SSL / TLS in ITDS

Arun Vishwanathan

23rd Dec 2003

Agenda

Introduction to SSL/TLS Digital Certificates How SSL works SSL/TLS differences SSL/TLS jargon in ITDS Security in ITDS using SSL/TLS ldapsearch with SSL demystified Pointers and References

Introduction to SSL/TLS

The Problem TCP/IP protocol does not provide any security. Any transactions

have to be made over an insecure network by default. Everything that passes between server and client may be

eavesdropped, altered and modified. The security problems have become the number one obstacle for

expansion of Web.

Introduction cont…

The Solution SSL and TLS can layer on top of any transport protocol, they are

not TCP/IP dependant, and can run under application protocols such as HTTP, FTP and TELNET etc.

Both SSL and TSL provide authentication, confidentiality and integrity. They give protection against message tampering, eavesdropping and spoofing.

We can thus achieve secure communication over an insecure protocol in an application independent way.

SSL/TLS on the Stack

Digital Certificates (Quick Detour)

Digital certificates allow unique identification of an entity; they are, in essence, electronic ID cards issued by trusted parties.

Digital certificates allow a user to verify to whom a certificate is issued as well as the issuer of the certificate.

Digital certificates are the vehicle that SSL uses for public-key cryptography.

A digital certificate serves two purposes: it establishes the owner’s identity, it makes the owner’s public key available.

A digital certificate is issued by a trusted authority—a certificate authority (CA)—and it is issued only for a limited time.

Format of Digital Certificates

The digital certificate contains specific pieces of information about the identity of the certificate owner and about the certificate authority: Owner’s distinguished name. Owner’s public key. Date the digital certificate was issued. Date the digital certificate expires. Issuer’s distinguished name. This is the distinguished name

of the CA. Issuer’s digital signature.

Distinguished Names

A distinguished name is the combination of the owner’s common name and its context (position) in the directory tree.

In the simple directory tree shown in Figure 1, for example, LaurenA is the owner’s common name, and the context is OU=Engnring. O=XYZCorp; therefore, the distinguished name is:

CN=LaurenA. OU=Engnring.O=XYZCorp

Simple Layout of a digital Certificate

How SSL works

SSL is a protocol that provides privacy and integrity between two

communicating applications using TCP/IP.

The data going back and forth between client and server is

encrypted using a symmetric algorithm such as DES or RC4.

A public-key algorithm—usually RSA—is used for the exchange

of the encryption keys and for digital signatures.

The algorithm uses the public key in the server’s digital

certificate.

The four principles of Security

Confidentiality (privacy)

Authentication (who created or sent the data)

Integrity (has not been altered)

Non-repudiation (the order is final)

We will see how SSL achieves all of these !!!

A Simple SSL session

The details (Step 1)

Step 1

Client sends a client “hello”

message with the version of SSL. the cipher suites supported

by the client. the data compression

methods supported by the client.

a 28-byte random number.

Details Cont .. (Step 2)

Step 2The server responds with aserver “hello” message thatcontains the cryptographic method (cipher suite) the data compression method selected by the server the session ID another random number.

Details (Step 3)

Step 3 The server sends its digital

certificate. If the server uses SSL V3,

and if the server application requires a digital certificate for client authentication, the server sends a “digital certificate request” message.

The server sends a server “hello done” message and waits for a client response.

Details Cont… (Step 4)

Step 4 Upon receipt of the server

“hello done” message, the client verifies the validity of the server’s digital certificate and checks that the server’s “hello” parameters are acceptable.

If the server requested a client digital certificate, the client sends a digital certificate, or if no suitable digital certificate is available, the client sends a “no digital certificate” alert.

Details Cont … (Step 5)

Step 5 The client sends a “client key

exchange” message. This message contains the pre-master secret, a

46-byte random number used in the generation of the symmetric encryption keys

the message authentication code (MAC) keys,

This is encrypted with the public key of the server.

Details Cont …. (Step 5 cont)

Step 5 cont… If the client sent a digital

certificate to the server, the client sends a “digital certificate verify” message signed with the client’s private key.

By verifying the signature of this message, the server can explicitly verify the ownership of the client digital certificate.

Details Cont … (Step 6)

Step 6 The client uses a series of

cryptographic operations to convert the pre-master secret into a master secret, from which all key material required for encryption and message authentication is derived.

Then the client sends a “change cipher spec” message to make the server switch to the newly negotiated cipher suite.

Details … (Step 7)

Step 7 The next message sent by

the client (the “finished” message) is the first message encrypted with this cipher method and keys

The server responds with a “change cipher spec” and a “finished” message of its own.

The SSL handshake ends, and encrypted application data can be sent.