to ignore them or send Client can choose to ignore them or send a Client Helloa Client Hello22Client HelloClient Hello• Sent by the client Sent by the client –When first connecting to a When first connecting to a serverserver–In response to a hello request or In response to a hello request or on its ownon its own• ContainsContains–32 bytes random number 32 bytes random number created by a secure random created by a secure random number generatornumber generator–Protocol versionProtocol version–Session IDSession ID–A list of supported ciphersA list of supported ciphers–A list of compression methodsA list of compression methods23Server HelloServer Hello• Sent as response if client hello is Sent as response if client hello is acceptedaccepted–If not, a handshake failure alert is sent If not, a handshake failure alert is sent • ContainsContains–32 bytes random number created by a 32