Docstoc

Secure Socket Layer _SSL_ Handshake Protocol Session - Informatik 4

Document Sample
Secure Socket Layer _SSL_ Handshake Protocol Session - Informatik 4 Powered By Docstoc
					                        4 kitamrofnI rüf lhutsrheL                                                                             4 kitamrofnI rüf lhutsrheL
            emetsyS etlietrev dnu noitakinummoK                                                                    emetsyS etlietrev dnu noitakinummoK

                                                                                              Secure Socket Layer (SSL)

                                                                                              SSL, initially developed by Netscape, provides authentication, data integrity, and privacy
                                                                                                between two applications (not complete hosts as in IPSec)
  Chapter 2: Security Techniques Background
                                                                                              • SSL is located on top of TCP/IP and has become a de-facto standard for security-
  Chapter 3: Security on Network and Transport Layer                                            sensitive applications over intranets or the Internet
  • Network Layer: IPSec                                                                      • Most widely used as secure transport layer for HTTP traffic, e.g. e-commerce
                                                         3.2: Transport Layer: SSL/TLS
                                                                                              • Version 3.1 of SSL is known as TLS
  • Transport Layer: SSL/TLS                                  • Secure Socket Layer
                                                                (SSL)                         • Special port numbers are assigned to applications which use SSL, e.g. https = 443,
  Chapter 4: Security on                                                                        telnets = 992
   the Application Layer                                      • Transport Layer Security
                                                                (TLS) Protocol                SSL comprises four mechanisms:
  Chapter 5: Security Concepts for Networks
                                                                                              • SSL Handshake Protocol (authentication, negotiates an encryption algorithm and
                                                                                                cryptographic keys)
                                                                                              • SSL Record Protocol (data encryption and compression)
                                                                                              • SSL Change Cipher Spec (signal the begin of encryption)
                                                                                              • SSL Alert Protocol (reaction to error situations)


SLT/LSS – reyaL tropsnarT :2.3 retpahC                                               1 egaP   SLT/LSS – reyaL tropsnarT :2.3 retpahC                                                                              2 egaP


                        4 kitamrofnI rüf lhutsrheL                                                                             4 kitamrofnI rüf lhutsrheL
            emetsyS etlietrev dnu noitakinummoK                                                                    emetsyS etlietrev dnu noitakinummoK

Handshake Protocol                                                                            Session Establishment
                                                                                                                    client_hello
                                                                                                                                , cipher suite
                                                                                                                                              s, RA
                                                                                                                                                                    Hello message of Alice, including:
       Responsible for “secure session establishment” between two applications.                                                                                     • A set of possible encryption and compression
         Session means:                                                                                                                                               algorithms (start of negotiation)
       • Association between a client and a server                                                                                                                  • A random number RA
       • Can comprise several connections                                                                                                                           Answer message of Bob, including:
                                                                                                                                           , RB
                                                                                                                              cipher suite
       • Definition of encryption and compression algorithms for these connections                             certificate,                                         • Certificate of Bob (authentication, often RSA)
       • Contains a “master secret” for all connections (from which keys for the                                                                                    • Chosen algorithms (end of negotiation, often 3DES)
         connections are generated)                                                                                                                                 • A random number RB
                                                                                              Alice




                                                                                                                                                              Bob
       The handshake protocol has the following tasks:                                                {S}B, hash
                                                                                                                   of K and th
                                                                                                                                                                    Alice chooses a random number S, computes a
                                                                                                                                 e handshak
       1.) Negotiation of an encryption algorithm                                                                                             e message
                                                                                                                                                          s
                                                                                                                                                                      master secret K = f(S, RA, RB) and sends to Bob:
       2.) Mutual authentication                                                                                                                                    • S encrypted with Bob’s public key
       3.) Key exchange                                                                                                                                             • A hash (MD5) of K the messages before to proof
                                                                                                                                                                      knowing K and K corresponds to the handshake
                                                                                                                                          sages
                                                                                                                                 shake mes                          Bob responds with a hash of the messages before,
                                                                                                                      of the hand
                                                                                                       keyed hash
                                                                                                                                                                    encrypted with a key generated from K, RA, and RB

SLT/LSS – reyaL tropsnarT :2.3 retpahC                                               3 egaP   SLT/LSS – reyaL tropsnarT :2.3 retpahC                                                                              4 egaP
                        4 kitamrofnI rüf lhutsrheL                                                                         4 kitamrofnI rüf lhutsrheL
            emetsyS etlietrev dnu noitakinummoK                                                                emetsyS etlietrev dnu noitakinummoK

Session Keys and Change Cipher Spec                                                              Record Protocol
                                                                                                 Responsible for encryption and
K, RA, and RB are used to generate 6 keys:                                                       compression of all messages following
• Two keys for encryption                                                                        the change cipher spec as follows:
• Two keys for integrity                                                                         1. Break down data to be transferred in block
• Two keys as initalization vector                                                                  of fixed length                                                                       …
The two keys are used to treat both communication directions different, e.g. for encryption:     2. Compression
• Alice does encryption with her so-called write key and decryption with her read key
• Bob also has a write and a read key, but his write key is Alice’s read key and vice versa      3. Append a Message Authentication Code
• Same for integrity                                                                                (MAC) computed with the integrity key

At the end of handshake:                                                                         4. Encryption using the encryption key
• Together with the last message, Bob sends a change cipher spec
• Only one byte, signaling that all following messages now are encrypted with the                5.   Add SSL header which contains:
  mechanism/keys from the handshake phase                                                        •    Content Type (e.g. HTTPS)
                                                                                                 •    Protocol Version Number
                                                                                                 •    Length,
SLT/LSS – reyaL tropsnarT :2.3 retpahC                                                  5 egaP   •    Sequence Number
                                                                                                 SLT/LSS – reyaL tropsnarT :2.3 retpahC                                                   6 egaP


                        4 kitamrofnI rüf lhutsrheL                                                                         4 kitamrofnI rüf lhutsrheL
            emetsyS etlietrev dnu noitakinummoK                                                                emetsyS etlietrev dnu noitakinummoK

Alert Protocol                                                                                   Transport Layer Security (TLS)


       Only needed in case of errors – defines error messages and actions to be taken
                                                                                                      TLS in basic version is SSLv3.1 with some additions:
       Level 1: Warning
                                                                                                      • Addition of Kerberos Cipher Suites
       • No special actions defined
                                                                                                      • Upgrading to TLS Within HTTP/1.1 to change to encryption within an existing TCP
       • Maybe displayed to the user                                                                    connection
       Level 2: Fatal                                                                                 • HTTP Over TLS for separating secure and unsecure traffic
       • Connection will be closed                                                                    • Addition of AES
       • No more connections are opened within the current session                                    • Addition of new alert messages
       • Examples are
              unexpected message
              bad record MAC
              decryption/decompression failure
              handshake failure



SLT/LSS – reyaL tropsnarT :2.3 retpahC                                                  7 egaP   SLT/LSS – reyaL tropsnarT :2.3 retpahC                                                   8 egaP
                        4 kitamrofnI rüf lhutsrheL
            emetsyS etlietrev dnu noitakinummoK

Comparison IPSec and SSL

                           IPSec                                               SSL

     Network Layer                                     Transport Layer

     Implemented transparently for the user
                                                       Interaction with the user (e.g. acceptance of
                                                       certificates)
     Can be automated


     Central management                                Management by application or user


     Independent of certain mechanisms (encryption, compression, hash...)




    Conclusion: it is impossible to state that one mechanism is better than the other – they
    are thought for different scenarios
    → Variety of security mechanisms necessary in the Internet!


SLT/LSS – reyaL tropsnarT :2.3 retpahC                                                                 9 egaP

				
DOCUMENT INFO
Shared By:
Categories:
Tags:
Stats:
views:3
posted:9/4/2012
language:Unknown
pages:3