05/03/2023

BABA GHULAM SHAH BADSHAH UNIVERSITY

1

AFROZ BGSBU

NAME :- AFROZ HAIDER

ROLL NO:- 08-MCA-2014

TOPIC NAME:-SECURE SOCKET LAYER(SSL)

PRESENTED TO:- DR.SANJAY JAMWAL

COURSE TITLE:- CRYPTOGRAPHY AND NETWORK SECURITY

2

What is SSL?•It is an Internet protocol for secure

exchange of information between a web browser and a web server

•It provides▫Authentication▫Confidentiality

•Developed by Netscape Corporation in 1994

•Currently comes in three versions : 2, 3 and 3.1

3

4

Position of SSL in TCP/IP

Application Layer

Transport Layer

Internet Layer

Data Link Layer

Physical Layer

SSL Layer

5

Data Exchange using TCP/IP layers

X

L5 data

010101010100010101010010

Transmission medium

H4L5 data

H3L4 data

Application

Transport

Internet

Physical

H2L3 data Data Link

Y

L5 data

010101010100010101010010

H4L5 data

H3L4 data

H2L3 data

6

Data Transmission using SSLX

L5 data

010101010100010101010010

Transmission medium

H4L5 data

H3L4 data

Application

Transport

Internet

Physical

L5 data SSLSH

H2L3 data Data Link

Y

L5 data

010101010100010101010010

H4L5 data

H3L4 data

L5 data SH

H2L3 data

7

SSL Architecture

8

SSL sub-protocols

1 • Handshake protocol

2 • Record protocol

3• Change Cipher

protocol4 • Alert protocol

9

The Handshake Protocol

Type Length Content

1 byte 3 bytes 1 or more bytes

Message Format

10

Handshake Protocol Message TypesMessage Type Parameters

Hello request None

Client hello Version, Random number, Session id, Cipher suite, Compression method

Server hello Version, Random number, Session id, Cipher suite, Compression method

Certificate Chain of X.509V3 certificates

Server key exchange Parameters, signature

Certificate request Type, authorities

Server hello done None

Certificate verify Signature

Client key exchange Parameters, signature

Finished Hash value

11

SSL Handshake Phases

1• Establish security capabilities

2• Server authentication and key

exchange

3• Client authentication and key

exchange

4• Finish

12

Phase 1: Establish Security Capabilities

•Used to initiate logical connection and establish security capabilities.

•Consists of two messages▫Client hello▫Server hello

13

Web Browser

Web Server

Step 1: Client hello

Step 2: Server hello

14

Parameters of Client Hello Message• Identifies highest version of SSL that client can

supportVersion

• 32 bit date time field• 28 byte random numberRandom

• Variable length session identifier• Can be zero (new session) or non zero (connection

exists)Session id

• Contains list of cryptographic algorithms supported by the clientCipher suite

• Contains list of compression algorithms supported by the client

Compression method

15

Parameters of Server Hello Message

• Identifies lower of version suggested by client and highest supported by serverVersion

• Same structure as that in client hello• Random value independent of client’s valueRandom

• Uses same value if client sends non zero value• Otherwise creates new session idSession id

• Contains single cipher suite which server selects from the list sent by clientCipher suite

• Contains single compression algorithm which server selects from the list sent by client

Compression method

16

Handshake Protocol- Phase 2

Web Browser

Web ServerStep 2: Server key

exchange

Step 3: Certificate request

Step 4: Server hello done

Step 1: Certificate

17

Server Authentication and key exchange

• Server sends its Digital certificate • Helps the to authenticate

Certificate

• Sent only if the certificate does not contain enough information to complete the key exchange

Server key

exchange

• Sent if the client needs to authenticate itselfCertificate request

• Sent to indicate that the server is finished its part of the key exchange

• after sending this message the server waits for client response

Server hello done

18

Handshake Protocol- Phase 3

Web Browser

Web Server

Step 1: Certificate

Step 2: Client key exchange

Step 3: Certificate verify

19

Client Authentication and key exchange

• will send a certificate message or a no certificate alert

Certificate

• always sent• RSA encrypted pre-master secret

Client key

exchange

• sent only if the client sent a certificate• provides client authentication• contains signed hash of all the previous

handshake messages

Certificate verify

20

Handshake Protocol- Phase 4

Web Browser

Web Server

Step 1: Change cipher specs

Step2 : Finished

Step 3: Change cipher specs

Step 4: Finished

SSL Record Protocol•Provide two services for SSL

connections:Confidentiality: by encrypting

application data.Message Integrity: by computing MAC

over the compressed data.•Can be utilized by some upper-layer

protocols of SSL.

22

SSL Record Protocol≤ 214 bytes

(optional; default: null)

SSL Record Protocol

SSL Record Format23

24

SSL Alert Protocol

IF THE ERROR IS FATAL ,BOTH THE PARTIES IMMEDIATELY CLOSE THE CONNECTION.BOTH THE PARTIES ALSO THE SESSION IDENTIFIERS,SECRET AND KEYS ASSOCAITED WITH THIS CONNECTION BEFORE IT IS TERMOINATED

WHEN EITHER THE CLIENT OR SERVER DETECTS AN ERROR THE DETECTING PARTY SENDS AN ALERT MESSAGE TO THE OTHER PARTY.

SEVERITY 1 BYTE

CAUSE 2 BYTE

ALERT PROTOCOL MESSAGE FORMAT

25

SSL Alert MessagesWarning or fatal

close_notify(0), unexpected_message(10), bad_record_mac(20), decryption_failed(21), record_overflow(22),

decompression_failure(30), handshake_failure(40), bad_certificate(42), unsupported_certificate(43), certificate_revoked(44), certificate_expired(45), certificate_unknown(46), illegal_parameter(47), unknown_ca(48), access_denied(49), decode_error(50), decrypt_error(51), export_restriction(60), protocol_version(70), insufficient_security(71), internal_error(80), user_canceled(90), no_renegotiation(100),

26

SSL Alert Messages

Always fatalunexpected_messagesbad_record_macdecompression_failurehandshake_failureillegal_parameter

27

SSL Alert Messages

Remaining alertsclose_notifyno_certificatebad_certificateunsupported_certificatecertificate_revokedcertificate_expiredcertificate_unknown

28

Authentication of server– How does client know who they are dealing

with?

Information integrity– How do we know third party has not altered

data en route?

Bob’s web siteAlice thinks she is at Bob’s site, but Darth is

spoofing it

Bob’s web siteAddress information

Change so item shipped to Darth

29

SSL VersionThere are several versions of the SSL protocol defined. The latest version, the Transport Layer Security Protocol (TLS), is based on SSL 3.0SSL Version 1.0

SSL Version 2.0

SSL Version 3.0

TLS Version 1.0

TLS Version 1.0 with SSL Version 3.0

30

How it works in Browser: HTTPwww.aiub.edu

31

How it works in Browser: HTTPSwww.gmail.com

32

How it works in Browser: HTTPS without Certification

www.varsityadmission.com

33

How it works in Browser: HTTPS without Certification

34

References

https://www.digicert.com/ssl.htm http://www.webopedia.com/TERM/S/SSL.html http://en.wikipedia.org/wiki/

Transport_Layer_Security

35

Thank You