Cryptography and
Cryptography and
Network Security
Network Security
Chapter 17
Chapter 17
Fourth Edition
Fourth Edition
by William Stallings
by William Stallings
Lecture slides by Lawrie Brown
Lecture slides by Lawrie Brown
Chapter 17 – Web Security
Chapter 17 – Web Security
Use your mentality
Use your mentality
Wake up to reality
Wake up to reality
—
—
From the song, "I've Got You under
From the song, "I've Got You under
My Skin“ by Cole Porter
My Skin“ by Cole Porter
Web Security
Web Security
Web now widely used by business,
Web now widely used by business,
government, individuals
government, individuals
but Internet & Web are vulnerable
but Internet & Web are vulnerable
have a variety of threats
have a variety of threats
integrity
integrity
confidentiality
confidentiality
denial of service
denial of service
authentication
authentication
need added security mechanisms
need added security mechanisms
SSL (Secure Socket Layer)
SSL (Secure Socket Layer)
transport layer security service
transport layer security service
originally developed by Netscape
originally developed by Netscape
version 3 designed with public input
version 3 designed with public input
subsequently became Internet standard
subsequently became Internet standard
known as TLS (Transport Layer Security)
known as TLS (Transport Layer Security)
uses TCP to provide a reliable end-to-
uses TCP to provide a reliable end-to-
end service
end service
SSL has two layers of protocols
SSL has two layers of protocols
Where SSL Fits
Where SSL Fits
SSL Architecture
SSL Architecture
SSL Architecture
SSL Architecture
SSL connection
SSL connection
a transient, peer-to-peer, communications link
a transient, peer-to-peer, communications link
associated with 1 SSL session
associated with 1 SSL session
SSL session
SSL session
an association between client & server
an association between client & server
created by the Handshake Protocol
created by the Handshake Protocol
define a set of cryptographic parameters
define a set of cryptographic parameters
may be shared by multiple SSL connections
may be shared by multiple SSL connections
SSL Record Protocol Services
SSL Record Protocol Services
message integrity
message integrity
using a MAC with shared secret key
using a MAC with shared secret key
similar to HMAC but with different padding
similar to HMAC but with different padding
confidentiality
confidentiality
using symmetric encryption with a shared
using symmetric encryption with a shared
secret key defined by Handshake Protocol
secret key defined by Handshake Protocol
AES, IDEA, RC2-40, DES-40, DES, 3DES,
AES, IDEA, RC2-40, DES-40, DES, 3DES,
Fortezza, RC4-40, RC4-128
Fortezza, RC4-40, RC4-128
message is compressed before encryption
message is compressed before encryption
SSL Record Protocol
SSL Record Protocol
Operation
Operation
SSL Change Cipher Spec
SSL Change Cipher Spec
Protocol
Protocol
one of 3 SSL specific protocols which
one of 3 SSL specific protocols which
use the SSL Record protocol
use the SSL Record protocol
a single message
a single message
causes pending state to become
causes pending state to become
current
current
hence updating the cipher suite in use
hence updating the cipher suite in use
SSL Alert Protocol
SSL Alert Protocol
conveys SSL-related alerts to peer entity
conveys SSL-related alerts to peer entity
severity
severity
•
warning or fatal
warning or fatal
specific alert
specific alert
•
fatal: unexpected message, bad record mac,
fatal: unexpected message, bad record mac,
decompression failure, handshake failure, illegal
decompression failure, handshake failure, illegal
parameter
parameter
•
warning: close notify, no certificate, bad certificate,
warning: close notify, no certificate, bad certificate,
unsupported certificate, certificate revoked,
unsupported certificate, certificate revoked,
certificate expired, certificate unknown
certificate expired, certificate unknown
compressed & encrypted like all SSL data
compressed & encrypted like all SSL data
SSL Handshake Protocol
SSL Handshake Protocol
allows server & client to:
allows server & client to:
authenticate each other
authenticate each other
to negotiate encryption & MAC algorithms
to negotiate encryption & MAC algorithms
to negotiate cryptographic keys to be used
to negotiate cryptographic keys to be used
comprises a series of messages in phases
comprises a series of messages in phases
1.
1.
Establish Security Capabilities
Establish Security Capabilities
2.
2.
Server Authentication and Key Exchange
Server Authentication and Key Exchange
3.
3.
Client Authentication and Key Exchange
Client Authentication and Key Exchange
4.
4.
Finish
Finish
SSL Handshake Protocol
SSL Handshake Protocol
TLS (Transport Layer
TLS (Transport Layer
Security)
Security)
IETF standard RFC 2246 similar to SSLv3
IETF standard RFC 2246 similar to SSLv3
with minor differences
with minor differences
in record format version number
in record format version number
uses HMAC for MAC
uses HMAC for MAC
a pseudo-random function expands secrets
a pseudo-random function expands secrets
has additional alert codes
has additional alert codes
some changes in supported ciphers
some changes in supported ciphers
changes in certificate types & negotiations
changes in certificate types & negotiations
changes in crypto computations & padding
changes in crypto computations & padding