1

Understanding Secure Socket Understanding Secure Socket Layer (SSL)Layer (SSL)

AdvisorAdvisor

Prof. TzonelihProf. Tzonelih

HwangHwangPresenterPresenter

Prosanta GopeProsanta Gope

Flash BackFlash Back

22

3

AgendaAgenda

• SSL BasicsSSL Basics• Authentication in SSLAuthentication in SSL

4

SSL UsageSSL Usage

• Authenticate the server to the clientAuthenticate the server to the client

• Allow the client and server to select Allow the client and server to select cryptographic algorithms, or ciphers, cryptographic algorithms, or ciphers, that they both support using that they both support using CipherSuites in Hello messageCipherSuites in Hello message

E.g. SSL_RSA_With_RC4_128_MD5E.g. SSL_RSA_With_RC4_128_MD5

• Optionally authenticate the client to the Optionally authenticate the client to the serverserver

• Use public key encryption techniques to Use public key encryption techniques to generate shared secretgenerate shared secret

• Establish an encrypted SSL connection Establish an encrypted SSL connection

5

Secure Socket LayerSecure Socket LayerSSL is a secure protocol which runs SSL is a secure protocol which runs above TCP/IP and allows users to encrypt above TCP/IP and allows users to encrypt data and authenticate servers/vendors data and authenticate servers/vendors identity securelyidentity securely

Application layer

Transport layerTCP/IP layer

SMTPSFTPSHTTPS

SECURE SOCKET LAYER

6

SSL StackSSL Stack

7

SSL HandshakeSSL Handshake

SSL handshake verifies the server SSL handshake verifies the server and allows client and server to and allows client and server to agree on an encryption set agree on an encryption set before before any data is sent outany data is sent out

8

SSL HandshakeSSL Handshake

Understanding the Concept Understanding the Concept of of

Public Key CertificatePublic Key Certificate

99

Public Key CertificatesPublic Key Certificates

1010

11

SSL HandshakeSSL Handshake

Server

Client

Public key

Private key

Client request

Public key

PreciselyPrecisely1212

13

SSL HandshakeSSL Handshake

SSL version number client supported (v2, v3)

Ciphers supported client (DES, RC2, RC4)

Client Random Number

SSL version number server picked (v2, v3)

Ciphers server picked (DES, RC2, RC4)

Server Random Number

Server

Client

Public key

Private key

Public key

Certificate

14

Verify CertificateVerify Certificate

Checking

Server

Client

Public key

Private key

Client request

Certificate

Certificate

Valid

Public key

Certificate is Good and Valid

Server/vendor has been verified and authenticated

Client has vendor’s public key and Client has vendor’s public key and can now encrypt pre-master to send can now encrypt pre-master to send to server/vendorto server/vendor

15

Verify Server CertificateVerify Server Certificate

16

Not-recognizable Not-recognizable CertificateCertificate

17

SSL Session KeySSL Session Key

Server

Client

Public key

Private key

Public key Pre-Master

Pre-Master

Pre-Master

Session key

Session key

18

Secure Data on Secure Data on NetworkNetwork

Server

Client

Public key

Private key

Session key

Data Session key Data

Data

Data Session key Data

SSL Handshake - SSL Handshake - detailsdetailsClient Server

Generate Challenge

Return Server Certificate

Decrypt pre-master session keyGenerates pre-master session keyEncyrpt: pre-master session key

Verify server certificate

Encrypt random challenge phraseDecrypt and verify challenge phrase

Hello, Challenge

Server Cert

{pre-master session Key}Server's publickey

{Client's Challenge}sessionKey

Server Authentication

SSL Handshake SSL Handshake

Client Server

Decrypt challenge

Decrypt Message Digest

Verify Client certificate andrecompute message digestDone

Calculate message digeston Challenge and Servercertificate

(Challenge phrase)Server private key

[Message Digest ]Client private keyClient Certificate

(Session Identifier)sessionKey

Client Authentication

Generate new challengeRequests Client certificate

21

Client Certificate Client Certificate ((optional)optional)

Client only sends a certificate upon Client only sends a certificate upon the receipt of a certificate requestthe receipt of a certificate request

– Sends after receiving server hello Sends after receiving server hello donedone

– If the client does not have a If the client does not have a suitable certificate, it sends a no suitable certificate, it sends a no certificate alertcertificate alert•Server will respond with a fatal Server will respond with a fatal handshake failure if a client handshake failure if a client certificate is necessarycertificate is necessary

22

Verify Client CertificateVerify Client Certificate

23

SSL ArchitectureSSL Architecture

24

Change Cipher Spec Change Cipher Spec ProtocolProtocol

• The change cipher spec protocol is The change cipher spec protocol is used to change the encryption being used to change the encryption being used by the client and server. It is used by the client and server. It is normally used as part of normally used as part of the handshake process to switch to the handshake process to switch to symmetric key encryption.symmetric key encryption.

• Before the Finished messageBefore the Finished message

25

SSL ArchitectureSSL Architecture

26

Alert LayerAlert Layer

• Explain severity of the message and a Explain severity of the message and a descriptiondescription–fatalfatal

•Immediate terminationImmediate termination•Other connections in session may continueOther connections in session may continue•Session ID invalidated to prevent failed Session ID invalidated to prevent failed session to open new sessionssession to open new sessions

• Alerts are compressed same as other Alerts are compressed same as other datadata

27

SSL ArchitectureSSL Architecture

28

SSL Record Protocol SSL Record Protocol OperationOperation

29

Record LayerRecord Layer

• Compression and decompressionCompression and decompression

• A MAC is applied to each record A MAC is applied to each record using the MAC algorithm defined in using the MAC algorithm defined in the current cipher specthe current cipher spec

• Encryption occurs Encryption occurs afterafter compression compression• May need fragmentationMay need fragmentation

30

Review the SSL Review the SSL HandshakeHandshake

31

SSL HandshakeSSL HandshakeClient hello

Server hello

Present Server Certificate*Request Client Certificate

Server Key Exchange

Client Finish

*Present Client CertificateClient Key Exchange

*Certificate VerifyChange Cipher Spec

Server Finish

Change Cipher Spec

Client

Server

Application Data

For any QueryFor any Query

Please email me:Please email me:

prosanta.nitdgp@gmail.comprosanta.nitdgp@gmail.com

3232

3333

古早密碼學

古典密碼學資安號

Privacy Integrity Authentication

Network Security Services

34

Thanks!