Computer and Network Security - PowerPoint PPT Presentation
1 / 9
Title:
Computer and Network Security
Description:
... a session key that is used to cryptographically protect the reminder of ... Six session keys (for each direction, encryption key, integrity-protection key, ... – PowerPoint PPT presentation
Number of Views:88
Avg rating:3.0/5.0
Title: Computer and Network Security
1
Computer and Network Security
- SSL/TLS (Chapter 19)
2
SSL/TSL
- Assist E-commerce, banking, purchasing over the
web - Allow two parties to authenticate and establish
a session key that is used to cryptographically
protect the reminder of the session - SSL (Secure Socket Layer) version 2 by Netscape
- SSL v3 by Netscape
- TLS (Transport Layer Security) by IETF
3
User Level Implementation
- SSL/TLS runs in a user-level process
- Runs on top of TCP
- Has its own units, called records, consisting of
headers and payloads - Four types of records user data, handshake
messages, alerts, change cipher spec
4
Hand Shaking
5
Session Initiation
6
Session Resumption
7
Computing Keys
- Pre-master key S
- Master key K f ( S, RAlice, Rbob)
- Six session keys (for each direction, encryption
key, integrity-protection key, IV), which are the
hash results of K, RAlice, and Rbob.
8
Client Authentication
- Normally the clients send name/password to the
server as application data - The server has the option to send a certificate
request in message 2 of the handshaking.
9
PKI
- The clients are pre-configured with a list of
well-known trust anchors (CAs) when the software
is shipped. - The server either sends a certificate generated
by one of those root CA, or sends a chain of
certificates.
