PRESENTATION ON SECURE SOCKET LAYER (SSL)

BY: ARZOO THAKUR M.E. C.S.E (REGULAR) BATCH - 2009

CONTENTS
Definition Brief History Services Position of SSL in TCP/IP Communication between layers Working of SSL Details of handshake protocol Details of record protocol Details of alert protocol Closing & resuming SSL connections References
2

DEFINITION
Internet protocol for secure exchange of information between the web browser and the

web server

Web browser

Web server

HISTORY
Developed by Netscape corporation in 1994
Versions 2,3,3.1 Popular version 3, released in 1995

SERVICES
Provides 2 basic security services : 1. Authentication 2. Confidentiality Logically it provides a secure pipe between the web browser and the web server.

POSITION OF SSL IN TCP/IP PROTOCOL SUITE

Located between the application layer and the
transport layer
Application layer SSL layer Transport layer Network layer Data link layer

Physical layer
6

COMMUNICATION BETWEEN VARIOUS LAYERS

x Y

L5 data L5 data SH

Application SSL

L5 data L5 data L5 data L4 data L3 data SH H4 H3 H2

L5 data
L4 data L3 data

H4
H3 H2

Transport Network Data link Physical Transmission medium

01010101001101011

01010101001101011

HOW SSL WORKS ?

Has 3 sub protocols : 1. Handshake protocol 2. Record protocol 3. Alert protocol

1. THE HANDSHAKE PROTOCOL

First sub protocol used by client and the server
to communicate using SSL enabled connections Consists of series of messages between the client and the server

MESSAGE FORMAT OF HANSHAKE PROTOCOL

Has 3 fields : 1. Type (1 byte) : indicates message types 2. Length (3 bytes) : indicates the length of message. 3. Content (1 or more byte) : contains the parameters associated with message

Type 1 byte

Length 3 byte

Contents 1 or more bytes

10

PHASES OF HANDSHAKE PROTOCOL

There are 4 phases of handshake protocol : 1. Establish security capabilities 2. Server authentication & key exchange 3. Client authentication & key exchange 4. Finish

Web browser

1.Establish security capabilities 2. Server authentication &key exchange 3.Client authentication & key exchange 4.Finish

Web server

11

Phase 1: Establish security capabilities

Initiate a logical connection & establish the security capabilities Consists of two messages : client hello & server hello

Step 1: Client hello Web browser Step 2 : Server hello Web server

12

CLIENT HELLO
Consists of following parameters : 1. Version : indicates the highest version of SSL the client can support 2. Random : used for actual communication. It consists of 2 sub fields : 32-bit date-time field that identifies current system date & time on the client computer 28-byte random number generated by the random number generator software built inside the client computer
13

CLIENT HELLO CONT.

3. Session id : variable length session identifier
It has two values : 3.1. Non zero value : shows that a connection already exists between the client and the server 3.2. Zero value :indicates that the client wants to create a new connection with the server 4. Cipher suite : contains list of cryptographic algorithms supported by client 5. Compression method : contains list of compression algorithms supported by client
14

SERVER HELLO
Contains the same fields as that of client but with different purpose : 1. Version : identifies the lower of the versions suggested by the client & the highest supported by the server 2. Random : same structure as that of client 3. Session id : for non zero value - server uses the same value sent by client For zero value server creates a new session id & puts it in this field 4. Cipher suite : contains single cipher suite selected from the list sent by client 5. Compression method : contains a compression algorithm selected from the list sent by client 15

PHASE 2 : SERVER AUTHENTICATION & KEY EXCHANGE

Server initiates this phase of SSL handshake Server is the only sender & the client is the only receiver. This phase contains 4 steps: 1. Certificate 2. Server key exchange 3. Certificate request 4. Server hello done

16

1.CERTIFICATE
Server sends its digital certificate to the client This helps client to authenticate the server using servers public key from servers certificate.

2. SERVER KEY EXCHANGE

Optional step & is used if the sender doesnt send its digital certificate to the client Server sends its public key to the client

17

3. CERTIFICATE REQUEST
Server can request for the clients digital signatures This step is optional because the client authentication in SSL is optional.

4. SERVER HELLO DONE

Indicates the client that its portion of hello message is complete The client can verify the certificates sent by the server After sending this message the server waits for the clients response
18

PHASE 3: CLIENT AUTHENTICATION & KEY EXCHANGE

The client initiates this phase. Client is the sender & the server is the receiver. This phase consists of 3 steps: 1. Certificate 2. Client key exchange 3. Certificate verify

19

1. CERTIFICATE
Optional step Performed only if the server had requested for the clients certificate If the client sends no certificate instead of a certificate message then its upto server if it still wants to continue.

2. CLIENT KEY EXCHANGE

Allows the client to send information to the server based on the symmetric key Client creates a 48-byte pre-master secret & encrypts it with the servers public key & sends 20 this pre-master secret to the server.

3. CERTIFICATE VERIFY
Necessary only if the server had demanded client authentication The client combines the pre-master secret with the random numbers exchanged by the client & server after hashing them together.

21

PHASE 4 : FINISH

Client initiates this phase and the server ends.

This consists of 4 steps: The first two masseges are from client : 1. Change cipher specs 2. Finished The server responds back with the two same identical messages
1. Change cipher specs

Web browse r

2. Finished 3. Change cipher specs 4. Finished

Web server

22

MASTER KEY GENERATION CONCEPT

Based on pre-master secret , both the server and the client create a 48-byte quantity called the master secret Master key is calculated after computing message digests of pre-master secret, client random & server random.
Pre-master secret Client random Server random

Message digest algorithm

Master secret

23

SYMMETRIC KEY GENERATION CONCEPT

Finally symmetric keys to be used by the client
& server are generated.

Master secret

Client random

Server random

Message digest algorithms

Symmetric key
24

2. RECORD PROTOCOL
Provides 2 services : 1. Confidentiality : achieved by the secret key defined by handshake protocol 2. Integrity : shared secret key is used to ensure the message integrity

25

OPERATION OF RECORD PROTOCOL

Application data

Fregmentation

Compression

Addition of MAC

Encryption

Append header

26

DETAILS OF THE STEPS

1. Fregmentation: original message is broken into blocks of size less than or equal to 16,384 bytes 2. Compression: fregmented blocks are compressed optionally with loss less compression mechanism 3. Addition of MAC: MAC is calculated for each block using the shared secret key. 4. Encryption: using the symmetric key the output is encrypted

27

5. Append header: header is added to the

encrypted block. The header contains the following fields : Content type(8 bits): specifies the protocol used for processing the record in next higher level Major version(8 bits): specifies the major version of SSL protocol in use Minor version(8 bits):specifies the minor version of SSL protocol in use Compressed length(16 bits): specifies the length of the original plain text block
28

3. ALERT PROTOCOL
When either the client or the server detects an error, the detecting party sends an alert message to the other party

For fatal error : SSL connection is immediately closed, session identifiers, secrets & keys are destroyed For non fatal errors :parties handle the errors & continue

29

ALERT PROTOCOL MESSAGE FORMAT

Alert message contains 2 bytes : 1. Severity : signifies the type of error. If it is a warning ,this byte contains 1. If it is fatal, this contains 2. 2. Cause : specifies the actual errors

Severity
Byte 1

Cause
Byte 2

30

CLOSING AND RESUMING SSL CONNECTIONS

Before ending communication , the client & the server must inform each other Each party sends a close notify alert to ensure graceful closure If the SSL connection ends without a close notify alert it cant be resumed Any SSL connection cant be reused after 24 hours

31

REFERENCES
Cryptography and network security by Atul Kahate. Ahuja, Vijay, Network and internet security Comer, Douglas, Computer networks and internets. Kaufman, Charlie, network security Web refrences.

32

THANKS

33