From Event to Action: Accelerate Your Decision Making with Real-Time Automation
CRYPTOGRAPHY AND NETWORK SECURITY- Transport-level Security
1. CRYPTOGRAPHY AND NETWORK
SECURITY- Transport-level
Security
Dr R Jegadeesan Prof-CSE
Jyothishmathi Institute of Technology and
Science, karimnagar
2. SYLLABUS
.
Transport-level Security: Web security considerations, Secure
Socket Layer and Transport Layer Security, HTTPS, Secure Shell
(SSH) Wireless Network Security: Wireless Security, Mobile
Device Security, IEEE 802.11 Wireless LAN, IEEE 802.11i
Wireless LAN Security
3. Transport level Security
Topic Name : Transport level Security
Topic : Introduction to Web security considerations
Aim & Objective : To understand the Web Security considerations secure Socket
layer and Transport layer Security
Application With Example :web security Services
Limitations If Any:
Reference Links :
Cryptography and Network Security: C K Shyamala, N Harini, Dr T R Padmanabhan, Wiley India,
1st Edition.
Cryptography and Network Security : Forouzan Mukhopadhyay, Mc Graw Hill, 3rd Edition
https://en.wikipedia.org/wiki/Cryptography and Network security
https://www.tutorialspoint.com/network_security/network_security_overview.htm
http://www.slideshare.net/leethree/ssl-intro
https://www.minigranth.com
https://www.igi-global.com ›
•Video Link details
•https://www.youtube.com/watch?v=sCuVLyvxM5g
4. Universities & Important Questions :
•Is it possible in SSL for the receiver to recorder SSL record blocks that arrive out of
order? If so, explain how it can be done. If not, why not? Explain the classification
technique?
•Discuss the IEEE 802.11i Wireless LAN Security.
•In SSL and TLS, why is there a separate change cipher spec protocol, rather than
including change cipher spec message in the handshake protocol?
•Explain the IEEE 802.11Wireless LAN.
6. ▪TLS stands for Transport Layer Security. It is an
IETF standardization initiative whose goal is to
come out with an Internet standard Version of SSL.
▪ IETF- Internet Engineering Task Force.
▪There are subtle differences between SSL and
TLS. However, the core idea and implementation
are quite similar.
7. • Transport Layer Security (TLS) is a protocol that
ensures privacy between communicating
applications and their users on the Internet.
• When a server and client communicate, TLS
ensures that no third party may eavesdrop or
tamper with any message. TLS is the successor
to the Secure Sockets Layer (SSL).
• The TLS protocol is based on Netscape's SSL 3.0
protocol; however, TLS and SSL are not
interoperable. The TLS protocol does contain a
mechanism that allows TLS implementation to
back down to SSL 3.0. The most recent browser
versions support TLS.
8. • TLS is composed of two layers: the TLS
Record Protocol and the TLS Handshake
Protocol.
• The TLS Handshake Protocol allows the
server and client to authenticate each other
and to negotiate an encryption algorithm and
cryptographic keys before data is exchanged.
9. TLS HANDSHAKE PROTOCOL
• The Transport Layer Security (TLS) Handshake
Protocol is responsible for the authentication and
key exchange necessary to establish or resume
secure sessions. When establishing a secure
session, the Handshake Protocol manages the
following:
• Cipher suite negotiation.
• Authentication of the server and optionally, the
client.
• Session key information exchange.
10. Cipher Suite Negotiation
The client and server make contact and choose the cipher suite that will be used
throughout their message exchange. (Authentication & Encryption
combination)
Authentication
In TLS, a server proves its identity to the client. The client might also need to
prove its identity to the server. PKI, the use
of public/private key pairs, is the basis of this authentication. The exact method
used for authentication is determined by the cipher suite negotiated.
Key Exchange
The client and server exchange random numbers and a special number called the
Pre-Master Secret. These numbers are combined with additional data
permitting client and server to create their shared secret, called the Master
Secret. The Master Secret is used by client and server to generate the write
MAC secret, which is the session key used for hashing, and the write key,
which is the session key used for encryption
11. The TLS Handshake Protocol involves the following
steps
• The client sends a "Client hello" message to the server, along with the client's random
value and supported cipher suites.
• The server responds by sending a "Server hello" message to the client, along with
theserver's random value. The server sends its certificate to the client for authentication
and may request a certificate from the client. The server sends the "Server hello done"
message.
• If the server has requested a certificate from the client, the client sends it.
• The client creates a random Pre-Master Secret and encrypts it with the public key
from the server's certificate, sending the encrypted Pre-Master Secret to the server.
• The server receives the Pre-Master Secret. The server and client each generate the
Master Secret and session keys based on the Pre-Master Secret.
• The client sends "Change cipher spec" notification to server to indicate that the client
will start using the new session keys for hashing and encrypting messages. Client also
sends "Client finished" message.
• Server receives "Change cipher spec" and switches its record layer security state to
symmetric encryption using the session keys. Server sends "Server finished" message to
the client.
• Client and server can now exchange application data over the secured channel
they have established. All messages sent from client to server and from server to client
are encrypted using session key.
12. • The client sends a "Client hello" message using the Session ID
of the session to be resumed.
• The server checks its session cache for a matching Session
ID. If a match is found, and the server is able to resume the
session, it sends a "Server hello" message with the Session ID.
• Note If a session ID match is not found, the server
generates a new session ID and the TLS client and server
perform a full handshake.
• Client and server must exchange "Change cipher spec"
messages and send "Client finished" and "Server finished"
messages.
• Client and server can now resume application data
exchange
• over the secure channel.
13. TLS RECORD Protocol
• The Transport Layer Security (TLS) Record protocol secures
application data using the keys created during the
Handshake. The Record Protocol is responsible for securing
application data and verifying its integrity and origin. It
manages the following:
1. Dividing outgoing messages into manageable blocks,
andreassembling incoming messages.
2. Compressing outgoing blocks and decompressing incoming
blocks (optional).
3. Applying a Message Authentication Code (MAC) to outgoing
4. messages, and verifying incoming messages using the MAC.
5. Encrypting outgoing messages and decrypting incoming
messages.
14. • When the Record Protocol & Handshake
protocols are completed, the outgoing
encrypted data is passed down to the
Transmission Control Protocol (TCP) layer for
transport.
15. Web Security
• OUT LINE
• Web Security Considerations
• Secure socket layer and Transport layer
security
• Secure Electronic Transaction
16. • Web is now widely used by businesses,
government firms and individuals.
• but Internet & Web space are vulnerable.
have a variety of threats related to
• Integrity : Someone might alter content
• Confidentiality : Anyone can see content
• Denial of service
• Authentication : Not clear who you are
talking with need added security mechanisms
17. SECURE SOCKET LAYER (SSL)
• Secure Sockets Layer (SSL)
• Developed by Netscape Corporation
• Versions 1, 2, and 3 (released in 1996)
• Transport Layer Security (TLS)
• Successor of SSL
• IETF standards track protocol, based on SSL 3.0
• Last updated in RFC 5246 (2008)
19. 19
Where SSL fits?
HTTP SMTP POP3
80 25 110
HTTPS SSMTP SPOP3
443 465 995
Secure Socket Layer
Transport
Network
Data Link
Port
No.
NITTTR,
20. What security is provided?
• By providing:
• Endpoint Authentication
• Unilateral or Bilateral
• Communication Confidentiality
• For preventing:
• Eavesdropping
• Tampering
• Message Forgery
22. • UseEach client-server pair uses
• 2 public keys
• one for client (browser)
created when browser is installed on client machine
• one for server (http server)
created when server is installed on server hardware
• 2 private keys
• one for client browser
• one for server (http server)
23. Uses public key scheme
• 1 Each client-server pair uses
• 2 public keys
• one for client (browser)
• created when browser is installed on client machine
• one for server (http server)
• created when server is installed on server hardware
• 2 private keys
• one for client browser
• one for server (http server
24. Cipher Suite
• Common Cipher Suite algorithms:
• Encryption algorithm
• RC4,Triple DES,AES, IDEA, DES, Camellia
• Message authentication code (MAC) algorithm
• Authentication by RSA, DSA, ECDSA
• Hashing by MD5, SHA
• Key exchange algorithm
• RSA, Diffie-Hellman, ECDH, SRP, PSK
• Pseudorandom function (PRF)
26. SSL Architecture (Contd.)
• SSL session an association between
client & server
• created by the Handshake Protocol
define a set of cryptographic
parameters may be shared by multiple
SSL
• The hybrid mechanism is also known
as interleaved-push-and-pull (IPP)
mechanism.
27. • SSL connection
• a transient, peer-to-peer, communications link
• associated with 1 SSL session
• The Four UpperLayer Protocols
• Application Encryption Protocol
Encrypt/Decrypt application data
• Change Cipher Spec Protocol
Alert to a change in communication variables
• Alert Protocol
Messages important to SSL connections
• Handshaking Protocol
Establish communication variables
28. SSL Record Protocol
• Services provided are :
• Confidentiality
using symmetric encryption with a shared secret key
defined byHandshake Protocol
IDEA, RC2-40, DES-40, DES, 3DES, Fortezza, RC4-40,
RC4-128
message is compressed before encryption
• Message integrity
using a MAC (Message Authentication Code) c
r
e
a
t
e
d
using a shared secret key and a short message
29.
30. Advantages
• The number of server interruptions and
queued requests are significantly reduced.
Disadvantages
• IPP does not eliminate the typical server
problems of too many interruptions and
queued requests.
31. SSL Handshake Protocol
• The most complex part of SSL. allows server &
client to:
• authenticate each other to negotiate encryption &
MAC algorithms to negotiate cryptographic keys to
be used comprises a series of messages in phases
• Establish Security Capabilities
• Server Authentication and Key Exchange
• Client Authentication and Key Exchange
• Finish
NITTTR,
32. 235
• The client(Alice) and server(Bob) must agree on
various
• parameters to establish the connection
• Alice request a secure connections and presents a list of Cipher
Suites
• Bob picks the strongest supported Cipher Suite
• Bob sends back his digital certificate
• Including the certificate authority and his public key
• By encrypting using the server’s public key, Alice send a random
number to Bob securely
• Alice and Bob generate key material from the random number
• Secure connection established
38. 243
S: HTTP Application
HTTP is most common TLS application
https://
Requires TLS-capable web server Requires
TLS-capable web browser
Netscape Navigator
Internet Explorer
Cryptozilla
Netscape Mozilla sources with SSLeay
39. TLS “Alternatives”
244
S-HTTP: secure HTTP protocol,
shttp://
IPSec: secure IP
SET: Secure Electronic Transaction
Protocol and infrastructure for bank
card payments
SASL: Simple Authentication and
Security Layer (RFC 2222)
40. 245
Implementation of SSL/TLS
SSL and TLS have been widely implemented
Open source software projects
OpenSSL, NSS, or GnuTLS
Microsoft Windows
Part of its Secure Channel
Browsers
Apple Safari
Mozilla Firefox (2+)
Internet Explorer, etc.
41. 246
.
Application of SSL/TLS
On top of the Transport Layer protocols
Primarily with TCP
Datagram Transport Layer Security(DTLS) for UDP
Encapsulating the application protocols
HTTP (HTTPS)
for securing WWW traffic
FTP (FTPS), SMTP, NNTP, etc.
43. • The data synchronization refers to maintaining
data consistency among the disseminated or
distributed data between data source and
different computing systems
• Data consistency─ if there is data modification
at the server then that should reflect in the data
with the device within a defined period
• It ensures that the same copy or version of data
is used in all devices - from source to
destination.
45. Contents
• What is Wireless Networking
• What is Wireless Security
• Threats to Wireless Networks
• Parking Lot attack
• Security in WLAN 802.11
• Thoughts on Wireless Security
46. Wireless Networking?
• A wireless network is a computer network that uses wireless data
connections between network nodes.
• It provides the flexibility and freedom that wired networks lack.
• The main standards in the wireless world are:
• 802.11, which describes the Wireless LAN architecture,
• 802.16 which describes the Wireless MAN architecture.
47. Wireless Security ?
Access Point(AP):
• Allows wireless communication device, such
as computers to connect to a wireless
network
Service set Identifier(SSID):
• SSID allows wireless clients to communicate
with an appropriate access point. Only
clients with correct SSID can communicate
with the AP
48. Reasons why wireless networks are more vulnerable to
attacks then a wired network are:
Channel: Involves broadcast communications, which is
far more susceptible to
eavesdropping and jamming than wired networks
Accessibility:Wireless devices, such as sensors and
robots, may be left unattended in remote and/or
hostile locations.
49. THREAT TO WIRELESS NETWORKS
Here the client initiates the synchronization and sends backup to the
server for updating its data.
• Malicious Association:
A wireless device is configured to appear to be a legitimate
access point, and then the operator penetrates the wired network
through a legitimate wireless access point.
• Ad hoc Network:
These are peer-to-peer networks between wireless computers with
no access point between them. Such networks can pose a
security threat due to a lack of a central point ofcontrol.
• Identify theft (MAC Spoofing):
This occurs when an attacker is able to eavesdrop on network
traffic and identify the MAC address of a computer with network
privileges.
50. PARKING LOT ATTACK
• Wireless Signals are intercepted outside an organization,
or even through the floors in multi-storey buildings.
• “Parking lot” signifies that the attacker sit in the
organization's parking lot and try to access internal hosts
via the wireless network.
52. Database Records
• Here the records are indexed to facilitate
search operation by placing the query.
• For example, the contacts in the mobile are
indexed as per the first alphabet of the name.
53. • 802.11 Standard
• 802.11 Authentication
• Wired Equivalent Privacy(WEP)
• WEP Weakness
• 802.1x: EAP over LAN
• 802.11i Standard
54. 802.11 Standard
• The 802.11 IEEE standard was standardized
in 1997.
• It consists of three layers: Physical layer,
MAC (Medium Access Control) layer, and
LLC (Logical Link Control) layer
• The first version of the standard supported
only 2 Mbps bandwidth, which motivated
the developing teams to come up with other
standards to support up to 54Mbps
56. • WEP Weakness
• One of the major reasons behind WEP
weaknesses is its key length.
• WEP has a 40-bit key , which can be broken in
less than five hours using parallel
• This issue urged vendors to update WEP from
using 40-bit to 104-bit key; the new
• WEP does not support mutual authentication.
• CRC (for integrity) lacks the cryptography
feature.
57. 802.1x : EAP Over LAN (EAPOL)
• The 802.1x standard was designed for port
base authentication for 802 networks.
• EAP (Extensible authentication Protocol)
was designed to support multiple
authentication methods over point to point
connections without requiring IP.
• It allows any of the encryption schemes to
be implemented on top of it.
58. • 802.1x framework define
3 ports or entities:
• Supplicant (client want to
be authenticated),
• Authenticator (AP that
connect the supplicant to
the wired network),
• Authentication Server
(performs the
authentication process
from the supplicant
based on their
credentials).
59. 802.11i Standard:
• The 802.11i (released June 2004) security standard is
supposed to be the final solution to wireless security
issue.
• It improves authentication, integrity and data transfer.
• After final release the full specification was named as
WPA2.
• 802.11i enhances 802.11 by providing a Robust Security
Network (RSN) with two new protocols: the four- way
handshake and the group key handshake.
60. Four-way handshake:
• AP – Access Point
• STA – Client Station
• PTK – Pairwise Transient Key 64
Bytes (generated by concatenating
PMK, AP nonce (ANonce), STA
nonce (SNonce), AP MAC address,
and STA MAC address. The product
is then put through a pseudo-random
function.).
• GTK – Group Temporal Key 32
Bytes(used to decrypt multicast and
broadcast message)
• MIC – Message Integrity Code
61. Group Key Handshake
• The Group Temporal Key (GTK) used in the network
may need to be updated due to the expiration of a
preset timer.
• To handle the updating, 802.11i defines a Group Key
Handshake that consists of a two-way handshake:
• The AP sends the new GTK to each STA in the
network.
• The GTK is encrypted using the KEK assigned to that
STA, and protects the data from tampering, by use of a
MIC.
• The STA acknowledges the new GTK and replies to the
AP.
62. • To improve data transfer, 802.11i specifies three protocols:
TKIP, CCMP and WRAP.
• TKIP (Temporal Key Integrity Management) was introduced
as a "band-aid" solution to WEP problems.
• TKIP provides per-packet key mixing, a message
integrity check and a re-keying mechanism.
• TKIP ensures that every data packet is sent with its own
unique encryption key.
63. • WRAP (Wireless Robust Authenticated Protocol) is the
LAN implementation of the AES encryption.
• WRAP has intellectual property issues, where three
parties have filed for its patent. This problem caused
IEEE to replace it with CCMP
• CCMP (Counter with Cipher Block Chaining Message
Authentication Code Protocol) is considered the optimal
solution for secure data transfer under 802.11i.
• CCMP uses AES for encryption.
64. THOUGHTS ON WIRELESS SECURITY:
• WIRELESS SECURITY MEASURES
• We can group wireless security measures into
those dealing with:
• Wireless Transmissions(threats involves
eavesdropping, altering or inserting
messages, and disruption.)
• Wireless Networks
65. SECURING WIRELESS NETWORK:
• Following techniques can be adopted to secure
wireless networks:
• Use encryption. Wireless routers are typically
equipped with built-in encryption
• Use antivirus and antispyware software, and a
firewall.
• Turn off identifier broadcasting.
• Allow only specific computers to access your
wireless network.