Secure Sockets Layer (SSL)

About This Presentation

Title:

Secure Sockets Layer (SSL)

Description:

Secure Sockets Layer (SSL) James Wann Verizon Corporation November 27, 2000 What is SSL? SSL is a separate network protocol that runs on top of TCP Acts as a layer ... – PowerPoint PPT presentation

Number of Views:115

Avg rating:3.0/5.0

Slides: 18

Provided by: JWa80

Category:

more less

Transcript and Presenter's Notes

Title: Secure Sockets Layer (SSL)

1
Secure Sockets Layer (SSL)

James Wann
Verizon Corporation
November 27, 2000

2
What is SSL?

SSL is a separate network protocol that runs on
top of TCP
Acts as a layer between the application layer and
the transport layer (TCP)
Ensures that any application layer can run on top
of it

3
Networking Layers Using SSL
HTTP
SSL
TCP
IP
4
Uses of Cryptography

Confidentiality prevents eavesdropping of
messages
Authentication proves the identity of the
sender and recipient of the message
Message Integrity prevents a message from being
altered

5
Types of Cryptography

Secret Key Cryptography
Public Key Cryptography

6
Secret Key Cryptography

Based on a shared secret between two parties
The shared secret key is utilized in mathematical
transformations of the data to be encrypted
How do the two parties know about the secret to
begin with?

7
Public Key Cryptography

Uses two separate keys
Public key publicly known key used for
encryption
Private key known only by the person holding
the key used for decryption

8
Public Key Cryptography Illustrated
1. Create keys
2. Publish public key
3. Encipher message with public key
4. Send encrypted message
5. Decipher message with private key
9
Public Key Cryptography Illustrated (contd)
1. Create keys
2. Publish public key
3. Encipher message with private key
4. Send message
5. Decipher message with public key
10
Combining Secret and Public Key Cryptography
1. Publish public key
2. Encrypt secret key with public key
3. Send secret key
4. Decipher secret key with private key
5. Use secret key for messages
11
Certificates

How would anyone know that a public key is
correctly associated with a user?
Certificates provide the proper user credentials,
as well as the users public key
How does one know that a certificate is
legitimate?

12
Certificate Authorities

Issues certificates on behalf of the user
Digitally signs the certificate using the CAs
private key
The CAs public key is used to verify the
signature

13
SSL Operation
1. Client initiates the session
2. Server sets the security services
3. Server presents its certificate
4. Server presents public key for encryption
5. Server concludes message
14
SSL Operation (contd)
6. Client presents the secret key
7. Begin security services
8. Client concludes message
9. Begin security services
10. Server concludes message
15
Client Authentication

The server, in presenting its certificate can ask
to see the clients certificate
In response, the client would present its
certificate.
Included in the message is a cryptographic hash
of shared information signed by the clients
private key

16
Conclusion

SSL provides a security layer that is extensible
to any networked application
SSL also ensures authentication for a given party
via a commonly trusted authority
Encryption algorithms are extremely hard to
break!
If CAs private key is known, there is no good
mechanism to revoke key