Securing TCP connections using SSL Originally developed by Netscape Communications to allow secure access of a browser to a Web server, Secure Sockets Layer (SSL) has become the accepted standard for Web security.1 The first version of SSL was never released because of problems regarding protection of credit card transactions on the Web. In 1994, Netscape created SSLv2, which made it possible to keep credit card numbers confidential and also authenticate the Web server with the use of encryption and digital certificates. In 1995, Netscape strengthened the cryptographic algorithms and resolved many of the security problems in SSLv2 with the release of SSLv3. SSLv3 now supports more security algorithms than SSLv2.

1. SECURING TCP
CONNECTIONS USING SSL
Presented By:
Raushan Mahaseth (2067/BEX/132)
Sagar Mali (2067/BEX/133)
Sanid Prajapati (2067/BEX/134)
Saugat Gautam (2067/BEX/135)

2. INTRODUCTION
• SSL stands for Secure Sockets Layer
• SSL is the standard security technology for establishing
an Encrypted link between a web server and a browser.
• This link ensures that all data passed between the web
servers and the browsers remain Private & Integral.

3. NEED of SSL
• Authentication of server
How does the client know who they are dealing with?
• Information Integrity
How do we know third party has not altered data en route?

4. OBJECTIVES of SSL PROTOCOL
• Data encryption
• Server authentication
• Message integrity
• Optional client authentication for aTCP/IP
connection.

5. Application of SSL in web browser:
An example
Normal HTTP: http://www.bbc.com
Secured HTTP: https://www.facebook.com

6. BRIEF HISTORY
• Netscape developed the SSL protocol in 1994, as a
response to the growing concern over the security on the
Internet.
• SSL was originally developed for the securing web
browser and server communications.

7. SSLVERSIONS
• There are several versions of the SSL protocol defined.
• The latest version ,Transport Layer Security Protocol (TLS) is
based on SSL 3.0
• SSL version 1.0
• SSL version 2.0
• SSL version 3.0
• TLS version 1.0
• TLS version 2.0 with SSL version 3.0 compatibility

8. Positioning of SSL layer in OSI model
Application
TCP
IP
Normal Application
Application
SSL
TCP
IP
Application with SSL
• SSL provides application programming interface (API)
to applications
• C and Java SSL libraries/classes readily available

9. SSL Protocol Stack
Composed ofTwo Layers:
1.Higher Layer
SSL Handshake Protocol
SSL Change Cipher Spec Protocol
SSL Alert Protocol
HTTP
2.Lower Layer
SSL Record Protocol,
TCP
IP

10. SSL Protocol StackTable

11. SSL Sub protocols
Two Sub protocols -
• Handshake Protocol: For establishing secure connection
• Record Protocol: For secure transmission of data

12. HANDSHAKE PROTOCOL
• Allows server & client to:
• authenticate each other
• to negotiate encryption, MAC algorithms and keys
• Comprises a series of messages exchanged in phases:
• Establish Security Capabilities
• Server Authentication and Key Exchange
• Client Authentication and Key Exchange

13. HANDSHAKE PROTOCOL EXPLAINED

15. SSL Record Protocol
• The Record Protocol
1. takes an application message to be transmitted,
2. fragments the data into blocks,
3. compresses the data (optionally),
4. applies a MAC,
5. encrypts,
6. adds a header and
7. transmits the resulting unit.

16. SSL Record Protocol Operation

17. SUMMARY
• SSL protocol developed for secure internet browsing
• Operates in between Application andTransport layer
• Uses two sub protocol
• Handshake protocol
• Record protocol
• Widely applied by various servers and web browsers

18. REFERENCES
• Books:
• Computer Networks, A.S.Tatenbaum (Fourth Edition) PHI
• Computer Networking- A top down approach, J.F. Kurose &
K.W. Ross (Fifth Edition) Pearson
• Websites:
• http://en.wikipedia.org/wiki/Transport_Layer_Security
• http://www.webopedia.com/TERM/S/SSL.html
• https://www.globalsign.eu/ssl-information-center/what-is-ssl.html
• http://www.postgresql.org/docs/9.1/static/ssl-tcp.html
• http://www.digicert.com/ssl.htm

19. THANKYOU
AND
HAPPY
SECURE WEB BROWSING!