tailieunhanh - SSL (Secure Socket Layer)

transport layer security service originally developed by Netscape version 3 designed with public input subsequently became Internet standard known as TLS (Transport Layer Security) uses TCP to provide a reliable end-to-end service SSL has two layers of protocols | Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown Edited by Dick Steflik Web Security Web now widely used by business, government, individuals but Internet & Web are vulnerable have a variety of threats integrity confidentiality denial of service authentication need added security mechanisms SSL (Secure Socket Layer) transport layer security service originally developed by Netscape version 3 designed with public input subsequently became Internet standard known as TLS (Transport Layer Security) uses TCP to provide a reliable end-to-end service SSL has two layers of protocols SSL probably most widely used Web security mechanism. Its implemented at the Transport layer; cf IPSec at Network layer; or various Application layer mechanisms eg. S/MIME & SET (later). Where SSL Fits HTTP SMTP POP3 80 25 110 HTTPS SSMTP SPOP3 443 465 995 Secure Sockets Layer Transport Network Link Uses Public Key Scheme Each client-server pair uses 2 public keys one for client (browser) created when browser is installed on client machine one for server (http server) created when server is installed on server hardware 2 private keys one for client browser one for server (http server) SSL Architecture Stallings Fig 17-2. SSL Architecture SSL session an association between client & server created by the Handshake Protocol define a set of cryptographic parameters may be shared by multiple SSL connections SSL connection a transient, peer-to-peer, communications link associated with 1 SSL session SSL Record Protocol confidentiality using symmetric encryption with a shared secret key defined by Handshake Protocol IDEA, RC2-40, DES-40, DES, 3DES, Fortezza, RC4-40, RC4-128 message is compressed before encryption message integrity using a MAC (Message Authentication Code) created using a shared secret key and a short message SSL Record Protocol defines these two services for SSL connections. SSL Change Cipher Spec Protocol one of 3 SSL specific . | Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown Edited by Dick Steflik Web Security Web now widely used by business, government, individuals but Internet & Web are vulnerable have a variety of threats integrity confidentiality denial of service authentication need added security mechanisms SSL (Secure Socket Layer) transport layer security service originally developed by Netscape version 3 designed with public input subsequently became Internet standard known as TLS (Transport Layer Security) uses TCP to provide a reliable end-to-end service SSL has two layers of protocols SSL probably most widely used Web security mechanism. Its implemented at the Transport layer; cf IPSec at Network layer; or various Application layer mechanisms eg. S/MIME & SET (later). Where SSL Fits HTTP SMTP POP3 80 25 110 HTTPS SSMTP SPOP3 443 465 995 Secure Sockets Layer Transport Network Link Uses Public Key Scheme Each client-server pair uses 2 public keys