- The final exam for the cryptography course will take place on June 9 from 9:30-11:18 AM. It will cover materials after RSA but students still need to know RSA. The exam allows open books and notes and calculators.
- The course covered symmetric encryption algorithms like AES and DES, public key encryption like RSA, hash functions like SHA-1, message authentication codes, digital signatures, entity authentication, and key agreement protocols.
- SSL (now called TLS) provides a secure and reliable connection over TCP. It uses the SSL/TLS handshake protocol to authenticate parties and establish encryption keys to protect data sent over the TCP connection.
Transport-level and Web Security discusses SSL/TLS and SSH. It provides an overview of how SSL/TLS works to secure HTTP and other TCP/IP protocols. The document describes the TLS protocol stack and how TLS sessions and connections are established. It explains the TLS handshake protocol in detail, including the four phases to establish a secure session and connection. Key topics covered include cipher suites, certificates, and how cryptographic keys are derived. Common attacks on TLS/SSL implementations are also summarized.
This document provides an overview of analyzing the SSL/TLS protocol using formal methods. It describes the SSL/TLS protocol at a high level, including its history, components, and cryptographic concepts. It then outlines the steps that would be taken to formally analyze SSL/TLS, including developing an abstract model of the protocol in the Murphi verification tool based on the description in the SSL/TLS RFC. The document walks through modeling key aspects of the SSL/TLS handshake protocol at an abstract level, such as generating nonces and establishing a shared secret. The goal is to demonstrate the process that would be followed to formally verify security properties of the protocol.
This document provides an overview of analyzing the SSL/TLS protocol using formal methods. It describes the SSL/TLS protocol and its history. It discusses modeling the handshake protocol in the Murphi analysis tool by starting with an informal description from the protocol RFC and gradually building a formal model. The document gives an abbreviated overview of the handshake protocol messages like ClientHello, ServerHello, and ServerKeyExchange. It also discusses modeling cryptography abstractly and rational reconstruction of incrementally building the formal model.
This document provides an overview of analyzing the SSL/TLS protocol using formal methods. It begins with background on SSL/TLS, including its history, uses, and basic design. It then outlines the steps that would be taken to formally analyze SSL/TLS, including creating an abstract model of the protocol in the Murphi verification tool. The document walks through modeling key aspects of the SSL/TLS handshake protocol at an abstract level, such as generating nonces and establishing a shared secret. The goal is to demonstrate the process that would be followed if SSL/TLS were being formally analyzed as a student project.
this is ppt this is ppt this is ppt this is pptghorilemin
This document provides a summary of a case study analyzing the SSL/TLS protocol:
- It describes running the Murphi model checker on an abstract model of the SSL/TLS handshake protocol to check for security properties like secrecy of secrets and consistency of shared secrets.
- The analysis starts from an intuitive simplified model and incrementally adds details from the TLS specification to match the real protocol and find vulnerabilities.
- An intruder model allows an active attacker to intercept, decrypt, and generate new messages using known data. The analysis checks if the intruder can violate the security properties.
Transport-level and Web Security discusses SSL/TLS and SSH. It provides an overview of how SSL/TLS works to secure HTTP and other TCP/IP protocols. The document describes the TLS protocol stack and how TLS sessions and connections are established. It explains the TLS handshake protocol in detail, including the four phases to establish a secure session and connection. Key topics covered include cipher suites, certificates, and how cryptographic keys are derived. Common attacks on TLS/SSL implementations are also summarized.
This document provides an overview of analyzing the SSL/TLS protocol using formal methods. It describes the SSL/TLS protocol at a high level, including its history, components, and cryptographic concepts. It then outlines the steps that would be taken to formally analyze SSL/TLS, including developing an abstract model of the protocol in the Murphi verification tool based on the description in the SSL/TLS RFC. The document walks through modeling key aspects of the SSL/TLS handshake protocol at an abstract level, such as generating nonces and establishing a shared secret. The goal is to demonstrate the process that would be followed to formally verify security properties of the protocol.
This document provides an overview of analyzing the SSL/TLS protocol using formal methods. It describes the SSL/TLS protocol and its history. It discusses modeling the handshake protocol in the Murphi analysis tool by starting with an informal description from the protocol RFC and gradually building a formal model. The document gives an abbreviated overview of the handshake protocol messages like ClientHello, ServerHello, and ServerKeyExchange. It also discusses modeling cryptography abstractly and rational reconstruction of incrementally building the formal model.
This document provides an overview of analyzing the SSL/TLS protocol using formal methods. It begins with background on SSL/TLS, including its history, uses, and basic design. It then outlines the steps that would be taken to formally analyze SSL/TLS, including creating an abstract model of the protocol in the Murphi verification tool. The document walks through modeling key aspects of the SSL/TLS handshake protocol at an abstract level, such as generating nonces and establishing a shared secret. The goal is to demonstrate the process that would be followed if SSL/TLS were being formally analyzed as a student project.
this is ppt this is ppt this is ppt this is pptghorilemin
This document provides a summary of a case study analyzing the SSL/TLS protocol:
- It describes running the Murphi model checker on an abstract model of the SSL/TLS handshake protocol to check for security properties like secrecy of secrets and consistency of shared secrets.
- The analysis starts from an intuitive simplified model and incrementally adds details from the TLS specification to match the real protocol and find vulnerabilities.
- An intruder model allows an active attacker to intercept, decrypt, and generate new messages using known data. The analysis checks if the intruder can violate the security properties.
SSL and TLS provide end-to-end security for applications using TCP. They operate at the transport layer and provide services like data encryption, message integrity, and client/server authentication. The key components are the handshake protocol for negotiating encryption parameters and exchanging keys, the record protocol for fragmenting and encrypting application data, and alert and change cipher spec protocols for signaling errors and key changes. Common algorithms include RSA and Diffie-Hellman for key exchange, RC4, 3DES and AES for encryption, and MD5 or SHA for hashing. Sessions define a connection's cryptographic settings while connections are the actual data streams.
SSL is a secure protocol that runs above TCP/IP and allows users to encrypt data and authenticate server and client identities securely. It uses public key encryption to generate a shared secret and establish an encrypted connection. The SSL handshake process verifies the server's identity and allows the client and server to agree on encryption algorithms before exchanging data. This helps prevent man-in-the-middle attacks by authenticating servers and encrypting the connection.
SSL is a secure protocol that runs above TCP/IP and allows users to encrypt data and authenticate server and client identities securely. It uses public key encryption to generate a shared secret and establish an encrypted connection. The SSL handshake process verifies the server's identity and allows the client and server to agree on encryption algorithms before exchanging data. This helps prevent man-in-the-middle attacks by authenticating servers and encrypting the connection.
This document provides an overview of SSL and TLS, including: how they provide security for web traffic by encrypting communications between a client and server; the handshake protocol used to establish encryption; how certificates are used to authenticate servers; and the differences between SSL and TLS.
SSL and TLS provide secure communication over the internet using encryption. SSL uses public key encryption to establish a secure connection and exchange keys to encrypt data sent between a client and server. It defines sessions which allow parameters like encryption algorithms to be shared for multiple connections. TLS is an updated version of SSL that uses similar record and handshake protocols. SET is an open standard that uses digital certificates and dual signatures to securely conduct credit card transactions over the internet between cardholders, merchants, issuers and payment gateways.
Nate Lawson presents an overview of the TLS/SSL protocol design. He discusses the security goals of privacy, integrity, and authentication. He explains how these goals are achieved using cryptography primitives like symmetric encryption, public key encryption, certificates, message authentication codes, and secure PRNGs. He walks through the TLS handshake protocol in detail and discusses various attacks against SSL/TLS like side channel attacks, similarly-named certificate attacks, and data injection via renegotiation attacks.
TLS/SSL - Study of Secured CommunicationsNitin Ramesh
TLS/SSL - The mechanism enabling to have secured communications between 2 points over network is more important than ever. Here we deep dive into the basics and its relevance in today's world.
- The document discusses SSL (Secure Sockets Layer), which is a standard security technology for establishing an encrypted link between a web server and browser. It provides key details on SSL including its architecture, protocols (SSL Record and Handshake), certificates, encryption, and history/development. SSL uses public/private keys to encrypt data during transmission and provides authentication and security for web applications.
Introduction to the design principles behind SSL. This was a relatively basic talk since the audience was a networking class with no previous security experience. Talk given to Cal Poly networking class on November 29, 2007.
SSL handshake involves the following steps:
1. The client sends a client hello with SSL version, random data, session ID, and cipher details.
2. The server responds with a server hello containing SSL version, random data, session ID, cipher, and certificate. It may also request client authentication.
3. If requested, the client sends its certificate and generates a premaster secret to establish encrypted communication.
SSL uses TCP to provide a secure end-to-end service. It consists of two layers - the SSL record protocol and the SSL handshake protocol. The record protocol provides data encryption and integrity checking, while the handshake protocol allows the server and client to authenticate each other and negotiate encryption parameters for the secure connection.
It is an IETF standardization initiative whose goal is to come out with an Internet standard Version of SSL. The presentation discusses all. Happy Learning. :)
The Secure Sockets Layer (SSL) protocol establishes an encrypted connection between a client and server through authentication and exchange of encryption keys. It uses public key encryption during the handshake to authenticate the server and optionally the client, and to generate a shared secret. This premaster secret is then used to derive the master secret and session keys to encrypt all following communication within the SSL session.
Security is always a top-of-mind issue for WLAN deployments, no matter what business you're in. But it’s an issue that's loaded with acronyms, confusing terminology, and some degree of black-art mystique. This session starts with basic principles of cryptography and gives you a thorough understanding of how Wi-Fi authentication and encryption work to keep your network safe. You’ll also learn about 802.1X authentication, tradeoffs of different EAP methods, why proper client configuration is so important, and why Aruba believes that role-based access control is critical in a modern mobile network.
This document summarizes a seminar that covered Secure Socket Layer (SSL). It discussed SSL's overview, architecture, components, protocols for records, alerts, and handshakes. The record protocol handles fragmentation, compression, message authentication, and encryption. The handshake protocol negotiates security parameters and exchanges keys. SSL supports RSA-based and Diffie-Hellman key exchanges and uses message authentication codes. While SSL provided a major improvement in secure internet communication when it was developed, the document notes there is still room for strengthening protections against traffic analysis and improving the handshake message authentication method.
SSL provides authentication and confidentiality for web communications. It operates at the transport layer, encrypting data between the application and transport layers. The SSL handshake protocol establishes a secure connection in 4 phases: establishing capabilities, server authentication and key exchange, client authentication and key exchange, and finishing. The record protocol then encrypts and integrity checks data sent over the secure connection, while the alert protocol closes the connection if an error is detected.
The Fundamental of Secure Socket Layer (SSL)Vishal Kumar
"The Fundamental of SSL" it is the first part of this Topic in which we covered covers the deep understanding of Secure Socket Layer, its position in the TCP/IP suit, its sub protocols and the working or Handshake Protocol.
Fundamental of Secure Socket Layer (SSl) | Part - 1Vishal Kumar
The document provides an overview of the Secure Socket Layer (SSL) protocol in 3 phases:
1. It explains how SSL works as an additional layer between the application and transport layers in the TCP/IP model to encrypt data in transit.
2. It describes the SSL handshake protocol which involves a series of messages to establish security capabilities, authenticate the server, and exchange encryption keys.
3. It outlines the 4 phases of the handshake protocol: establishing capabilities, server authentication and key exchange, client authentication and key exchange, and finishing the handshake by generating symmetric keys for encryption.
VARIABLE FREQUENCY DRIVE. VFDs are widely used in industrial applications for...PIMR BHOPAL
Variable frequency drive .A Variable Frequency Drive (VFD) is an electronic device used to control the speed and torque of an electric motor by varying the frequency and voltage of its power supply. VFDs are widely used in industrial applications for motor control, providing significant energy savings and precise motor operation.
SSL and TLS provide end-to-end security for applications using TCP. They operate at the transport layer and provide services like data encryption, message integrity, and client/server authentication. The key components are the handshake protocol for negotiating encryption parameters and exchanging keys, the record protocol for fragmenting and encrypting application data, and alert and change cipher spec protocols for signaling errors and key changes. Common algorithms include RSA and Diffie-Hellman for key exchange, RC4, 3DES and AES for encryption, and MD5 or SHA for hashing. Sessions define a connection's cryptographic settings while connections are the actual data streams.
SSL is a secure protocol that runs above TCP/IP and allows users to encrypt data and authenticate server and client identities securely. It uses public key encryption to generate a shared secret and establish an encrypted connection. The SSL handshake process verifies the server's identity and allows the client and server to agree on encryption algorithms before exchanging data. This helps prevent man-in-the-middle attacks by authenticating servers and encrypting the connection.
SSL is a secure protocol that runs above TCP/IP and allows users to encrypt data and authenticate server and client identities securely. It uses public key encryption to generate a shared secret and establish an encrypted connection. The SSL handshake process verifies the server's identity and allows the client and server to agree on encryption algorithms before exchanging data. This helps prevent man-in-the-middle attacks by authenticating servers and encrypting the connection.
This document provides an overview of SSL and TLS, including: how they provide security for web traffic by encrypting communications between a client and server; the handshake protocol used to establish encryption; how certificates are used to authenticate servers; and the differences between SSL and TLS.
SSL and TLS provide secure communication over the internet using encryption. SSL uses public key encryption to establish a secure connection and exchange keys to encrypt data sent between a client and server. It defines sessions which allow parameters like encryption algorithms to be shared for multiple connections. TLS is an updated version of SSL that uses similar record and handshake protocols. SET is an open standard that uses digital certificates and dual signatures to securely conduct credit card transactions over the internet between cardholders, merchants, issuers and payment gateways.
Nate Lawson presents an overview of the TLS/SSL protocol design. He discusses the security goals of privacy, integrity, and authentication. He explains how these goals are achieved using cryptography primitives like symmetric encryption, public key encryption, certificates, message authentication codes, and secure PRNGs. He walks through the TLS handshake protocol in detail and discusses various attacks against SSL/TLS like side channel attacks, similarly-named certificate attacks, and data injection via renegotiation attacks.
TLS/SSL - Study of Secured CommunicationsNitin Ramesh
TLS/SSL - The mechanism enabling to have secured communications between 2 points over network is more important than ever. Here we deep dive into the basics and its relevance in today's world.
- The document discusses SSL (Secure Sockets Layer), which is a standard security technology for establishing an encrypted link between a web server and browser. It provides key details on SSL including its architecture, protocols (SSL Record and Handshake), certificates, encryption, and history/development. SSL uses public/private keys to encrypt data during transmission and provides authentication and security for web applications.
Introduction to the design principles behind SSL. This was a relatively basic talk since the audience was a networking class with no previous security experience. Talk given to Cal Poly networking class on November 29, 2007.
SSL handshake involves the following steps:
1. The client sends a client hello with SSL version, random data, session ID, and cipher details.
2. The server responds with a server hello containing SSL version, random data, session ID, cipher, and certificate. It may also request client authentication.
3. If requested, the client sends its certificate and generates a premaster secret to establish encrypted communication.
SSL uses TCP to provide a secure end-to-end service. It consists of two layers - the SSL record protocol and the SSL handshake protocol. The record protocol provides data encryption and integrity checking, while the handshake protocol allows the server and client to authenticate each other and negotiate encryption parameters for the secure connection.
It is an IETF standardization initiative whose goal is to come out with an Internet standard Version of SSL. The presentation discusses all. Happy Learning. :)
The Secure Sockets Layer (SSL) protocol establishes an encrypted connection between a client and server through authentication and exchange of encryption keys. It uses public key encryption during the handshake to authenticate the server and optionally the client, and to generate a shared secret. This premaster secret is then used to derive the master secret and session keys to encrypt all following communication within the SSL session.
Security is always a top-of-mind issue for WLAN deployments, no matter what business you're in. But it’s an issue that's loaded with acronyms, confusing terminology, and some degree of black-art mystique. This session starts with basic principles of cryptography and gives you a thorough understanding of how Wi-Fi authentication and encryption work to keep your network safe. You’ll also learn about 802.1X authentication, tradeoffs of different EAP methods, why proper client configuration is so important, and why Aruba believes that role-based access control is critical in a modern mobile network.
This document summarizes a seminar that covered Secure Socket Layer (SSL). It discussed SSL's overview, architecture, components, protocols for records, alerts, and handshakes. The record protocol handles fragmentation, compression, message authentication, and encryption. The handshake protocol negotiates security parameters and exchanges keys. SSL supports RSA-based and Diffie-Hellman key exchanges and uses message authentication codes. While SSL provided a major improvement in secure internet communication when it was developed, the document notes there is still room for strengthening protections against traffic analysis and improving the handshake message authentication method.
SSL provides authentication and confidentiality for web communications. It operates at the transport layer, encrypting data between the application and transport layers. The SSL handshake protocol establishes a secure connection in 4 phases: establishing capabilities, server authentication and key exchange, client authentication and key exchange, and finishing. The record protocol then encrypts and integrity checks data sent over the secure connection, while the alert protocol closes the connection if an error is detected.
The Fundamental of Secure Socket Layer (SSL)Vishal Kumar
"The Fundamental of SSL" it is the first part of this Topic in which we covered covers the deep understanding of Secure Socket Layer, its position in the TCP/IP suit, its sub protocols and the working or Handshake Protocol.
Fundamental of Secure Socket Layer (SSl) | Part - 1Vishal Kumar
The document provides an overview of the Secure Socket Layer (SSL) protocol in 3 phases:
1. It explains how SSL works as an additional layer between the application and transport layers in the TCP/IP model to encrypt data in transit.
2. It describes the SSL handshake protocol which involves a series of messages to establish security capabilities, authenticate the server, and exchange encryption keys.
3. It outlines the 4 phases of the handshake protocol: establishing capabilities, server authentication and key exchange, client authentication and key exchange, and finishing the handshake by generating symmetric keys for encryption.
VARIABLE FREQUENCY DRIVE. VFDs are widely used in industrial applications for...PIMR BHOPAL
Variable frequency drive .A Variable Frequency Drive (VFD) is an electronic device used to control the speed and torque of an electric motor by varying the frequency and voltage of its power supply. VFDs are widely used in industrial applications for motor control, providing significant energy savings and precise motor operation.
Mechatronics is a multidisciplinary field that refers to the skill sets needed in the contemporary, advanced automated manufacturing industry. At the intersection of mechanics, electronics, and computing, mechatronics specialists create simpler, smarter systems. Mechatronics is an essential foundation for the expected growth in automation and manufacturing.
Mechatronics deals with robotics, control systems, and electro-mechanical systems.
Supermarket Management System Project Report.pdfKamal Acharya
Supermarket management is a stand-alone J2EE using Eclipse Juno program.
This project contains all the necessary required information about maintaining
the supermarket billing system.
The core idea of this project to minimize the paper work and centralize the
data. Here all the communication is taken in secure manner. That is, in this
application the information will be stored in client itself. For further security the
data base is stored in the back-end oracle and so no intruders can access it.
Prediction of Electrical Energy Efficiency Using Information on Consumer's Ac...PriyankaKilaniya
Energy efficiency has been important since the latter part of the last century. The main object of this survey is to determine the energy efficiency knowledge among consumers. Two separate districts in Bangladesh are selected to conduct the survey on households and showrooms about the energy and seller also. The survey uses the data to find some regression equations from which it is easy to predict energy efficiency knowledge. The data is analyzed and calculated based on five important criteria. The initial target was to find some factors that help predict a person's energy efficiency knowledge. From the survey, it is found that the energy efficiency awareness among the people of our country is very low. Relationships between household energy use behaviors are estimated using a unique dataset of about 40 households and 20 showrooms in Bangladesh's Chapainawabganj and Bagerhat districts. Knowledge of energy consumption and energy efficiency technology options is found to be associated with household use of energy conservation practices. Household characteristics also influence household energy use behavior. Younger household cohorts are more likely to adopt energy-efficient technologies and energy conservation practices and place primary importance on energy saving for environmental reasons. Education also influences attitudes toward energy conservation in Bangladesh. Low-education households indicate they primarily save electricity for the environment while high-education households indicate they are motivated by environmental concerns.
Applications of artificial Intelligence in Mechanical Engineering.pdfAtif Razi
Historically, mechanical engineering has relied heavily on human expertise and empirical methods to solve complex problems. With the introduction of computer-aided design (CAD) and finite element analysis (FEA), the field took its first steps towards digitization. These tools allowed engineers to simulate and analyze mechanical systems with greater accuracy and efficiency. However, the sheer volume of data generated by modern engineering systems and the increasing complexity of these systems have necessitated more advanced analytical tools, paving the way for AI.
AI offers the capability to process vast amounts of data, identify patterns, and make predictions with a level of speed and accuracy unattainable by traditional methods. This has profound implications for mechanical engineering, enabling more efficient design processes, predictive maintenance strategies, and optimized manufacturing operations. AI-driven tools can learn from historical data, adapt to new information, and continuously improve their performance, making them invaluable in tackling the multifaceted challenges of modern mechanical engineering.
Software Engineering and Project Management - Introduction, Modeling Concepts...Prakhyath Rai
Introduction, Modeling Concepts and Class Modeling: What is Object orientation? What is OO development? OO Themes; Evidence for usefulness of OO development; OO modeling history. Modeling
as Design technique: Modeling, abstraction, The Three models. Class Modeling: Object and Class Concept, Link and associations concepts, Generalization and Inheritance, A sample class model, Navigation of class models, and UML diagrams
Building the Analysis Models: Requirement Analysis, Analysis Model Approaches, Data modeling Concepts, Object Oriented Analysis, Scenario-Based Modeling, Flow-Oriented Modeling, class Based Modeling, Creating a Behavioral Model.
Use PyCharm for remote debugging of WSL on a Windo cf5c162d672e4e58b4dde5d797...shadow0702a
This document serves as a comprehensive step-by-step guide on how to effectively use PyCharm for remote debugging of the Windows Subsystem for Linux (WSL) on a local Windows machine. It meticulously outlines several critical steps in the process, starting with the crucial task of enabling permissions, followed by the installation and configuration of WSL.
The guide then proceeds to explain how to set up the SSH service within the WSL environment, an integral part of the process. Alongside this, it also provides detailed instructions on how to modify the inbound rules of the Windows firewall to facilitate the process, ensuring that there are no connectivity issues that could potentially hinder the debugging process.
The document further emphasizes on the importance of checking the connection between the Windows and WSL environments, providing instructions on how to ensure that the connection is optimal and ready for remote debugging.
It also offers an in-depth guide on how to configure the WSL interpreter and files within the PyCharm environment. This is essential for ensuring that the debugging process is set up correctly and that the program can be run effectively within the WSL terminal.
Additionally, the document provides guidance on how to set up breakpoints for debugging, a fundamental aspect of the debugging process which allows the developer to stop the execution of their code at certain points and inspect their program at those stages.
Finally, the document concludes by providing a link to a reference blog. This blog offers additional information and guidance on configuring the remote Python interpreter in PyCharm, providing the reader with a well-rounded understanding of the process.
1. Announcement
• Final exam: Wed, June 9, 9:30-11:18
• Scope: materials after RSA
• (but you need to know RSA)
• Open books, open notes.
• Calculators allowed.
1
4. SSL (Secure Socket Layer)
• TCP: provides a reliable end-to-end service.
• TCP & SSL: provides a reliable & secure
end-to-end service.
• HTTPS: HTTP over SSL (or TLS)
– Typically on port 443 (regular http on port 80)
• SSL originally developed by Netscape
• subsequently became Internet standard
known as TLS (Transport Layer Security)
• SSL has two layers of protocols
6. SSL Record Protocol Services
• SSL Record Protocol provides two services.
• Message integrity
– using a MAC with a shared secret key
– similar to HMAC but with different padding
– hash functions: MD5, SHA-1
• Message confidentiality
– using symmetric encryption with a shared
secret key
– Encryption algorithms: AES, IDEA, RC2-40,
DES-40, DES, 3DES, RC4-40, RC4-128
8.
Similar to HMAC, using MD5 or SHA-1.
HMAC ( ) ( )
The SSL MAC is
MAC_write_secret pa
computed as:
(
(
d_2
MAC_write_sec seq_num
ha
ret pad_
sh hash
has
1
h
hash
SSL MAC
k k opad k ipad
m m
SSLCompression.type
SSLCompression.length
SSLCompression.fragmen ))
t
9. SSL Handshake Protocol
• Allows server & client to:
– authenticate each other
– to negotiate encryption & MAC algorithms and keys
• Comprises a series of messages exchanged in
phases:
1.Establish Security Capabilities (to agree on
encryption, MAC, and key-exchange algorithms)
2.Server Authentication and Key Exchange
3.Client Authentication and Key Exchange
4.Finish
11. client_hello
server_hello
Client Server
client_hello: contains a c
Phase1: Establish Security Capabilities
and
a list of in decreasing order of preference.
server
lient.random
cipher suites
server.rando
_hello: contains a and
a single selected
m
cipher by the s
suit er
e ver.
12. Each indicates a key exchange algorithm,
a cipher algorithm, and a MAC algorithm.
About 30 cipher suites have been defined,
each represente
cip
d by a 2-octet numbe
her suite
r.
Cipher Suite
Users can define their own cipher suites.
Downgrade attack: the adversary removes strong cipher
suites from client_hello.
13. Anonymous Diffie-Hellman
Fixed Diffie-Hellman
Ephemeral Diffie-Hellman
RSA
Server has an RSA encryption key pair
Server has an RSA signature key pair
Es
Key Exchange Algorithms
Pre_Master_Secret (48 bytes)
Master_Secret (48 bytes)
tablish a
Keys
14. server_key _exchange ( , , )
server_hello_done
Client Server
Anonymous Diffie-Hellman
s
p
client_key _exchange ( )
The contains the server's
Diffie
se
-H
rver
ellm
_key_exc
an public key and parameters, ( , ,
hange
).
s
c
p
The client provides its public key in the
client_key_exchange.
A 48-byte pre_master_secret is generated from .
c
cs
15. certificate ( , , )
server_hello_done
Client Server
Fixed Diffie-Hellman
s
p
client_key _exchange ( )
certificat
The contains the server's Diffie-Hellman
public key and parameters ( , , ).
The client p
e
rovid
s
c
p
es its public key in the
client_key_exchange.
A 48-byte pre_master_secret is generated from .
c
cs
16. certificate
serv
Client Server
Ephemeral Diffie-Hellman
er_key _exchange ( , , )
server_hello_done
client_key _exchange ( )
The contains the server's signature
certificate
s
c
p
info.
The server_key_exchange contains the server's
, hashed and signed.
The client provides its public key in the
one-time ( , ,
client_key_exchange.
)
s
c
p
17. certificate ( , )
server_hello_don
Client Server
RSA Key Exchange with an encryption key
n e
e
client_key _exchange
The message contains the server's
encryption ke
certificate
client_key_excha
y info.
The message contains a 48-byte
e
r
ng
p
( , )
encrypted wi
e_master_secret th RSA .
n e
18. certificate ( , )
server_key_
Client Server
RSA Key Exchange with a signature key
n e
exchange ( , )
server_hello_done
client_key _exchange
certificat
The contains the server's RSA-signature info.
The serve
e
r ge
n e
nerates a temporary RSA encryption key
pair, and sends the public key info (hashed and signed) to
the client in the server_key_exchange.
19. Client Authentication
• The server may request a certificate from the
client.
• The client will send a certificate message or a
no_certificate alert.
20.
Both sides compute the master_secret as follows:
master_secret =
'A' pms client.r server.r
'BB' pms client.r server
MD5 SHA
SHA
SH
pms
MD5 pms
MD5 pms) A
.r
'
Computing the Master Secret (48 bytes)
where pms pre_master_secret; and client.r and server.r
are the random num
CCC' pms client.r
bers exchanged
server
in Pha
.
s .
r
e 1
21. An SSL session needs six keys:
Client write MAC secret
Server write MAC secret
Client write key (for encryption)
Server write key
Generation of Cryptographic Parameters
Client write IV (for CBC)
Server write IV
These parameters are generated from the master_secret
in that order as in the next slide.
22.
SHA 'A' ms client.r serv
Continue the following process until enough bits have been
generated:
MD5 ms
MD5 ms
M
er
D5 ms
wher
.r
SHA 'BB' ms client.r server.r
SHA 'CCC' ms client.r server.r
e
ms master_secret; and client.r and server.r
are the random numbers exchanged in Phase 1.
23. change_cipher _spec
finished
change_cipher _spec
Client Server
Phase 4: Finish
finished
The message indicates that the sender
is putting the negotiated Cipher Spec into use.
Th
change_cipher_spec
finis
e mess
hed age contains MD5
SHA(handshake_messages ||
( ) or
SHA(master_secret
Sender master_secret || pad1)
pad2 ||
).
24. SSL Session and Connection
• SSL was designed to work with HTTP 1.0
which tended to open a lot of TCP connections
between the same client and server.
• SSL assumes a session is a relatively long-
lived thing from which many (transient)
connections can be cheaply derived.
• 1 session = 1 or more connections
24
25. SSL Session
• Created by the Handshake Protocol.
• Parameters:
– Session ID
– Compression method
– Cipher spec (encryption and hash algorithm)
– Master secret
– Is resumable
25
26. SSL Connection
• Based on an underlying TCP connection
• Associated with a session
• Parameters:
– Server and client random
– Server and client write MAC secret
– Server and client write secret
– Server and client IV (if CBC is used)
– Sequence number
• Closed by a close_notify from each side 26
27. Session Resumption
• In handshaking, the client_hello contains a
session ID:
– If session ID = 0, start a new session
– If session ID = x (and session x is resumable):
• start a new connection of session x
• (or change parameters of a current connection of
session x)
• Skip key exchange
• Use the session’s master secret to generate keys
27
28. Master secret vs. pre-master secret
• Why?
• Note: even if we use pre_master_secret to
generate keys, each connection will have its
own set of keys.
28
Pre_Master_Secret (48 bytes)
Master_Secret (48 bytes) (session)
Keys (connection)
29. • Pre_master_secret
– computed for each session during handshaking
– could be the same for all sessions
– is not stored (so safe)
• Master_secret
– is stored for the lifetime of the session
– may be compromised
– If compromised, damage limited to a session
• What if pre_master_secret is used to generate
keys?
29