DOC PREVIEW
SJSU CS 265 - DigitalCertificates

This preview shows page 1-2-3 out of 10 pages.

Save
View full document
View full document
Premium Document
Do you want full access? Go Premium and unlock all 10 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 10 pages.
Access to all documents
Download any document
Ad free experience
View full document
Premium Document
Do you want full access? Go Premium and unlock all 10 pages.
Access to all documents
Download any document
Ad free experience
Premium Document
Do you want full access? Go Premium and unlock all 10 pages.
Access to all documents
Download any document
Ad free experience

Unformatted text preview:

CONTENTSABSTRACTIntroductionSSL HandshakeDigital Certificate ContentsDigital SignatureAuthentication processConclusionREFERENCESDepartment of Computer ScienceCS 265 – Cryptography and Computer SecurityDigital Certificates & SSL Project ReportSubmitted By:Swapna ErabathiniSpring 2005CONTENTSCONTENTS.....................................................................................................................................................2ABSTRACT.....................................................................................................................................................3Introduction......................................................................................................................................................4SSL Handshake.................................................................................................................................................4Digital Certificate Contents......................................................................................................................6Digital Signature.......................................................................................................................................7Authentication process.............................................................................................................................8Conclusion......................................................................................................................................................10REFERENCES...............................................................................................................................................10ABSTRACTThe purpose of this Paper is to explain the SSL technology’s most common Handshakeprocess, Digital Certificate contents, Digital Signature & the Authentication process. SSL(Secure Sockets Layer) is the industry standard protocol & technology for securing onlinetransactions (e.g. Online purchase at http://www.amazon.com). SSL uses EncryptionTechnology & Digital certificates to provide the security required for authentication. SSLhas highly reliable authentication & encryption processes, which helps identify hackerattacks (tampering, re-directing etc) and nullify* the effect of the attack.* There is no system in the world that is 100% secure and SSL falls into the samecategory but the security used by SSL-128 bit encryption is so reliable that it is virtuallyimpossible to break the security thus making SSL near 100% (if not 100%) secure.Digital Certificates & SSLAS THERE IS NO END TO THE SKY, THERE IS NO END TO IMPROVING THE SYSTEMS BROKEN SYSTEMS ARE THE INSPIRATION FOR DEVELOPING BETTER SYSTEM.S _ ME (SWAPNA ERABATHINI)IntroductionSSL (Secured Sockets Layer) SSL is as a protocol layer, lying between the Transmission Control Protocol (TCP)layer and the Application. It forms a secure connection between clients and servers sothat they can communicate in a secure manner over a network. SSL provides the following: Security - 1. Privacy :- Messages are encrypted so that only the two end point applications understand the data. 2. Integrity :- no data gets altered during it flight.3. Authentication :- which verifies the identity of the remote user by using digital certificates. Digital CertificatesA Digital Certificate is an electronic file (also referred to as a Digital Passport) that uniquely identifies (authenticates) individuals and Web sites and enables encrypted communications.Why do we need to Server Authentication?Authenticating the server is very important, for example, when the client sends creditcard over the internet, then definitely client wants to make sure about the receivingserver's identitySSL HandshakeThe very first SSL handshake process takes place to establish new session between client & server. Sequence of Commands that occur when messages are exchanged during an SSL handshake, are explained below1. The client first sends CLIENT_HELLO command to the server, which will include:-The highest SSL version, Data compression methods, The session ID, the Cipher supported by the client and a random data/message generated by the client which will be eventually used in the key generation process 2. The server then sends the SERVER_HELLO command to the client, which will include: The highest SSL version , Data compression methods, Cipher, The session ID used for SSL session and the random data generated by server which will be eventually used in the key generation process 3. The server then sends the CERTIFICATE command., which will include the server's certificate. 4. The server then sends the SERVER_DONE command. This command indicates the completion of SSL handshake process by the server. 5. The client now sends the CLIENT_KEY_EXCHANGE after validating &authenticating the server certificate. These are the following points to note :- a) The above command contains the pre-master secret created by the client and uses the server's public key to encrypt. b) Using this pre-master secret and the random data (which is generated from the SERVER_HELLO and CLIENT_HELLO commands.), symmetric encryption keys are generated by the client and the server .6. The client then sends the CHANGE_CIPHER_SPEC, this particular commandindicates that all further data will be encrypted. 1.CLIENT_HELLO2. SERVER_HELLO3. CERTIFICATE4. SERVER_DONE5. CLIENT KEY EXCHANGE6.CHANGE_CIPHER_SPEC7.FINISHED8..CHANGE_CIPHER_SPEC9.FINISHEDCLIENTSERVER7. The client then sends the command, FINISHED, this command is sent to confirmthat commands that were exchanged between the server and the clientunencrypted, were not modified in the flight. To accomplish this, the client sendsthe digest of all SSL handshake commands so far.8. The server then sends the command, CHANGE_CIPHER_SPEC, this particular command indicates that all further data will be encrypted. 9. The server then sends the command, FINISHED. the server sends the digest of all SSL handshake commands so far. Step 5 above indicates a key process of authenticating the server. Now, we aregoing to study in more details how the client is confirming a server's identity Now, to understand the authentication


View Full Document

SJSU CS 265 - DigitalCertificates

Documents in this Course
Stem

Stem

9 pages

WinZip

WinZip

6 pages

Rsync

Rsync

7 pages

Hunter

Hunter

11 pages

SSH

SSH

16 pages

RSA

RSA

7 pages

Akenti

Akenti

17 pages

Blunders

Blunders

51 pages

Captcha

Captcha

6 pages

Radius

Radius

8 pages

Firewall

Firewall

10 pages

SAP

SAP

6 pages

SECURITY

SECURITY

19 pages

Rsync

Rsync

18 pages

MDSD

MDSD

9 pages

honeypots

honeypots

15 pages

VPN

VPN

6 pages

Wang

Wang

18 pages

TKIP

TKIP

6 pages

ESP

ESP

6 pages

Dai

Dai

5 pages

Load more
Download DigitalCertificates
Our administrator received your request to download this document. We will send you the file to your email shortly.
Loading Unlocking...
Login

Join to view DigitalCertificates and access 3M+ class-specific study document.

or
We will never post anything without your permission.
Don't have an account?
Sign Up

Join to view DigitalCertificates 2 2 and access 3M+ class-specific study document.

or

By creating an account you agree to our Privacy Policy and Terms Of Use

Already a member?