SSL/TLS: An Introduction - PowerPoint PPT Presentation

About This Presentation
Title:

SSL/TLS: An Introduction

Description:

TLS Overview Problem Problem: Creating applications which can communicate securely over the Internet TLS: Transport Layer Security (SSL) Certificates Related ... – PowerPoint PPT presentation

Number of Views:700
Avg rating:3.0/5.0
Slides: 16
Provided by: Joyc72
Category:

less

Transcript and Presenter's Notes

Title: SSL/TLS: An Introduction


1
SSL/TLS An Introduction
2
TLS Overview
3
Problem
  • Problem Creating applications which can
    communicate securely over the Internet
  • TLS Transport Layer Security (SSL)
  • Certificates
  • Related technology S-HTTP, IPSec, SET, SASL
  • References

4
What is SSL/TLS
  • SSL (Secure Socket Layer) is an encryption
    protocol designed by Netscape,
  • and TLS (Transport Level Security) is the
    successor protocol designed by the IETF.
  • The protocols are designed to fit between the
    TCP/IP layer and the application layer(HTTP,
    SMTP).
  • The most common uses of SSL/TLS are HTTP(web) and
    SMTP(mail), and like PGP, SSL/TLS uses public key
    cryptography.

5
TLS Overview
  • Establish a session
  • Agree on algorithms
  • Perform authentication
  • Share secrets
  • Transfer application data
  • Ensure privacy and integrity

6
What is TLS?
  • Protocol layer
  • Requires reliable transport layer (e.g. TCP)
  • Supports any application protocols

7
Changes from SSL 3.0 to TLS
  • Additional Alerts added
  • Modification to hash calculations
  • Protocol version 3.1 in ClientHello, ServerHello

8
TLS HTTP Application
  • HTTP most common TLS application
  • https//
  • Requires TLS-capable web server
  • Requires TLS-capable web browser
  • Netscape Navigator
  • Internet Explorer
  • Cryptozilla
  • Netscape Mozilla sources with SSLeay

9
TLS Architecture
10
TLS Record Protocol
11
TLS Handshake Protocol
12
TLS Handshake Three Goals
  • Negotiate Cipher-Suite Algorithms
  • Symmetric cipher to use
  • Key exchange method
  • Message digest function
  • Optionally authenticate server and/or client
  • Establish and share master secret

13
Handshake Phases
  • Hello messages
  • Certificate and Key Exchange messages
  • Change CipherSpec and Finished messages

14
TLS Hello
  • Client Hello - initiates session
  • Propose protocol version
  • Propose cipher suite
  • Server chooses protocol and suite
  • Client may request use of cached session
  • Server chooses whether to honor request

15
References
  • http//www.openssl.org/
  • http//www.openssl.org/docs/
  • http//httpd.apache.org/docs-2.0/ssl/
  • Stallings, William Cryptography and Network
    Security Principles and Practice, 2nd Edition,
    Prentice Hall, 1999.
  • Wagner, David, Schneier, Bruce Analysis of the
    SSL 3.0 Protocol lthttp//www.counterpane.com/ssl.
    htmlgt
  • Internet Drafts and RFCs lthttp//www.ietf.org/gt.
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "SSL/TLS: An Introduction" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!