Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

SSL

2,445 views

Published on

  • Be the first to comment

SSL

  1. 1. Introduction SSL/TLSNguyen Ngo, Ninh Khong
  2. 2. AgendaIntroduction  Background • What ‘s SSL/TLS? • Cryptography Methods. • Where SSL/TLS Fit? • SSL ArchitectureHandShake Protocol • Client Hello. • Server Hello • Client ExchangeApplications  Web and Mail  Other
  3. 3. INTRODUCTION
  4. 4. Background
  5. 5. What ‘s SSL/TLS? Transport Layer Security (TLS) and Itspredecessor, Secure Sockets Layer (SSL), are cryptographic protocols that providecommunication security over the Internet. TLS and SSL encrypt the segments of network connections above the Transport Layer.
  6. 6. Cryptography Methods• Key Exchange: Using Assymmetric Cryptography.• Privacy: Using Symmetric Cryptography.• Message Integrity: Using Message Authentication Codes (MAC).
  7. 7. Where SSL/TLS Fit? HTTP SMTP POP3 HTTPS SSMTP SPOP3 80 25 110 443 465 995 Secure Sockets Layer Transport Network Link
  8. 8. SSL Architecture
  9. 9. HandShake Protocol
  10. 10. Handshake Protocol 1 ClientHello 1 ServerHello 2 2Client Certificate 3 Server 3 CertificateRequest 4 4 “ServerHelloDone” 5 5 6 Certificate 6 7 ClientKeyExchange 7 8 CertificateVerify 8 9 [ChangeCipherSpec] 9 10 Finished 10 [ChangeCipherSpec] 11 11 Finished 12 12
  11. 11. Client Hello (RFC) struct { TimeStamptimestamp; ProtocolVersion client_version; Random random; SessionID session_id; CipherSuite cipher_suites; CompressionMethod compression_methods; } ClientHello
  12. 12. Server HelloClient 1 C, Versionc, suitec, Nc 1 Server Versions, suites, Ns, 2 2 sigca(S,Ks), 3 3 “ ServerHelloDone” 4 4
  13. 13. Client Key ExchangeClient 1 C, Versionc, suitec, Nc 1 Server Versions, suites, Ns, 2 2 sigca(S,Ks), 3 3 “ServerHelloDone” 4 4 5 {Secretc}Ks 5
  14. 14. Applications
  15. 15. Web and Mail • HTTPS • Secure Mail • SSMTP • SPOP3
  16. 16. Others• sTelnet• sTunnel• OpenSSH• SSLProxy• sFTP
  17. 17. THANK YOU

×