ssl/tls
TRANSCRIPT
SSL/TLS
Agenda
• History• Lifecycle of a web request• HTTP Request Handshake• Encryption• What is SSL/TLS• Certificate Authorities• TLS Resumption• How it works• Vulnerabilities
History
• The SSL protocol was originally developed at Netscape.• To enable ecommerce transaction security on the web, which
required • Encryption to protect customer's personal data • Authentication • Integrity guarantees to ensure a safe transaction.
• Evolved from SSL 1.0,2.0,3.0 in to TLS• When SSL protocol is standardized by IETF, it was renamed to
Transport Layer Security(TLS). TLS 1.0 is an upgrade to SSL 3.0
HTTP Request Handshake• SYN - (Synchronize) Initiates a connection• FIN - (Final) Cleanly terminates a connection• ACK – Acknowledges received data
Problems : • Clear text• Unsecured
• No encryption• No certificates required
Message Authentication Code
What is SSL
• Intermediate layer between transport and security• It provides following services• Encryption• Authentication• Integrity
Certificate Authorities
• A certificate authority (CA) is a trusted third party that is trusted by both the subject(owner) of the certificate and the party relying upon the certificate.
• The browser specifies which CAs to trust (root CAs), and the burden is then on the CAs toverify each site they sign, and to audit and verify that these certificates are not misusedor compromised. If the security of any site with the CA’s certificate is breached, then itis also the responsibility of that CA to revoke the compromised certificate.
How it works
Before the client and the server can begin exchanging application data over TLS, the encrypted tunnel must be negotiated, the client and server must agree on
• The version of the TLS protocol• Choose Cipher suite• Verify certificate if necessary
TLS Session Resumption• TLS provides an ability to resume or
share the same negotiated secret key data between multiple connections.
• This is achieved by using session identifier created in earlier TLS handshake.
• Client sends the session identifier to server in ClientHello message. If server recognizes the client session Id, previous cipher suite and MAC can be reused.
• Stateless Resumption : Session tickets can be generated by the server with all session information and can be sent to client during TLS handshake.
Vulnerabilities
• Man in the middle attack(MITM)• DNS Hijacking• CA Private Key is compromised