1 lecture 5 topics digital signature (signed hashed value) digital certificate user authentication...
TRANSCRIPT
![Page 1: 1 Lecture 5 Topics Digital Signature (Signed Hashed value) Digital Certificate User Authentication Mechanisms Secure Socket Layer (SSL) GSM Security](https://reader035.vdocument.in/reader035/viewer/2022062421/56649ca45503460f949653f5/html5/thumbnails/1.jpg)
1Lecture 5
Topics
• Digital Signature (Signed Hashed value)
• Digital Certificate
• User Authentication Mechanisms
• Secure Socket Layer (SSL)
• GSM Security
![Page 2: 1 Lecture 5 Topics Digital Signature (Signed Hashed value) Digital Certificate User Authentication Mechanisms Secure Socket Layer (SSL) GSM Security](https://reader035.vdocument.in/reader035/viewer/2022062421/56649ca45503460f949653f5/html5/thumbnails/2.jpg)
2Lecture 5
Digital Signature
• Speed and practice consideration
• Sign on Hashed value of the message
![Page 3: 1 Lecture 5 Topics Digital Signature (Signed Hashed value) Digital Certificate User Authentication Mechanisms Secure Socket Layer (SSL) GSM Security](https://reader035.vdocument.in/reader035/viewer/2022062421/56649ca45503460f949653f5/html5/thumbnails/3.jpg)
3Lecture 5
How can public key been seen
• Store a list of trusted public keys in your storage.
• Public key signed by a authorized unit. (digital Certificate)
![Page 4: 1 Lecture 5 Topics Digital Signature (Signed Hashed value) Digital Certificate User Authentication Mechanisms Secure Socket Layer (SSL) GSM Security](https://reader035.vdocument.in/reader035/viewer/2022062421/56649ca45503460f949653f5/html5/thumbnails/4.jpg)
4Lecture 5
Digital Certificate
• Digital version of a paper-based passport
• Identifies a person/organization uniquely on the Internet
• Binds a user with its public key
![Page 5: 1 Lecture 5 Topics Digital Signature (Signed Hashed value) Digital Certificate User Authentication Mechanisms Secure Socket Layer (SSL) GSM Security](https://reader035.vdocument.in/reader035/viewer/2022062421/56649ca45503460f949653f5/html5/thumbnails/5.jpg)
5Lecture 5
Digital Certificate Concept
Fig 5.1
Digital Certificate
“I officially approve the relation between
the holder of this certificate (the user) and this particular
public key.
![Page 6: 1 Lecture 5 Topics Digital Signature (Signed Hashed value) Digital Certificate User Authentication Mechanisms Secure Socket Layer (SSL) GSM Security](https://reader035.vdocument.in/reader035/viewer/2022062421/56649ca45503460f949653f5/html5/thumbnails/6.jpg)
6Lecture 5
Digital Certificate Contents
• Main contents are the subject name (user), validity and public key
• Signed by a Certification Authority (CA)
• Provides guarantees about a user’s identity
![Page 7: 1 Lecture 5 Topics Digital Signature (Signed Hashed value) Digital Certificate User Authentication Mechanisms Secure Socket Layer (SSL) GSM Security](https://reader035.vdocument.in/reader035/viewer/2022062421/56649ca45503460f949653f5/html5/thumbnails/7.jpg)
7Lecture 5
Digital Certificate Example
Fig 5.2
Digital Certificate
Subject Name: Atul KahatePublic Key: <Atul’s key>Serial Number: 1029101Other data: Email - [email protected] From: 1 Jan 2001Valid To: 31 Dec 2004Issuer Name: VeriSign
…
![Page 8: 1 Lecture 5 Topics Digital Signature (Signed Hashed value) Digital Certificate User Authentication Mechanisms Secure Socket Layer (SSL) GSM Security](https://reader035.vdocument.in/reader035/viewer/2022062421/56649ca45503460f949653f5/html5/thumbnails/8.jpg)
8Lecture 5
Similarities between a Passport and a Digital Certificate
Fig 5.3
Passport entry Corresponding digital certificate entry
Full name Subject name
Passport number Serial number
Valid from Same
Valid to Same
Issued by Issuer name
Photograph and signature Public key
![Page 9: 1 Lecture 5 Topics Digital Signature (Signed Hashed value) Digital Certificate User Authentication Mechanisms Secure Socket Layer (SSL) GSM Security](https://reader035.vdocument.in/reader035/viewer/2022062421/56649ca45503460f949653f5/html5/thumbnails/9.jpg)
9Lecture 5
Digital Certificate ContentsVersion
Certificate Serial Number
Signature Algorithm Identifier
Issuer Name
Validity (Not Before / Not After)
Subject Name
Subject Public Key Information
Issuer Unique Identifier
Subject Unique Identifier
Extensions
Certification Authority’s Digital Signature
![Page 10: 1 Lecture 5 Topics Digital Signature (Signed Hashed value) Digital Certificate User Authentication Mechanisms Secure Socket Layer (SSL) GSM Security](https://reader035.vdocument.in/reader035/viewer/2022062421/56649ca45503460f949653f5/html5/thumbnails/10.jpg)
10Lecture 5
Digital Certificate ContentsField Description
Version Identifies a particular version of the X.509 protocol, which is used for this digital certificate. Currently, this field can contain 1, 2 or 3.
Certificate Serial Number Contains a unique integer number, which is generated by the CA.
Signature Algorithm Identifier
Identifies the algorithm used by the CA to sign this certificate. (We shall examine this later).
Issuer Name Identifies the Distinguished Name (DN) of the CA that created and signed this certificate.
Validity (Not Before/Not After)
Contains two date-time values (Not Before and Not After), which specify the timeframe within which the certificate should be considered as valid. These values generally specify the date and time up to seconds or milliseconds.
Subject Name Identifies the Distinguished Name (DN) of the end entity (i.e. the user or the organization) to whom this certificate refers. This field must contain an entry unless an alternative name is defined in Version 3 extensions.
Subject Public Key Information
Contains the subject’s public key and algorithms related to that key. This field can never be blank.
![Page 11: 1 Lecture 5 Topics Digital Signature (Signed Hashed value) Digital Certificate User Authentication Mechanisms Secure Socket Layer (SSL) GSM Security](https://reader035.vdocument.in/reader035/viewer/2022062421/56649ca45503460f949653f5/html5/thumbnails/11.jpg)
11Lecture 5
CA Hierarchy
• There can be multiple level CAs
• Useful for delegation of work
• Each higher level CA vouches for its subordinate CA
![Page 12: 1 Lecture 5 Topics Digital Signature (Signed Hashed value) Digital Certificate User Authentication Mechanisms Secure Socket Layer (SSL) GSM Security](https://reader035.vdocument.in/reader035/viewer/2022062421/56649ca45503460f949653f5/html5/thumbnails/12.jpg)
12Lecture 5
CA Hierarchy
Fig 5.20
Root CA
Second Level CA Second Level CA Second Level CA
Third Level CA Third Level CA Third Level CAThird Level CA…
… …
![Page 13: 1 Lecture 5 Topics Digital Signature (Signed Hashed value) Digital Certificate User Authentication Mechanisms Secure Socket Layer (SSL) GSM Security](https://reader035.vdocument.in/reader035/viewer/2022062421/56649ca45503460f949653f5/html5/thumbnails/13.jpg)
13Lecture 5
Same Root CA
Fig 5.21
Root CA
Second Level CA (A1)
Second Level CA (A2)
Second Level CA (A3)
Third Level CA(B1)
Third Level CA(B2)
Third Level CA(B11)
Third Level CA(B10)
…
Alice … Bob…
![Page 14: 1 Lecture 5 Topics Digital Signature (Signed Hashed value) Digital Certificate User Authentication Mechanisms Secure Socket Layer (SSL) GSM Security](https://reader035.vdocument.in/reader035/viewer/2022062421/56649ca45503460f949653f5/html5/thumbnails/14.jpg)
14Lecture 5
How to Verify Root CA?
Fig 5.22
Digital Certificate
…Issuer Name: B11
Subject Name: Bob…
Digital Certificate
…Issuer Name: A3
Subject Name: B11…
Digital Certificate
…Issuer Name: RootSubject Name: A3
…
Digital Certificate
…Issuer Name: ???
Subject Name: Root…
![Page 15: 1 Lecture 5 Topics Digital Signature (Signed Hashed value) Digital Certificate User Authentication Mechanisms Secure Socket Layer (SSL) GSM Security](https://reader035.vdocument.in/reader035/viewer/2022062421/56649ca45503460f949653f5/html5/thumbnails/15.jpg)
15Lecture 5
Self-signed Certificate
Fig 5.23
Digital Certificate
…Issuer Name: Root
Subject Name: Root…
![Page 16: 1 Lecture 5 Topics Digital Signature (Signed Hashed value) Digital Certificate User Authentication Mechanisms Secure Socket Layer (SSL) GSM Security](https://reader035.vdocument.in/reader035/viewer/2022062421/56649ca45503460f949653f5/html5/thumbnails/16.jpg)
16Lecture 5
Cross-Certification
• In some cases, even root CAs can be different
• In such cases, they certify each other
• Creates a cross level trust
![Page 17: 1 Lecture 5 Topics Digital Signature (Signed Hashed value) Digital Certificate User Authentication Mechanisms Secure Socket Layer (SSL) GSM Security](https://reader035.vdocument.in/reader035/viewer/2022062421/56649ca45503460f949653f5/html5/thumbnails/17.jpg)
17Lecture 5
Cross-Certification of CAs
Fig 5.25
Root CA of Japan
Second Level CA (A1)
Second Level CA (P1)
Third Level CA(B1)
Third Level CA(B2)
Third Level CA(Q2)
Third Level CA(Q1)
Alice … Bob…
Root CA of the US
Cross-certified
![Page 18: 1 Lecture 5 Topics Digital Signature (Signed Hashed value) Digital Certificate User Authentication Mechanisms Secure Socket Layer (SSL) GSM Security](https://reader035.vdocument.in/reader035/viewer/2022062421/56649ca45503460f949653f5/html5/thumbnails/18.jpg)
18Lecture 5
Validity of a Certificate
• It is necessary to check the validity of a certificate before it is used
• Two chief mechanisms:– Online Checks– Offline Checks
![Page 19: 1 Lecture 5 Topics Digital Signature (Signed Hashed value) Digital Certificate User Authentication Mechanisms Secure Socket Layer (SSL) GSM Security](https://reader035.vdocument.in/reader035/viewer/2022062421/56649ca45503460f949653f5/html5/thumbnails/19.jpg)
19Lecture 5
Authentication
• Who is who?
• Identifies a user or a resource
• Establishes trust before communication can take place
![Page 20: 1 Lecture 5 Topics Digital Signature (Signed Hashed value) Digital Certificate User Authentication Mechanisms Secure Socket Layer (SSL) GSM Security](https://reader035.vdocument.in/reader035/viewer/2022062421/56649ca45503460f949653f5/html5/thumbnails/20.jpg)
20Lecture 5
Authentication Mechanisms
• Passwords
• Message digests of passwords
• Authentication Tokens
• Certificate-based Authentication
• Biometrics
![Page 21: 1 Lecture 5 Topics Digital Signature (Signed Hashed value) Digital Certificate User Authentication Mechanisms Secure Socket Layer (SSL) GSM Security](https://reader035.vdocument.in/reader035/viewer/2022062421/56649ca45503460f949653f5/html5/thumbnails/21.jpg)
21Lecture 5
Password Authentication
Alic
e
BobID: Alice, password: fiddle
Problems:
1. Password is clear text
2. How server Bob store users’ password
Id PasswordAlice fiddleAmay wang1123Atul hor{9mn}
![Page 22: 1 Lecture 5 Topics Digital Signature (Signed Hashed value) Digital Certificate User Authentication Mechanisms Secure Socket Layer (SSL) GSM Security](https://reader035.vdocument.in/reader035/viewer/2022062421/56649ca45503460f949653f5/html5/thumbnails/22.jpg)
22Lecture 5
Message Digests of PasswordsA
lice
BobID: Alice, passwd:Hash( fiddle}
Problems:
1. Replay attacks
Id Hash(Pass)Alice pp*;;Amay werr[};Atul fghppo{
![Page 23: 1 Lecture 5 Topics Digital Signature (Signed Hashed value) Digital Certificate User Authentication Mechanisms Secure Socket Layer (SSL) GSM Security](https://reader035.vdocument.in/reader035/viewer/2022062421/56649ca45503460f949653f5/html5/thumbnails/23.jpg)
23Lecture 5
Solve the replay attack problem
• Create a secure channel when communicating.
• Challenge/response between User and Server
Alic
e
BobID: Alice, passwd:Hash( fiddle}
Secure channel
Alic
e
Bob
I’m Alice
R signed with Alice’s private key
R
![Page 24: 1 Lecture 5 Topics Digital Signature (Signed Hashed value) Digital Certificate User Authentication Mechanisms Secure Socket Layer (SSL) GSM Security](https://reader035.vdocument.in/reader035/viewer/2022062421/56649ca45503460f949653f5/html5/thumbnails/24.jpg)
24Lecture 5
Message Digests of Passwords
• Original clear text password is never stored/transmitted
• Message digest of password is stored in the database, and the same is used for authentication
• Problems: replay attacks
![Page 25: 1 Lecture 5 Topics Digital Signature (Signed Hashed value) Digital Certificate User Authentication Mechanisms Secure Socket Layer (SSL) GSM Security](https://reader035.vdocument.in/reader035/viewer/2022062421/56649ca45503460f949653f5/html5/thumbnails/25.jpg)
25Lecture 5
Message Digests of Passwords
Fig 7.7
tigernewroadapril…
Message digest algorithm
Message digests of passwords
Passwords
G%6$1
Vt^80+1+{:>9mn
Step 1: Calculate the message digests of the passwords on the server-side.
Step 2: Store the user ids and message digests of the passwords in the user database.
Id PasswordJyoti G%6$1Amar Vt^80+1Atul +{:>9mn
User database
Server User creation program
![Page 26: 1 Lecture 5 Topics Digital Signature (Signed Hashed value) Digital Certificate User Authentication Mechanisms Secure Socket Layer (SSL) GSM Security](https://reader035.vdocument.in/reader035/viewer/2022062421/56649ca45503460f949653f5/html5/thumbnails/26.jpg)
26Lecture 5
Authentication Tokens
• Token and server are synchronized initially
• Token generates fresh passwords periodically
• Same passwords are generated at the server
![Page 27: 1 Lecture 5 Topics Digital Signature (Signed Hashed value) Digital Certificate User Authentication Mechanisms Secure Socket Layer (SSL) GSM Security](https://reader035.vdocument.in/reader035/viewer/2022062421/56649ca45503460f949653f5/html5/thumbnails/27.jpg)
27Lecture 5
Authentication Token Concept
Id SeedAlice 1123456Amar 415901617Atul 615019191
Id = atulpassWd = 615019191
passWd = 615019191Seed
Seed: 1123456
Alic
e
Bob
![Page 28: 1 Lecture 5 Topics Digital Signature (Signed Hashed value) Digital Certificate User Authentication Mechanisms Secure Socket Layer (SSL) GSM Security](https://reader035.vdocument.in/reader035/viewer/2022062421/56649ca45503460f949653f5/html5/thumbnails/28.jpg)
28Lecture 5
Certificate-based Authentication
• User’s certificate details need to be stored on the server-side
• CA distributes the certificates to the users also
• Validation between the two takes place at the time of authentication
![Page 29: 1 Lecture 5 Topics Digital Signature (Signed Hashed value) Digital Certificate User Authentication Mechanisms Secure Socket Layer (SSL) GSM Security](https://reader035.vdocument.in/reader035/viewer/2022062421/56649ca45503460f949653f5/html5/thumbnails/29.jpg)
29Lecture 5
Digital Certificate Storage
Certificate
Certificate Server
Id Public Key Validity…Jyoti1 59010191 June 2003Amar 415901617 May 2002Atul 615019191 July 2003
User databaseCertification Authority
(CA)
Certificate Certificate
To respective users
![Page 30: 1 Lecture 5 Topics Digital Signature (Signed Hashed value) Digital Certificate User Authentication Mechanisms Secure Socket Layer (SSL) GSM Security](https://reader035.vdocument.in/reader035/viewer/2022062421/56649ca45503460f949653f5/html5/thumbnails/30.jpg)
30Lecture 5
Certificate-based Authentication
Server
8102811291012
ServerLogin request
Id = atulSign = 90184112124832
Step 1: User’s computer encrypts the random challenge with the user’s private key to produce the digital signature.
Step 2: User’s computer sends the digital signature to the server as a part of the login request.
90184112124832
Original random challenge
User’s digital signature
Private key file
Encrypt
![Page 31: 1 Lecture 5 Topics Digital Signature (Signed Hashed value) Digital Certificate User Authentication Mechanisms Secure Socket Layer (SSL) GSM Security](https://reader035.vdocument.in/reader035/viewer/2022062421/56649ca45503460f949653f5/html5/thumbnails/31.jpg)
31Lecture 5
Smart Card Issues and SolutionsProblem/Issue Emerging solution
Smart card readers are not yet a part of a desktop computer, unlike a hard disk drive or a floppy disk drive
The new versions of computers and mobile devices are expected to come with smart card readers out of the box.
Non-availability of smart card reader driver software
Microsoft has made the PC/SC smart card framework an integral part of the Windows 2000 operating system. Most smart card reader manufacturers ship the PC/SC compliant reader drivers, making the process of adding a reader hardware to the computer a plug-and-play operation.
Non availability of smart card aware cryptographic services software
Smart-card aware software such as Microsoft Crypto API (MS-CAPI) comes free with Internet Explorer.
Cost of smart cards and card readers is high
This is reducing now. Smart cards are available for about $5, and the card readers for about $20.
![Page 32: 1 Lecture 5 Topics Digital Signature (Signed Hashed value) Digital Certificate User Authentication Mechanisms Secure Socket Layer (SSL) GSM Security](https://reader035.vdocument.in/reader035/viewer/2022062421/56649ca45503460f949653f5/html5/thumbnails/32.jpg)
32Lecture 5
Authentication in Wireless Communication
• 802.11i
• GSM (Global System for Mobible Communications)
• DECT (Digital Eurpean Cordless Telephone)
![Page 33: 1 Lecture 5 Topics Digital Signature (Signed Hashed value) Digital Certificate User Authentication Mechanisms Secure Socket Layer (SSL) GSM Security](https://reader035.vdocument.in/reader035/viewer/2022062421/56649ca45503460f949653f5/html5/thumbnails/33.jpg)
33Lecture 5
GSM
• Handset with SIM card , HLR(Home Location Register), VLR(Visitor Location Register)
• Handset HLR has IMSI (International Mobile Subscriber Identity) and Ki (an Authentication Key)
• Three functions are used: A3, A5,A8 :– A3 and A8 are one way function like hash but much
simpler, – A5 is the one key encrypted/decrypted function like
RC4,
![Page 34: 1 Lecture 5 Topics Digital Signature (Signed Hashed value) Digital Certificate User Authentication Mechanisms Secure Socket Layer (SSL) GSM Security](https://reader035.vdocument.in/reader035/viewer/2022062421/56649ca45503460f949653f5/html5/thumbnails/34.jpg)
34Lecture 5
Handset VLR HLRIMSI
IMSI
IMSI, RAND, Kc, SRES
RAND
SRES
A5Kc(TMSI)
Kc=A8(Ki//RAND)SRES=A3(Ki//RAND)
ACK
![Page 35: 1 Lecture 5 Topics Digital Signature (Signed Hashed value) Digital Certificate User Authentication Mechanisms Secure Socket Layer (SSL) GSM Security](https://reader035.vdocument.in/reader035/viewer/2022062421/56649ca45503460f949653f5/html5/thumbnails/35.jpg)
35Lecture 5
Secure Socket Layer (SSL)
• World’s most widely used security mechanism on the Internet
• Secures communication between a client and a server
• Located between the Application and Transport Layers of TCP/IP protocol suite
![Page 36: 1 Lecture 5 Topics Digital Signature (Signed Hashed value) Digital Certificate User Authentication Mechanisms Secure Socket Layer (SSL) GSM Security](https://reader035.vdocument.in/reader035/viewer/2022062421/56649ca45503460f949653f5/html5/thumbnails/36.jpg)
36Lecture 5
Position of SSL in TCP/IP
Fig 6.9
Application Layer
Transport Layer
Internet Layer
Data Link Layer
Physical Layer
SSL Layer
![Page 37: 1 Lecture 5 Topics Digital Signature (Signed Hashed value) Digital Certificate User Authentication Mechanisms Secure Socket Layer (SSL) GSM Security](https://reader035.vdocument.in/reader035/viewer/2022062421/56649ca45503460f949653f5/html5/thumbnails/37.jpg)
37Lecture 5
Data Exchange including SSL
Fig 6.10
X
LA data
010101010100010101010010
Transmission medium
H4Performed LA data+SH
H3Performed LA data+SH+H4
Application
Transport
Internet
Physical
Performed
LA data
SSLSH
H2Performed LA data+SH+H4+H3 Data Link
Y
L5 data
010101010100010101010010
H4Performed LA data+SH
H3Performed LA data+SH+H4
Performed
LA data SH
H2Performed LA data+SH+H4+H3
![Page 38: 1 Lecture 5 Topics Digital Signature (Signed Hashed value) Digital Certificate User Authentication Mechanisms Secure Socket Layer (SSL) GSM Security](https://reader035.vdocument.in/reader035/viewer/2022062421/56649ca45503460f949653f5/html5/thumbnails/38.jpg)
38Lecture 5
SSL Sub-Protocols
• Handshake Protocol
• Record Protocol
• Alert Protocol
![Page 39: 1 Lecture 5 Topics Digital Signature (Signed Hashed value) Digital Certificate User Authentication Mechanisms Secure Socket Layer (SSL) GSM Security](https://reader035.vdocument.in/reader035/viewer/2022062421/56649ca45503460f949653f5/html5/thumbnails/39.jpg)
39Lecture 5
SSL Handshake Message Format
Fig 6.11
Type Length Content
1 byte 3 bytes 1 or more bytes
![Page 40: 1 Lecture 5 Topics Digital Signature (Signed Hashed value) Digital Certificate User Authentication Mechanisms Secure Socket Layer (SSL) GSM Security](https://reader035.vdocument.in/reader035/viewer/2022062421/56649ca45503460f949653f5/html5/thumbnails/40.jpg)
40Lecture 5
SSL Handshake MessagesMessage Type Parameters
Hello request None
Client hello Version, Random number, Session id, Cipher suite, Compression method
Server hello Version, Random number, Session id, Cipher suite, Compression method
Certificate Chain of X.509V3 certificates
Server key exchange Parameters, signature
Certificate request Type, authorities
Server hello done None
Certificate verify Signature
Client key exchange Parameters, signature
Finished Hash value
![Page 41: 1 Lecture 5 Topics Digital Signature (Signed Hashed value) Digital Certificate User Authentication Mechanisms Secure Socket Layer (SSL) GSM Security](https://reader035.vdocument.in/reader035/viewer/2022062421/56649ca45503460f949653f5/html5/thumbnails/41.jpg)
41Lecture 5
SSL Handshake Process
Web Browse
r
Web Server
1. Establish security capabilities
2. Server authentication and key exchange
3. Client authentication and key exchange
4. Finish
![Page 42: 1 Lecture 5 Topics Digital Signature (Signed Hashed value) Digital Certificate User Authentication Mechanisms Secure Socket Layer (SSL) GSM Security](https://reader035.vdocument.in/reader035/viewer/2022062421/56649ca45503460f949653f5/html5/thumbnails/42.jpg)
42Lecture 5
SSL Handshake – Phase 1
Web Brows
er
Web ServerStep 1: Client hello
Step 2: Server hello
![Page 43: 1 Lecture 5 Topics Digital Signature (Signed Hashed value) Digital Certificate User Authentication Mechanisms Secure Socket Layer (SSL) GSM Security](https://reader035.vdocument.in/reader035/viewer/2022062421/56649ca45503460f949653f5/html5/thumbnails/43.jpg)
43Lecture 5
SSL Handshake – Phase 2
Web Brows
er
Web Server
Step 1: Certificate
Step 2: Server key exchange
Step 3: Certificate request
Step 4: Server hello done
![Page 44: 1 Lecture 5 Topics Digital Signature (Signed Hashed value) Digital Certificate User Authentication Mechanisms Secure Socket Layer (SSL) GSM Security](https://reader035.vdocument.in/reader035/viewer/2022062421/56649ca45503460f949653f5/html5/thumbnails/44.jpg)
44Lecture 5
SSL Handshake – Phase 3
Web Browse
r
Web Server
Step 1: Certificate
Step 2: Client key exchange
Step 3: Certificate verify
![Page 45: 1 Lecture 5 Topics Digital Signature (Signed Hashed value) Digital Certificate User Authentication Mechanisms Secure Socket Layer (SSL) GSM Security](https://reader035.vdocument.in/reader035/viewer/2022062421/56649ca45503460f949653f5/html5/thumbnails/45.jpg)
45Lecture 5
SSL Handshake – Phase 4
Web Brows
er
Web Server
Step 3: Change cipher specs
Step 4: Finished
1. Change cipher specs
2. Finished
![Page 46: 1 Lecture 5 Topics Digital Signature (Signed Hashed value) Digital Certificate User Authentication Mechanisms Secure Socket Layer (SSL) GSM Security](https://reader035.vdocument.in/reader035/viewer/2022062421/56649ca45503460f949653f5/html5/thumbnails/46.jpg)
46Lecture 5
SSL Record Protocol
Application data
Fragmentation
Compression
Addition of MAC
Encryption
Append header
PerformedAction on Application data