Secure Socket Layer

Secure Socket Layer

Barnali Gupta Banik

1

Topics covered

2

•Secure Sockets Layer protocol (SSL)

Introduction

3

The standard method most e-commerce sites use to protect their transmitted data is the Secure Sockets Layer protocol (SSL), developed by Netscape in 1994.Subsequently it was adopted by the Internet Engineering Task Force (IETF) as RFC 2246, commonly referred to as Transport Layer Security (TLS).

Introduction

4

Packet sniffing

When information is transmitted between computers, it is divided up into “packets” that travel separately through the Internet and are reunited at their destination. If you can get between the point of origin and the destination, you can use a packet sniffer to watch the traffic. If the data is unencrypted (i.e. if it does not use SSL), you can see the contents of these packets.

Introduction

5

SSL includes two methods for ensuring consumer confidence when performing e-commerce transactions: encryption and authentication.

Encryption: The transmission of data should be secure so that no one can sniff the data that is sent. Public Key Cryptography (PKC) is a method that secures data transmission so that if data is sniffed it cannot be understood.

Authentication: The user should be confident that data received was really sent by the correct Web site. This prevents a man-in-the-middle (MITM) attack, in which a hacker sits between a user and a legitimate Web server, while posing as the legitimate Web site.

Man-In-The-Middle (MITM) attack,

6

A MITM attack occurs when a hacker positions himself between a victim and a resource that that victim wants to use.

For instance, a consumer who wants to connect to a bank to conduct a transaction can browse to the bank’s Web site and type in login account information. The hacker can then interceptthis information and pass it on to the real bank Web site, thereby impersonating the real client. Whatever data is returned by the Web site is then forwarded (by the hacker) to the real consumer. In this way, the consumer is unaware that anything wrong is going on, and in fact, may even be communicating with the hacker in an encrypted manner. However, the hacker can see all transactions, and may be able to modify them for personal advantage.

Man-In-The-Middle (MITM) attack,

7

Secure Sockets Layer

8

SSL (Secure Sockets Layer) is the standard security technology for establishing an encrypted link between a web server and a browser. This link ensures that all data passed between the web server and browsers remain private and integral. SSL is an industry standard and is used by millions of websites in the protection of their online transactions with their customers.

SSL Certificates

9

SSLs are the only effective way to secure your site against unauthorized interception of data - passwords, account numbers, social security numbers and more. That's why more and more Internet users are looking for the secure padlock icon or green browser bar before proceeding with a transaction.

An SSL Certificate is software that encrypts all data flowing to and from the Certificate holder's Web site. This makes all exchanges between the site and its visitors 100 percent private, whether the visitor is submitting a newsletter request or making a purchase.

A Web site is generally authenticated by an X.509 certificate.

X.509 certificates

10

X.509 is a standard created by the International Telecommunication Union (ITU) and formalized by the IETF as RFC 2459.

An X.509 certificate contains information about the entity that owns it and binds it to that entity’s public key. There is also data from a well-trusted third party confirming that all the information inside the certificate has been verified as true.Web servers use certificates:to prove their identities to Web browsersto provide a public key to the browser so that it and the server may communicate securelyIn this manner, X.509 certificates provide a mechanism on which an SSL session can be built. If an X.509 certificate contains the relevant data in order to create an SSL session, it can be considered to be an SSL certificate.

How certificates are created

11

To obtain an SSL certificate for a web server, the person running the server completes the following steps:

1. Generate a public and private key using a standard off-the-shelf tool, and put the public key into acertificate. Along with these keys, identifying information is entered in the certificate (the Subject information).

2. Send this certificate to an organization that is known to be trusted, called a Certificate Authority (CA). There are several companies that specialize in CA services, such as VeriSign Inc. of Mountain View, California and GeoTrust Inc. of Needham, Massachusetts.

How Certificates are created

12

3. The CA vets the certificate to positively confirm:the identity of the sender through outside means (such as examining business

documents) the sender’s authority to own this certificate

4. Only if the vetting process confirms the entity’s identity, the CA signs the certificate and adds its identity to the Issuer field. By signing a certificate, the CA uses its private key to encrypt information into the certificate so that someone who examines it will be assured that that CA validated the certificate’s information. Because the signing process requires possession of the CA’s private key, which is highly guarded, it is not possible for someone to forge this signature.

Note: The CA can sign a certificate that is then used to sign additional certificates. This is known as a “chain.”

Certificate Revocation

13

Certificates are sometimes problematic. For example:

The certificate was wrongly issued (because of information that was not known during the vetting process).The certificate has become compromised for some reason (such as someone stealing the private key).

In these cases, the certificate should be invalidated. If the end of the certificate’s valid period is far in the future, this need becomes critical.

Certificate Revocation

14

There are two popular methods of invalidating a signed certificate, which are described below.

CRL: The most common method for revoking a certificate is through a Certificate Revocation List (CRL). This is a list that a CA creates listing all the certificates it has signed that it now wants to revoke.

OCSP: Another way to revoke a certificate is through Online Certification Status Protocol (OCSP). This is a protocol in which the browser communicates with a server in real time to determine if a certificate is still trustworthy and not revoked.

Clearly, this process is very time consuming. In addition, it places a burden on the CA’s servers. There is even less support for OCSP than for CRLs.

SSL Architecture

15

SSL components

16

SSL Handshake Protocol negotiation of security algorithms and parameters key exchange server authentication and optionally client authentication

SSL Record Protocol fragmentation Compression message authentication and integrity protection Encryption

SSL Alert Protocol error messages (fatal alerts and warnings)

SSL Change Cipher Spec Protocol a single message that indicates the end of the SSL

handshake

Secure Sockets Layer (SSL): How It Works (Simple Steps)

17

What Happens When a Browser Encounters SSL

A browser attempts to connect to a website secured with SSL.The browser requests that the web server identify itself.The server sends the browser a copy of its SSL Certificate.The browser checks whether it trusts the SSL Certificate. If so, it sends a message to the server.The server sends back a digitally signed acknowledgement to start an SSL encrypted session.Encrypted data is shared between the browser and the server.

Secure Sockets Layer (SSL): How It Works(Detailed Steps with Example)

18

1. Obtaining an SSL Certificate

XYZ Inc., intends to secure their customer checkout process, accountmanagement, and internal employee correspondence on their website,xyz.com.Step 1: XYZ creates a Certificate Signing Request (CSR) and duringthis process, a private key is generated.Step 2: XYZ goes to a trusted, third party Certificate Authority, such asTrustwave(others can be Thawte, Verisign) .Trustwave takes thecertificate signing request and validates XYZ in a two step process.Trustwave validates that XYZ has control of the domain xyz.com andthat XYZ Inc. is an official organization listed in public governmentrecords.Step 3: When the validation process is complete, Trustwave gives XYZa new public key (certificate) encrypted with Trustwave's private key.Step 4: XYZ installs the certificate on their webserver(s).

Secure Sockets Layer (SSL): How It Works(Detailed Steps with Example)

19

2. How Customers Communicate with the Server using SSL

Step 1: A customer makes a connection to xyz.com on an SSL port,typically 443. This connection is denoted with https instead of http.

Step 2: xyz.com sends back its public key to the customer. Oncecustomer receives it, his/her browser decides if it is alright to proceed.The xyz.com public key must NOT be expiredThe xyz.com public key must be for xyz.com onlyThe client must have the public key for Trustwave installed in theirbrowser certificate store. 99.9% of all modern browsers (1998+) includethe Trustwave root certificate. If the customer has Trustwave trustedpublic key, then they can trust that they are really communicating withXYZ, Inc.

20

2. How Customers Communicate with the Server using SSL

Step 3: If the customer decides to trust the certificate, then the customerwill be sent to xyz.com his/her public key.

Step 4: xyz.com will next create a unique hash and encrypt it using boththe customer's public key and xyz.com's private key, and send this backto the client.

Step 5: Customer's browser will decrypt the hash. This process showsthat the xyz.com sent the hash and only the customer is able to read it.Step 6: Customer and website can now securely exchange information.

Secure Sockets Layer (SSL): How It Works(Detailed Steps with Example)

Secure Sockets Layer (SSL): How It Works

21

Secure Sockets Layer (SSL): How It Works

22

SSL Implementation

23

SSL uses public-key encryption to exchange a session key between the

client and server; this session key is used to encrypt the http transaction

(both request and response). Each transaction uses a different session

key so that even if someone did manage to decrypt a transaction, that

would not mean that they would have found the server's secret key; if

they wanted to decrypt another transaction, they'd need to spend as

much time and effort on the second transaction as they did on the

first. Of course, they would have first have to have figured out some

method of intercepting the transaction data in the first place, which is in

itself extremely difficult.

SSL Implementation

24

There are two commonly used SSL encryption schemes: 40 bit keys and 128 bit keys means Servers and browsers do encryption ranging from a 40-bit secret key to a 128-bit secret key, that is to say '2 to the 40th power' or '2 to the 128th power'

The encryption key size determines the effort required to break the encryption. Larger keys take more work to break.

The original SSL implementation used 40 bit keys.

Many people have heard that 40-bit is insecure and that you need 128-bit to keep your credit card info safe. They feel that using a 40-bit key is insecure because it's vulnerable to a "brute force" attack (basically trying each of the 2^40 possible keys until you find the one that decrypts the message).

SSL Implementation

25

However, computer power has continued to grow and its now fairly

easy to break a 40 bit key. 128 bit keys require more power than most

people can acquire to break. They are reasonably secure at this time.

However, with the continued improvement in computers there will

come a time when 128 bit keys are not adequate. 40 bit keys are still in

use today.

SSL Implementation

26

SSL Services

27

Secure Socket Layer (SSL) is designed to provide security and compression services to data generated from the application layer. Typically, SSL can receive data from any application layer protocol, but usually the protocol is HTTP. The data received from the application are compressed (optional), signed, and encrypted. The data are then passed to a reliable transport layer protocol such as TCP. Netscape developed SSL in 1994. Versions 2 and 3 were released in 1995.Here, we discuss SSLv3.

SSL Services

28

SSL provides several services on data received from the application layer.

FragmentationFirst, SSL divides the data into blocks of 214 bytes or less.

CompressionEach fragment of data is compressed by using one of the lossless compression methods negotiated between the client and server. This service is optional.

SSL Services

29

Message IntegrityTo preserve the integrity of data, SSL uses a keyed-hash function to create a MAC.

ConfidentialityTo provide confidentiality, the original data and the MAC are encrypted using symmetric key cryptography.

FramingA header is added to the encrypted payload. The ,payload is then passed to a reliable transport layer protocol.

SSL in practice

30

SSL begins to work when a user connects to a server in which SSL is enabled. Before any secure data passes between them, the server sends its certificate to the browser for inspection. When thebrowser receives this certificate, it performs the following checks to verify its validity:

The server certificate contains valid dates.The server certificate is properly signed by the issuer.The issuer is known to be trustworthy by the browser.No certificates in the chain have been revoked (by looking at either CRL or OCSP).The name on the server certificate exactly matches the hostname of the Web site to which the user is connected.

SSL in practice

31

If all these checks are positive, then the browser can use the public key in the certificate to begin encrypted communication with the server.

This means that SSL is being used, and the familiar padlock icon closes at the bottom of the browser window to inform the user that any communication is now secure.

SSL in practice

32

The padlock icon indicates:Encryption: transmission is encrypted so that no one can sniff it.Authentication: the browser is really connected to the server listed in the browser’s address bar, and no hacker is pretending to be the server.

Padlock icon in Internet Explorer indicating that SSL is in use

SSL Failures

33

Sometimes when a browser inspects a server certificate, one of the checks fails. Common failures include:Invalid DatesUnknown Issuer

When a failure occurs, the browser displays the relevant information to the user and enables the user to decide whether or not to proceed with the transaction.

Uses for SSL Secure Socket Layer Technology

34

Almost any service on the Internet can be protected with SSL. WebMail, Control Panels, POP, IMAP, SMTP, FTP and more are a few of the many applications for SSL Certificates.

SSL versus TLS

35

TLS (Transport Layer Security) and SSL (Secure Sockets Layer) are protocols that provide data encryption and authentication between applications in scenarios where that data is being sent across an insecure network, such as checking your email.

The terms SSL and TLS are often used interchangeably or in conjunction with each other (TLS/SSL), but one is in fact the predecessor of the other — SSL 3.0 served as the basis for TLS 1.0 which, as a result, is sometimes referred to as SSL 3.1.