Secure Socket Layer Presented By, Raghavendra M Rao
SSL Secure socket layer is security protocol to provide privacy and reliability between two communicating applications. Confidentiality Integrity Authentication
History SSL – Secure Sockets Layer Version 2.0 Initially developed by Netscape 1995. SSL 2.0 is sensitive to man-in-the-middle attacks leading to the negotiation of weak 40-bit encryption keys. „ SSL – Secure Sockets Layer Version 3.0, Internet Draft authored by Netscape, November1996 IETF (Internet Engineering Task Force, the body in charge of the core internet protocols, including the TCP/IP protocol) made SSL Version 3 an open standard in 1999 and called it TLS(Transport Layer Security) Version 1. TLS 1.1 was defined in RFC 4346 in April 2006. TLS 1.2 was defined in RFC 5246 in August 2008
Why and what is the use of SSL??Problem : Internet and the Web are extremely vulnerable tocompromises of various sorts. As businesses utilize the Internet formore than information dissemination, they will need to use trustedsecurity mechanisms.Solution : implement security as a protocol that sits between theunderlying transport protocol (TCP) and the application. The foremostexample of this approach is the Secure Sockets Layer (SSL) and thefollow-on Internet standard of SSL known as Transport LayerSecurity(TLS).Original goals: Had Web e-commerce transactions in mind Encryption (especially credit-card numbers) Web-server authentication Optional client authentication Minimum hassle in doing business with new merchant
Without SSL Eavesdropping. Tamper Interception No authentication
IMPLEMENTATION Internet Financial Institution Insurance companies Emails Business to Business Networks- BtoB
Step 1: A customer makes a connection to xyz.com on an SSL port, typically 443. This connection is denoted with https instead of http. Step 2: xyz.com sends back its public key to the customer. Once customer receives it, his/her browser decides if it is alright to proceed. The xyz.com public key must NOT be expired The xyz.com public key must be for xyz.com only The client must have the public key for Trustwave installed in their browser certificate store. 99.9% of all modern browsers (1998+) include the Trustwave root certificate. If the customer has Trustwave trusted public key, then they can trust that they are really communicating with XYZ, Inc. Step 3: If the customer decides to trust the certificate, then the customer will be sent to xyz.com his/her public key. Step 4: xyz.com will next create a unique hash and encrypt it using both the customers public key and xyz.coms private key, and send this back to the client. Step 5: Customers browser will decrypt the hash. This process shows that the xyz.com sent the hash and only the customer is able to read it. Step 6: Customer and website can now securely exchange information.
ssl 2.0 vs. ssl 3.0 The major differences between the two protocols include is SSL Version 3.0 handshake protocol flows are different than SSL Version 2.0 handshake flows. SSL Version 3.0 uses the BSAFE 3.0 implementation from RSA Data Security, Incorporated. BSAFE 3.0 includes a number of timing attack fixes and the SHA-1 hashing algorithm. The SHA-1 hashing algorithm is considered to be more secure than the MD5 hashing algorithm. SHA-1 allows SSL Version 3.0 to support additional cipher suites which use SHA-1 instead of MD5. SSL Version 3.0 protocol reduces man-in-the-middle (MITM) type of attacks from occurring during SSL handshake processing. In SSL Version 2.0, it was possible, though unlikely, that a MITM attack could accomplish cipher specification weakening. Weakening the cipher could allow an unauthorized person to break the SSL session key.
TLS vs. SSL The following is from RFC 2246:"The differences between this protocol and SSL 3.0are not dramatic, but they are significant enough thatTLS 1.0 and SSL 3.0 do not interoperate (althoughTLS 1.0 does incorporate a mechanism by which aTLS implementation can back down to SSL 3.0)."
TLS 1.1 vs. TLS 1.2 The MD5/SHA-1 combination in the pseudorandom function (PRF) has been replaced with cipher-suite-specified PRFs. All cipher suites in this document use P_SHA256. The MD5/SHA-1 combination in the digitally-signed element has been replaced with a single hash. Signed elements now include a field that explicitly specifies the hash algorithm used. Substantial cleanup to the clients and servers ability to specify which hash and signature algorithms they will accept. Note that this also relaxes some of the constraints on signature and hash algorithms from previous versions of TLS.
Cont. Addition of support for authenticated encryption with additional data modes. TLS Extensions definition and AES Cipher Suites were merged in from external [TLSEXT] and [TLSAES]. Tighter checking of Encrypted Pre-Master Secret version numbers tightened up a number of requirements. Verify data length now depends on the cipher suite (default is still 12). Cleaned up description of Bleichenbacher/Klima attack defenses.
SSL – Supported TCP-based ProtocolsServiceName Port Secured Servicehttps 443/tcp http protocol over TLS/SSL„ smtps 465/tcp smtp protocol over TLS/SSL„ nntps 563/tcp nntp protocol over TLS/SSL„ sshell 614/tcp SSLshell„ ldaps 636/tcp ldap protocol over TLS/SSL„ ftps-data 989/tcp ftp protocol, data, over TLS/SSL„ ftps 990/tcp ftp, control, over TLS/SSL„ telnets 992/tcp telnet protocol over TLS/SSL„ imaps 993/tcp imap4 protocol over TLS/SSL„ ircs 994/tcp irc protocol over TLS/SSL„ pop3s 995/tcp pop3 protocol over TLS/SSL
Patents Companies which provides SSL certificate.docx SSL PATENTS.docxTransport Layer Security Version 1.0 http://www.ietf.org/rfc/rfc2246.txtTransport Layer Security Internet draft 3.0 http://tools.ietf.org/html/draft-ietf-tls-ssl-version3-00
A particular slide catching your eye?
Clipping is a handy way to collect important slides you want to go back to later.