View
310
Download
1
Category
Tags:
Preview:
Citation preview
INTERNET SECURITY PROTOCOLTYIT UNIT V
TCP/IP TRANSMISSION CONTROL PROTOCOL/INTERNET PROTOCOL
TCP/IP is a combination of many protocols that facilitates the communication between computer over internet.
TCP/IP protocol suite consist of 5 layers
SECURE SOCKET LAYER(SSL)
The SSL protocol is an internet protocol for secure exchange of information between a web browser and a web server.
It provides two basic security services: authentication and confidentiality
SSL can be conceptually considered as an additional layer in TCP/IP protocol suite. It is located between application and transport layer.
The application layer data is passed to the SSL layer, SSL layer performs encryption on the data received and also add its own encryption information header called as SSL Header to encrypted data
HOW SSL WORKS
SSL has 3 sub protocols Handshake protocol Record protocol Alert protocol
The Handshake protocol is similar to how two people shake hand with each other before they start conversing.
Each handshake message has 3 fields Type(1 byte): one of the 10 possible message
type Length (3 byte): length of message in bytes Content (1 or more bytes): parameters
associated with this message.
SSL HANDSHAKE PROTOCOL PHASES
The handshake protocol is actually made up of 4 phases.1. Establish security capabilities 2. Server authentication and key exchange3. Client authentication and key exchange4. Finish
PHASE 1: ESTABLISH SECURITY CAPABILITIES:
This first phase is used to initiate a logical connection and establish the security capabilities associated with that connection.
It consists of two messages, the “client hello” and the “server hello”
Step 1: Client Hello
Step 2 Server Hello
CLIENT HELLO PARAMETERS:
Version: highest version of SSL that client supports. Random: this field is useful for later actual
communication , it consists of 2 sub fields A 32 bit data-time field that identifies current date and
time of clients computer A 28 bit random number generated by the random
number generator software. Session Id: if this fields contains non-zero value, it
means that there is already a connection. A zero value indicates that client wants to create a new connection.
Cipher Suite: list of cryptographic algorithm supported by client
Compression method: list of compression algorithm supported by the client
SERVER HELLO PARAMETERS
Version: highest version that server supports from the list.
Random: same structure as random field of client. However, the random value generated is depended on clients random value.
Session Id: server creates a new session id and puts it in this field.
Cipher Suite: Contains a single cipher suite, which server selects from the list sent by the client.
Compression method: contains a compression algorithm, which the server selects from the list.
PHASE 2 SERVER AUTHENTICATION AND KEY EXCHANGE
The server initiates this second phase of the SSL This phase contains four steps:
Certificate Server key exchange Certificate request Sever hello done
PHASE 3 CLIENT AUTHENTICATION AND KEY EXCHANGE
The client initiates this third phase of the SSL This phase contains three steps:
Certificate Client key exchange(premaster secret key) Certificate verify
PHASE 4 FINISH
The client initiates this fourth phase of SSL handshake which the server endsFirst 2 messages from client 1. Change cipher specs2. FinishedServer responds3. Change cipher specs,4. Finished
MASTER KEY GENERATION
Client creates 48 byte pre master secret key and encrypts it with servers public key. And sends pre master secret key to the server.Finally the Symmetric keys to be used by the client and the server are generated
THE RECORD PROTOCOL
The record protocol in SSL comes into picture after a successful handshake is completed.
This protocol provides 2 services Confidentiality: achieved using secret key that is
defined by handshake protocol Integrity: the handshake protocol also defines
shared secret Key (MAC)that is used for assuring the message integrity.
SSL RECORD PROTOCOL
1. Fragmentations2. Compression3. Addition of MAC4. Encryption 5. Append header
1. Content type2. Major version3. Minor version4. Compressed length
THE ALERT PROTOCOL
When the server detects an error, the detecting party sends an alert message to other party.
Both the parties close the SSL connection and destroys the session id, secret keys.
Alert message is of 2 bytes 1st byte is error type 2nd byte specifies the reason for actual error.
Recommended