What is TLS/SSL?


Published on

This Document will help You to understand the TLS/SSL on Tnransport Layer

Published in: Technology, Education
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

What is TLS/SSL?

  1. 1. Outline:  Web Security  Executive Summary  Introduction to SSL/TLS  What is TLS/SSL?  Digital Certificates  Authentication and Verification  Services of SSL  The Four Upper Layer Protocols  Record Protocol  Change Cipher Spec Protocol  Alert Protocol  Handshake Protocol  Secure Socket Layer (SSL)  Where, What and How about SSL  Architecture  Transport Layer Security (TLS)  TLS Overview  Public Key Certificates  Implementation & Applications of SSL/TLS  Summary  References
  2. 2. Security:  Web is now widely used by businesses, government firms and individuals.  But Internet & Web space are vulnerable.  Have a variety of threats related to  Integrity: Someone might alter content  Confidentiality: Anyone can see content  Denial of service:  Authentication: Not clear who you are talking with  need added security mechanisms Executive Summary: Transport Layer Security or TLS,widelyknownalsoasSecureSocketsLayerorSSL,isthemostpopularapplicationofpublickeycryp tographyintheworld.ItismostfamousforsecuringWebbrowsersessions,butithaswidespreadapplicati ontoothertasks TLS/SSL canbeusedtoprovide strong authentication of bothparties inacommunicationsession,strongencryptionofdatain transitbetweenthem,andverificationofthe integrityofthatdataintransitTLS/SSLcanbe used tosecureabroadrangeofcriticalbusinessfunctionssuchasWebbrowsing,server-toservercommunications,emailclient-to-servercommunications,softwareupdating,databaseaccess, virtualprivatenetworkingandothersHowever,whenused improperly,TLScangivetheillusionofsecuritywherethecommunicationshave beencompromisedItisimportanttokeepcertificatesuptodateandcheckrigorouslyforerrorcond itionsInmany,butnotallapplicationsofTLS,theintegrityoftheprocessisenhancedbyusingacertificatei
  3. 3. ssuedbyan outside trusted CertificateAuthority(CA)ThispaperwillexplorehowTLSworks,bestpracticesforitsuse,andthevariou sapplicationsinwhichitcansecurebusinesscomputing. Introduction:  Secure Sockets Layer (SSL)  Developed by Netscape Corporation  Versions 1, 2, and 3 (released in 1996)  Transport Layer Security (TLS)  Successor of SSL  IETF standards track protocol, based on SSL 3.0  Last updated in RFC 5246 (2008)  Transport Layer Security (TLS) and its predecessor, Secure Sockets Layer (SSL), are cryptographic protocols that provide security for communications over networks such as the Internet.  TLS and SSL encrypt the segments of network connections at the Transport Layer endto-end. Asthescience ofbusinesscomputing,andofcomputingsecurityinparticular, thetrendhasbeentofind securityweaknesseseverywhere wherecomplexityandfunctionalitygrow,sodotheopportunities forabuseofsystemsbymaliciousactors. hasadvanced, The solutions to these problems are varied and must be explored individually, but one technology shows up often: TLS or Transport Layer Security, often known by the name of the predecessor technology, SSL or Secure Sockets Layer TLSisbestknownasthetechnologywhichsecuresWebbrowsersessionsforbankingandothersensitivet asks,butitcanbeusedformuchmore. Clientservercommunicationwithavarietyofservertypes,inadditiontoWebservers,benefitsfromuseofTLS. Server-to-servercommunicationsalsoneedtobesecuredandcanbethroughTLS. ClientsupdatingapplicationsandothersoftwareontheirPCsshouldonlydosothroughasecureconnectio n,whichiswhysuchupdateapplicationsusuallyuseTLSor SSL. ThispaperwillexploretheseandotherapplicationsofTLSthatcansecuretheenterprisein themyriadplacesinwhichitcanbeattacked.
  4. 4. TLSprovides3basicbenefits:  Itprovidesauthenticationofthecommunicatingparties,eitherone-wayorin both directions  Itencryptsthecommunicationsession“onthewire”  Itensurestheintegrityofthedatatransferred What is TLS/SSL? TLS/SSLisatunnelingprotocolthatworksatthetransportlayer. Itprovidesencryption,authenticationandintegrityverificationofdata,anddoessobymeansofdigitalcer tificates. Digital Certificates Adigitalcertificateisanelectronicdocumentwhichconfirmstheidentityofanentity– whichcouldbeauser,aserver,acompany,aprogramonaclient,justaboutanything– andassociatesthatentitywithapublickey. Thedigitalcertificateistheentity’sidentificationtothepublickeyinfrastructure. EachpartytoaTLSsecuredcommunicationcanevaluatethecontentsofthecertificate. ThemostexaminedfieldistheCommonNameEachthencomparesittowhattheyexpect. Itisalsowisetochecktheissuerofthecertificate. Istheissueratrustedparty?FormoreontheseissuersseeTrustedCertificateAuthorities, Userscangeneratetheirowndigitalcertificates,calledself-signedcertificates,withfreetools. Butsuchcertificatesareinherentlyuntrustworthyandtherealvalueofcertificates comeswhentheyareissuedbyatrustedCA. UserscancreateandruntheirownCAontheirnetworkandsometimesthismakessense,butinmanycasesit isnecessarytouseanoutsidetrusted CA whichoutsidepartiescanalsotrustSymantec™isthelargestCA. Authentication and Verification
  5. 5. Publickeycryptographyallowstwopartiestoauthenticateeachother. Eachpartyhastwo keys,whicharelargenumericvalues. Amessageexchangedbetweentheparties isrunthroughahashingalgorithm. Ahashfunctiontakesablockofdataandcreatesavaluefromit,knownasahashordigestMakeevena small changeinthedataandthehashchangessignificantly. Atthesametimethereisnowaytorecreatethedatafromthehash. Thesendingpartytothecommunicationsusestheirprivatekeytoencryptthehashvalue. Thisencryptedvalueiscalledadigitalsignature. Themessageandsignaturearesenttotherecipientparty. Therecipientpartyusesthesender’spublickeytodecryptthesignature. Theygenerateahashofthemessageusingthesamealgorithmasthesenderandcomparethevalues. Ifthevaluesarethesamethentwothingsarecertain:thedatahasnotbeentamperedwithandthesenderiswh otheypurporttobe. Thisisbecausetheprivatekeycorrespondingtothepublickeyinthecertificatewasusedtosignthedata,an dtheprivatekeyshouldonlybe accessiblebythesendernamedinthecertificate. NeitherauthenticationnorintegrityverificationaremandatoryinTLSYoucanuseitsimplysothatthebits on thewireareencrypted. Butauthenticationis acorefeature,importanttomostcustomers. Services of SSL: SSL Provides several services on data received from the application layer.  Fragmentation: First SSL divides the data into blocks of 2^14 bytes or less.  Compression: Each fragment of data is compressed using one of the lossless compression methodnegotiated between the client and server. This service is optional.  Message Integrity: To preserve the integrity of data, SSL uses a keyed Hash function to create a MAC.  Confidentiality: To provide confidentiality, the original data and the MAC are encrypted using symmetric key cryptography  Framing:
  6. 6. A header is added to the encrypted payload. The payload is then passed to a reliable transport protocol. The Four Upper Layer Protocols  Application Encryption Protocol  Encrypt/Decrypt application data  Change Cipher Spec Protocol  Alert to a change in communication variables  Alert Protocol  Messages important to SSL connections  Handshaking Protocol  Establish communication variables SSL Record Protocol Services provided are:  Confidentiality  using symmetric encryption with a shared secret key defined by Handshake Protocol  IDEA, RC2-40, DES-40, DES, 3DES, Fortezza, RC4-40, RC4-128  message is compressed before encryption  Message integrity  using a MAC (Message Authentication Code) created using a shared secret key and a short message
  7. 7. SSL Change Cipher Spec Protocol:  one of 3 SSL specific protocols which use the SSL Record protocol  a single message  Purpose of message  Cause copy of pending state to current state.  Updates cipher suite to be used on the current connection. SSL Alert Protocol:  conveys SSL-related alerts to peer entity  Consists of two bytes  1st byte : warning or fatal  2nd byte: code for specific alerts  specific alert types  unexpected message, bad record mac, decompression failure, handshake failure, illegal parameter  close notify, no certificate, bad certificate, unsupported certificate, certificate revoked, certificate expired, certificate unknown  compressed & encrypted like all SSL data SSL Handshake Protocol:  The most complex part of SSL.
  8. 8.  allows server & client to:  authenticate each other  to negotiate encryption & MAC algorithms  to negotiate cryptographic keys to be used  comprises a series of messages in phases  Establish Security Capabilities  Server Authentication and Key Exchange  Client Authentication and Key Exchange  Finish  The client(Alice) and server(Bob) must agree on various parameters to establish the connection  Alice request a secure connections and presents a list of Cipher Suites  Bob picks the strongest supported Cipher Suite  Bob sends back his digital certificate o Including the certificate authority and his public key  By encrypting using the server’s public key, Alice send a random number to Bob securely  Alice and Bob generate key material from the random number  Secure connection established
  9. 9. `
  10. 10. SSL Handshake Protocol:  This protocol allows the server and client to authenticate each other and to negotiate an encryption and MAC algorithm and cryptographic keys to be used to protect data sent in an SSL record.
  11. 11. TLS (Transport Layer Security) SSL Key Exchange (Simplified) 1. SSL client connects to an SSL server 2. Server then sends its own certificate that contains its public key 3. Client then creates a random key (premaster key) and uses server's public key to encrypt it
  12. 12. 4. Client then sends encrypted premaster key to the server 5. Server then decrypts it (only the server that has the matching private key can decrypt it) and uses decrypted premaster key to create secret session key 6. Now both client and server uses secret session key for further communication Secure Socket Layer (SSL): Where SSL fits? SSL runs over TCP:  Confidentiality (Privacy)  Data integrity (Tamper-proofing)  Server authentication (Proving a server is what it claims it is) – Used in typical B2C transaction  Optional client authentication – Would be required in B2B (or Web services environment in which program talks to program) What security is provided?
  13. 13.  By providing:  Endpoint Authentication  Unilateral or Bilateral  Communication Confidentiality  For preventing:  Eavesdropping  Tampering  Message Forgery Eavesdropping Tampering Message Forgery • Encryption • Symmetric-key Cryptography • Message Digest • Cryptographic Hash • Authentication & Digital signature • Public-key Cryptography SSL Architecture: TLS (Transport Layer Security)  TLS uses stronger encryption algorithms and has the ability to work on different ports. Additionally, TLS version 1.0 does not interoperate with SSL version 3.0.  IETF standard RFC 2246 similar to SSLv3
  14. 14.  with minor differences  In record format version number  Uses HMAC for MAC  A pseudo-random function expands secrets  Has additional alert codes  Some changes in supported ciphers  Changes in certificate negotiations  Changes in use of padding Changes from SSL 3.0 to TLS: TLSisthesuccessortechnologytoSSL, whichwasdevelopedbyNetscapein1994. ThefirstpublicreleasewasSSLversion,andwasquicklyfollowedbyversion. TheTLSspecificationwasreleasedin1999inRFC2246,andisonlyaminormodificationofSSL3. Changeshavecomeatamuchslowerpacesincethen,withTLS1.1and1.2largelyconcernedwithsecurity improvements. TLSisstillwidelycalledSSL,especiallyinproductnames,evenifthetermisstrictlyinaccurate. TLSversionsaredesignedtointeractwith androllbacktoearlierprotocolssuchasSSL3. Infact,intheprotocolhandshake,TLS1.0,1.1 and1.2 usetheversionnumbers3.1,3.2and3.3 Oneofthemaindifferencesyou’llseebetweenSSLandTLSversionsarethecryptographicfeatures,inclu dingtheciphers,hashalgorithmsandkeyexchangemechanismstheysupport. Astimeandversionsadvance,supportforweakerfeaturesisdroppedfromtheprotocolandstrongeronesa dded.  Fortezza removed  Additional Alerts added  Modification to hash calculations  Protocol version 3.1 in ClientHello, ServerHello What is TLS?  Protocol layer  Requires reliable transport layer (e.g. TCP)  Supports any application protocols
  15. 15. TLS: Privacy:  Encrypt message so it cannot be read  Use conventional cryptography with shared key  DES, 3DES  RC2, RC4  IDEA TLS: Key Exchange:  Need secure method to exchange secret key  Use public key encryption for this  “key pair” is used - either one can encrypt and then the other can decrypt  slower than conventional cryptography  share one key, keep the other private  Choices are RSA or Diffie-Hellman TLS: Integrity:  Compute fixed-length Message Authentication Code (MAC)  Includes hash of message  Includes a shared secret  Include sequence number  Transmit MAC with message  Receiver creates new MAC  should match transmitted MAC  TLS allows MD5, SHA-1 TLS: Authentication:  Verify identities of participants  Client authentication is optional  Certificate is used to associate identity with public key and other attributes TLS: Architecture:
  16. 16.  TLS defines Record Protocol to transfer application and TLS information  A session is established using a Handshake Protocol TLS: Record Protocol: TLS: Handshake:  Negotiate Cipher-Suite Algorithms  Symmetric cipher to use  Key exchange method  Message digest function  Establish and share master secret  Optionally authenticate server and/or client Handshake Phases:  Hello messages  Certificate and Key Exchange messages  Change Cipher Spec and Finished messages Implementation of SSL/TLS:  SSL and TLS have been widely implemented  Open source software projects ○ OpenSSL, NSS, or GnuTLS  Microsoft Windows
  17. 17. ○ Part of its Secure Channel  Browsers ○ Google Chrome ○ Internet Explorer, etc. Client Side: <? Php//-------------------------------------Message Encryption Start .......................// $plan_text=$_POST['text']; $befor_cipher=$plan_text; $strlen=strlen($plan_text)."<br />"; $abc=array("a","b","c","d","e","f","g","h","i","j","k","l","m","n","o","p","q","r","s", "t","u","v","w","x","y","z"); $count=0; $replace=array(); for($count=0; $count<$strlen; $count++) { foreach($abc as $key=>$value) { if($plan_text[$count]==$value)
  18. 18. { $replace[$count]=$abc[25-$key]; } } } $cipher_text=implode($replace); //.................................................... Message Encrption End .......................... // //........................................ Codding For Connection Start ....................// $host = ""; $port = 25003; //set_time_limit(0); echo "<h1>Message Sent</h1><br />"; echo "Plan Text : ".$befor_cipher; echo "<br />Cipher Text : ".$cipher_text; // create socket $socket = socket_create(AF_INET, SOCK_STREAM, 0) or die("Could not create socketn"); // connect to server $result = socket_connect($socket, $host, $port) or die("Could not connect to servern"); // send string to server socket_write($socket, $cipher_text, strlen($cipher_text)) or die("Could not send data to servern"); // close socket socket_close($socket); // ...........................................Codding for connection End.............................// ?> Server Side:
  19. 19. <?php //.............................................Codding Start.........................// for SERVER Connection // set some variables $host = ""; $port = 25003; // don't timeout! set_time_limit(0); // create socket $socket = socket_create(AF_INET, SOCK_STREAM, 0) or die("Could not create socketn"); // bind socket to port $result = socket_bind($socket, $host, $port) or die("Could not bind to socketn"); // start listening for connections $result = socket_listen($socket, 10) or die("Could not set up socket listenern"); // accept incoming connections // spawn another socket to handle communication $spawn = socket_accept($socket) connectionn"); or die("Could not accept incoming // read client input $cipher_text = socket_read($spawn, 1024) or die("Could not read cipher_textn"); echo "<h1>Message Received</h1><br />"; echo "Cipher text :".$cipher_text."<br />"; // close sockets socket_close($spawn); socket_close($socket); //.............................................Codding End.........................// for SERVER //.................................................Decription Start.........................// Connection
  20. 20. $strlen=strlen($cipher_text)."<br />"; $abc=array("a","b","c","d","e","f","g","h","i","j","k","l","m","n","o","p","q","r","s", "t","u","v","w","x","y","z"); $count=0; $replace=array(); for($count=0; $count<$strlen; $count++) { foreach($abc as $key=>$value) { if($cipher_text[$count]==$value) {$replace[$count]=$abc[25-$key];} } } $plan_text=implode($replace); echo "Plan Text : ".$plan_text; //...............................................Decription Enc.........................// ?> Socket Programming in PHP Introduction Sockets are used for inter process communication. Inter process communication is generally based on client-server model. In this case, client-server is the applications that interact with each other. Interaction between client and server requires a connection. Socket programming is responsible for establishing that connection between applications to interact. By the end of this tip, we will learn how to create a simple client-server in PHP. We will also learn how client application sends message to server and receives it from the same. Using the Code Aim: Develop a client to send a string message to server and server to return reverse of the same message to client.
  21. 21. PHP SERVER Step 1: Set variables such as "host" and "port" $host = ""; $port = 5353; // No Timeout set_time_limit(0); Port number can be any positive integer between 1024 -65535. Step 2: Create Socket $socket = socket_create(AF_INET, SOCK_STREAM, 0) or die("Could not create socketn"); Step 3: Bind the socket to port and host Here the created socket resource is bound to IP address and port number. $result = socket_bind($socket, $host, $port) or die("Could not bind to socketn"); Step 4: Start listening to the socket After getting bound with IP and port server waits for the client to connect. Till then it keeps on waiting. $result = socket_listen($socket, 3) or die("Could not set up socket listenern"); Step 5: Accept incoming connection This function accepts incoming connection request on the created socket. After accepting the connection from client socket, this function returns another socket resource that is actually responsible for communication with the corresponding client socket. Here “$spawn” is that socket resource which is responsible for communication with client socket. $spawn = socket_accept($socket) or die("Could not accept incoming connectionn"); So far, we have prepared our server socket but the script doesn't actually do anything. Keeping to our aforesaid aim, we will read message from client socket and then send back reverse of the received message to the client socket again. Step 6: Read the message from the Client socket $input = socket_read($spawn, 1024) or die("Could not read inputn");
  22. 22. Step 7: Reverse the message $output = strrev($input) . "n"; Step 8: Send message to the client socket socket_write($spawn, $output, strlen ($output)) or die("Could not write outputn"); Close the socket socket_close($spawn); socket_close($socket); This completes with the server. Now we will learn to create PHP client. PHP CLIENT The first two steps are the same as in the server. Step 1: Set variables such as "host" and "port" $host = ""; $port = 5353; // No Timeout set_time_limit(0); Note: Here the port and host should be same as defined in server. Step 2: Create Socket $socket = socket_create(AF_INET, SOCK_STREAM, 0) or die("Could not create socketn"); Step 3: Connect to the server $result = socket_connect($socket, $host, $port) or die("Could not connect toservern"); Here unlike server, client socket is not bound with port and host. Instead it connects to server socket, waiting to accept the connection from client socket. Connection of client socket to server socket is established in this step. Step 4: Write to server socket socket_write($socket, $message, strlen($message)) or die("Could not send data to servern"); In this step, client socket data is sent to the server socket.
  23. 23. Step 5: Read the response from the server $result = socket_read ($socket, 1024) or die("Could not read server responsen"); echo "Reply From Server :".$result; Step 6: Close the socket socket_close($socket); Application of SSL/TLS:  On top of the Transport Layer protocols  Primarily with TCP  Datagram Transport Layer Security(DTLS) for UDP  Encapsulating the application protocols  HTTP (HTTPS)  for securing WWW traffic  FTP (FTPS) SMTP, NNTP, etc. References:  William Stallings, 5th Edition, “Transport-Level Security”, Chapter 16, Pages : 509-543  www.cse.buffalo.edu/DBGROUP/nachi/ecopres/fengmei  http://www.slideshare.net/leethree/ssl-intro