Unit 4_SSL_Handshake Protocol_Record Layer Protocol.pdf
KanchanPatil34
472 views
38 slides
Mar 22, 2025
Slide 1 of 38
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
About This Presentation
SSL- Introduction, Handshake Protocol, Record Layer Protocol
Slide Content
Cryptography and Cyber Security
[IT311]
Sanjivani Rural Education Society’s
Sanjivani College of Engineering, Kopargaon-423603
(An Autonomous Institute Affiliated to Savitribai Phule Pune University, Pune)
NAAC ‘A’ Grade Accredited, ISO 9001:2015 Certified
Department of Information Technology
(NBA Accredited)
Mrs. Kanchan D. Patil
Assistant Professor
[IT311]
Sanjivani Rural Education Society’s
Sanjivani College of Engineering, Kopargaon-423603
(An Autonomous Institute Affiliated to Savitribai Phule Pune University, Pune)
NAAC ‘A’ Grade Accredited, ISO 9001:2015 Certified
Department of Information Technology
(NBA Accredited)
Mrs. Kanchan D. Patil
Assistant Professor
Unit 4: Network Security
•IPSEC- Introduction, AH and ESP, Tunnel Mode, Transport Mode, Security
Associations
•IKE- Internet Key Exchange Protocol
•SSL- Introduction, Handshake Protocol, Record Layer Protocol
Cryptography & Cyber Security Mrs. Kanchan Patil Department of Information Technology
•IPSEC- Introduction, AH and ESP, Tunnel Mode, Transport Mode, Security
Associations
•IKE- Internet Key Exchange Protocol
•SSL- Introduction, Handshake Protocol, Record Layer Protocol
Cryptography & Cyber Security Mrs. Kanchan Patil Department of Information Technology
Secure Socket Layer (SSL)
•SSL is designed to make use of TCP to provide a reliable end-to-end secure
service (i.e. exchange of information between a web browser and a web
server)
•SSL is not a single protocol but rather two layers of protocols
•SSL Protocol stack is shown below
Cryptography & Cyber Security Mrs. Kanchan Patil Department of Information Technology
•SSL is designed to make use of TCP to provide a reliable end-to-end secure
service (i.e. exchange of information between a web browser and a web
server)
•SSL is not a single protocol but rather two layers of protocols
•SSL Protocol stack is shown below
Cryptography & Cyber Security Mrs. Kanchan Patil Department of Information Technology
Secure Socket Layer (SSL)
•The SSL Record Protocol provides basic security services to various higher
layer protocols.
•The Hypertext Transfer Protocol (HTTP), which provides the transfer service
for Web client/server interaction, can operate on top of SSL.
•Three higher-layer protocols are defined as part of SSL:
•The Handshake Protocol
•The Change Cipher Spec Protocol
•The Alert Protocol
•Another layer is Record Layer Protocol
•These SSL specific protocols are used in the management of SSL exchanges.
•Two important SSL concepts are the SSL session and the SSL connection.
Cryptography & Cyber Security Mrs. Kanchan Patil Department of Information Technology
•The SSL Record Protocol provides basic security services to various higher
layer protocols.
•The Hypertext Transfer Protocol (HTTP), which provides the transfer service
for Web client/server interaction, can operate on top of SSL.
•Three higher-layer protocols are defined as part of SSL:
•The Handshake Protocol
•The Change Cipher Spec Protocol
•The Alert Protocol
•Another layer is Record Layer Protocol
•These SSL specific protocols are used in the management of SSL exchanges.
•Two important SSL concepts are the SSL session and the SSL connection.
Cryptography & Cyber Security Mrs. Kanchan Patil Department of Information Technology
Secure Socket Layer (SSL)
•Connection:
•A connection is a transport that provides a suitable type of service.
•For SSL, such connections are peer-to-peer relationships.
•The connections are temporary.
•Every connection is associated with one session.
•Session:
•An SSL session is an association between a client and a server.
•Sessions are created by the Handshake Protocol.
•Sessions define a set of cryptographic security parameters which can be
shared among multiple connections.
•Sessions are used to avoid the expensive negotiation of new security
parameters for each connection.
Cryptography & Cyber Security Mrs. Kanchan Patil Department of Information Technology
•Connection:
•A connection is a transport that provides a suitable type of service.
•For SSL, such connections are peer-to-peer relationships.
•The connections are temporary.
•Every connection is associated with one session.
•Session:
•An SSL session is an association between a client and a server.
•Sessions are created by the Handshake Protocol.
•Sessions define a set of cryptographic security parameters which can be
shared among multiple connections.
•Sessions are used to avoid the expensive negotiation of new security
parameters for each connection.
Cryptography & Cyber Security Mrs. Kanchan Patil Department of Information Technology
Secure Socket Layer (SSL)
•Between any pair of parties (applications such as HTTP on client and
server), there may be multiple secure connections.
•In theory, there may also be multiple simultaneous sessions between
parties, but this feature is not used in practice.
•There are a number of states associated with each session.
•Once a session is established, there is a current operating state for both
read and write.
•In addition, during the Handshake Protocol, pending read and write states
are created.
•Upon successful conclusion of the Handshake Protocol, the pending states
become the current states.
Cryptography & Cyber Security Mrs. Kanchan Patil Department of Information Technology
•Between any pair of parties (applications such as HTTP on client and
server), there may be multiple secure connections.
•In theory, there may also be multiple simultaneous sessions between
parties, but this feature is not used in practice.
•There are a number of states associated with each session.
•Once a session is established, there is a current operating state for both
read and write.
•In addition, during the Handshake Protocol, pending read and write states
are created.
•Upon successful conclusion of the Handshake Protocol, the pending states
become the current states.
Cryptography & Cyber Security Mrs. Kanchan Patil Department of Information Technology
Secure Socket Layer (SSL)
•A session state is defined by the following parameters.
•Session identifier: An arbitrary byte sequence chosen by the server to identify an
active or resumable session state.
•Peer certificate: An X509.v3 certificate of the peer. This element of the state may
be null.
•Compression method: The algorithm used to compress data prior to encryption.
•Cipher spec: Specifies the bulk data encryption algorithm (such as null, AES, etc.)
and a hash algorithm (such as MD5 or SHA-1) used for MAC calculation. It also
defines cryptographic attributes such as the hash_size.
•Master secret: 48-byte secret shared between the client and server.
•Is resumable: A flag indicating whether the session can be used to initiate new
connections
Cryptography & Cyber Security Mrs. Kanchan Patil Department of Information Technology
•A session state is defined by the following parameters.
•Session identifier: An arbitrary byte sequence chosen by the server to identify an
active or resumable session state.
•Peer certificate: An X509.v3 certificate of the peer. This element of the state may
be null.
•Compression method: The algorithm used to compress data prior to encryption.
•Cipher spec: Specifies the bulk data encryption algorithm (such as null, AES, etc.)
and a hash algorithm (such as MD5 or SHA-1) used for MAC calculation. It also
defines cryptographic attributes such as the hash_size.
•Master secret: 48-byte secret shared between the client and server.
•Is resumable: A flag indicating whether the session can be used to initiate new
connections
Cryptography & Cyber Security Mrs. Kanchan Patil Department of Information Technology
Secure Socket Layer (SSL)
•A connection state is defined by the following parameters.
•Server and client random: Byte sequences that are chosen by the server
and client for each connection.
•Server write MAC secret: The secret key used in MAC operations on data
sent by the server.
•Client write MAC secret: The secret key used in MAC operations on data
sent by the client.
•Server write key: The secret encryption key for data encrypted by the
server and decrypted by the client.
•Client write key: The symmetric encryption key for data encrypted by the
client and decrypted by the server.
Cryptography & Cyber Security Mrs. Kanchan Patil Department of Information Technology
•A connection state is defined by the following parameters.
•Server and client random: Byte sequences that are chosen by the server
and client for each connection.
•Server write MAC secret: The secret key used in MAC operations on data
sent by the server.
•Client write MAC secret: The secret key used in MAC operations on data
sent by the client.
•Server write key: The secret encryption key for data encrypted by the
server and decrypted by the client.
•Client write key: The symmetric encryption key for data encrypted by the
client and decrypted by the server.
Cryptography & Cyber Security Mrs. Kanchan Patil Department of Information Technology
Secure Socket Layer (SSL)
•Initialization vectors:
•When a block cipher in CBC mode is used, an initialization vector (IV) is
maintained for each key.
•This field is first initialized by the SSL Handshake Protocol. Thereafter,
the final ciphertext block from each record is preserved for use as the IV
with the following record.
•Sequence numbers:
•Each party maintains separate sequence numbers for transmitted and
received messages for each connection.
•When a party sends or receives a change cipher spec message, the
appropriate sequence number is set to zero.
•Sequence numbers may not exceed 2^64 – 1.
Cryptography & Cyber Security Mrs. Kanchan Patil Department of Information Technology
•Initialization vectors:
•When a block cipher in CBC mode is used, an initialization vector (IV) is
maintained for each key.
•This field is first initialized by the SSL Handshake Protocol. Thereafter,
the final ciphertext block from each record is preserved for use as the IV
with the following record.
•Sequence numbers:
•Each party maintains separate sequence numbers for transmitted and
received messages for each connection.
•When a party sends or receives a change cipher spec message, the
appropriate sequence number is set to zero.
•Sequence numbers may not exceed 2^64 – 1.
Cryptography & Cyber Security Mrs. Kanchan Patil Department of Information Technology
SSL Handshake Protocol
•The most complex part of SSL is the Handshake Protocol.
•This protocol allows the server and client to authenticate each other and to
negotiate an encryption and MAC algorithm and cryptographic keys to be
used to protect data sent in an SSL record.
•The Handshake Protocol is used before any application data is transmitted.
•The Handshake Protocol consists of a series of messages exchanged by client
and server.
•Each message has three fields
•Type (1 byte): Indicates one of 10 messages
•Length (3 bytes): The length of the message in bytes.
•Content ( >=0 bytes): The parameters associated with this message.
Cryptography & Cyber Security Department of Information Technology
•The most complex part of SSL is the Handshake Protocol.
•This protocol allows the server and client to authenticate each other and to
negotiate an encryption and MAC algorithm and cryptographic keys to be
used to protect data sent in an SSL record.
•The Handshake Protocol is used before any application data is transmitted.
•The Handshake Protocol consists of a series of messages exchanged by client
and server.
•Each message has three fields
•Type (1 byte): Indicates one of 10 messages
•Length (3 bytes): The length of the message in bytes.
•Content ( >=0 bytes): The parameters associated with this message.
Cryptography & Cyber Security Department of Information Technology
SSL Handshake Protocol
•SSL Handshake Protocol Message Types
Cryptography & Cyber Security Mrs. Kanchan Patil Department of Information Technology
Message Type Parameters
hello_request null
client_hello version, random, session id, cipher suite, compression method
server_hello version, random, session id, cipher suite, compression method
certificate chain of X.509v3 certificates
server_key_exchange parameters, signature
certificate_request type, authorities
server_done Null
certificate_verify Signature
client_key_exchange parameters, signature
finished Hash value
•SSL Handshake Protocol Message Types
Cryptography & Cyber Security Mrs. Kanchan Patil Department of Information Technology
Message Type Parameters
hello_request null
client_hello version, random, session id, cipher suite, compression method
server_hello version, random, session id, cipher suite, compression method
certificate chain of X.509v3 certificates
server_key_exchange parameters, signature
certificate_request type, authorities
server_done Null
certificate_verify Signature
client_key_exchange parameters, signature
finished Hash value
SSL Handshake Protocol
•The handshake protocol is actually made up of four phases.
•These phases are:
•Establish security capabilities
•Server authentication and key exchange
•Client authentication and key exchange
•Finish
Cryptography & Cyber Security Mrs. Kanchan Patil Department of Information Technology
•The handshake protocol is actually made up of four phases.
•These phases are:
•Establish security capabilities
•Server authentication and key exchange
•Client authentication and key exchange
•Finish
Cryptography & Cyber Security Mrs. Kanchan Patil Department of Information Technology
SSL Handshake Protocol
•Phase 1: Establish Security Capabilities
•This first phase of the SSL handshake is used to initiate a logical
connection and establish the security capabilities associated with that
connection.
•This consists of two messages, the client hello and the server hello
Cryptography & Cyber Security Mrs. Kanchan Patil Department of Information Technology
•Phase 1: Establish Security Capabilities
•This first phase of the SSL handshake is used to initiate a logical
connection and establish the security capabilities associated with that
connection.
•This consists of two messages, the client hello and the server hello
Cryptography & Cyber Security Mrs. Kanchan Patil Department of Information Technology
SSL Handshake Protocol
•Phase 1: Establish Security Capabilities
•The process starts with a client hello message from the client to the server. consists
of the following parameters:
•Version: This field identifies the highest version of SSL that the client can support.
This can be 2, 3 or 3.1
•Random: This field is useful for the later, actual communication between the client
and the server. It contains two subfields
•A 32-bit date-time field that identifies the current system date and time on the
client
•A 28-byte random number generated by the random number generator software
built inside the client computer
Cryptography & Cyber Security Mrs. Kanchan Patil Department of Information Technology
•Phase 1: Establish Security Capabilities
•The process starts with a client hello message from the client to the server. consists
of the following parameters:
•Version: This field identifies the highest version of SSL that the client can support.
This can be 2, 3 or 3.1
•Random: This field is useful for the later, actual communication between the client
and the server. It contains two subfields
•A 32-bit date-time field that identifies the current system date and time on the
client
•A 28-byte random number generated by the random number generator software
built inside the client computer
Cryptography & Cyber Security Mrs. Kanchan Patil Department of Information Technology
SSL Handshake Protocol
•Phase 1: Establish Security Capabilities
•Session id: This is a variable length session identifier. If this field contains a non-zero
value, it means that there is already a connection between the client and the server,
and the client wishes to update the parameters of that connection.
•A zero value in this field indicates that the client wants to create a new connection
with the server.
•Cipher suite: This list contains a list of the cryptographic algorithms supported by the
client (eg RSA, Diffie-Hellman, etc) in the decreasing order of preference.
•Compression method: This field contains a list of the compression algorithms
supported by the client.
•The server response with a server hello message from the client to the server.
•The server returns a standard encryption algorithm chosen from the cipher suite and
compression algorithm.
Cryptography & Cyber Security Mrs. Kanchan Patil Department of Information Technology
•Phase 1: Establish Security Capabilities
•Session id: This is a variable length session identifier. If this field contains a non-zero
value, it means that there is already a connection between the client and the server,
and the client wishes to update the parameters of that connection.
•A zero value in this field indicates that the client wants to create a new connection
with the server.
•Cipher suite: This list contains a list of the cryptographic algorithms supported by the
client (eg RSA, Diffie-Hellman, etc) in the decreasing order of preference.
•Compression method: This field contains a list of the compression algorithms
supported by the client.
•The server response with a server hello message from the client to the server.
•The server returns a standard encryption algorithm chosen from the cipher suite and
compression algorithm.
Cryptography & Cyber Security Mrs. Kanchan Patil Department of Information Technology
SSL Handshake Protocol
•Phase 2: Server Authentication and Key Exchange
•The server initiates this second phase of the SSL handshake and is the
sole sender of all the messages in this phase.
•The client is the sole recipient of all these messages.
•This phase contains four steps. These steps are: Certificate, Server key
exchange, Certificate request, Server hello done
Cryptography & Cyber Security Mrs. Kanchan Patil Department of Information Technology
•Phase 2: Server Authentication and Key Exchange
•The server initiates this second phase of the SSL handshake and is the
sole sender of all the messages in this phase.
•The client is the sole recipient of all these messages.
•This phase contains four steps. These steps are: Certificate, Server key
exchange, Certificate request, Server hello done
Cryptography & Cyber Security Mrs. Kanchan Patil Department of Information Technology
SSL Handshake Protocol
•Phase 2: Server Authentication and Key Exchange
•Step 1-Certificate:
•The server sends its digital certificate and the entire chain leading up to
root CA to the client.
•This will help the client to authenticate the server using the server's public
key from the server's certificate.
•The server's certificate is mandatory in all situations, except if the key is
being agreed upon by using Diffie-Hellman.
•Step 2-Server key exchange:
•It is optional.
•It is used only if the server does not send its digital certificate to the client
in Step 1.
•The server sends its public key to the client (as the certificate is not
available).
Cryptography & Cyber Security Mrs. Kanchan Patil Department of Information Technology
•Phase 2: Server Authentication and Key Exchange
•Step 1-Certificate:
•The server sends its digital certificate and the entire chain leading up to
root CA to the client.
•This will help the client to authenticate the server using the server's public
key from the server's certificate.
•The server's certificate is mandatory in all situations, except if the key is
being agreed upon by using Diffie-Hellman.
•Step 2-Server key exchange:
•It is optional.
•It is used only if the server does not send its digital certificate to the client
in Step 1.
•The server sends its public key to the client (as the certificate is not
available).
Cryptography & Cyber Security Mrs. Kanchan Patil Department of Information Technology
SSL Handshake Protocol
•Phase 2: Server Authentication and Key Exchange
•Step 3-Certificate request:
•The server can request for the client's digital certificate.
•The client authentication in SSL is optional and the server may not always
expect the client to be authenticated.
•Therefore, this step is optional.
•Step 4-Server hello done:
•Message indicates to the client that its portion of the hello message (ie. the
server hello message) is complete.
•This indicates to the client that the client can now (optionally) verify the
certificates sent by the server and ensure that all the parameters sent by
the server are acceptable.
•This message does not have any parameters.
•After sending this message, the server waits for the client's response.
Cryptography & Cyber Security Mrs. Kanchan Patil Department of Information Technology
•Phase 2: Server Authentication and Key Exchange
•Step 3-Certificate request:
•The server can request for the client's digital certificate.
•The client authentication in SSL is optional and the server may not always
expect the client to be authenticated.
•Therefore, this step is optional.
•Step 4-Server hello done:
•Message indicates to the client that its portion of the hello message (ie. the
server hello message) is complete.
•This indicates to the client that the client can now (optionally) verify the
certificates sent by the server and ensure that all the parameters sent by
the server are acceptable.
•This message does not have any parameters.
•After sending this message, the server waits for the client's response.
Cryptography & Cyber Security Mrs. Kanchan Patil Department of Information Technology
SSL Handshake Protocol
•Phase 3: Client Authentication and Key Exchange
•The client initiates this third phase of the SSL handshake, and is the sole sender
of all the messages in this phase.
•The server is the sole recipient of all these messages.
•This phase contains three steps. These steps are: Certificate, Client key
exchange and Certificate verify.
Cryptography & Cyber Security Mrs. Kanchan Patil Department of Information Technology
•Phase 3: Client Authentication and Key Exchange
•The client initiates this third phase of the SSL handshake, and is the sole sender
of all the messages in this phase.
•The server is the sole recipient of all these messages.
•This phase contains three steps. These steps are: Certificate, Client key
exchange and Certificate verify.
Cryptography & Cyber Security Mrs. Kanchan Patil Department of Information Technology
SSL Handshake Protocol
•Phase 3: Client Authentication and Key Exchange
•Step 1- Certificate:
•It is optional
•This step is performed only if the server had requested for the client's
digital certificate.
•If the server has requested for the client's certificate and if the client
does not have one, the client sends a No certificate message, instead
of a Certificate message. It then is up to the server to decide if it
wants to still continue or not.
Cryptography & Cyber Security Mrs. Kanchan Patil Department of Information Technology
•Phase 3: Client Authentication and Key Exchange
•Step 1- Certificate:
•It is optional
•This step is performed only if the server had requested for the client's
digital certificate.
•If the server has requested for the client's certificate and if the client
does not have one, the client sends a No certificate message, instead
of a Certificate message. It then is up to the server to decide if it
wants to still continue or not.
Cryptography & Cyber Security Mrs. Kanchan Patil Department of Information Technology
SSL Handshake Protocol
•Phase 3: Client Authentication and Key Exchange
•Step 2- Client Key Exchange:
•Like the server key exchange message, this second step allows the
client to send information to the server, but in the opposite direction.
•This information is related to the symmetric key that both the parties
will use in this session.
•Here, the client creates a 48-byte pre-master secret, and encrypts it
with the server's public key and sends this encrypted pre-master
secret it to the server.
Cryptography & Cyber Security Mrs. Kanchan Patil Department of Information Technology
•Phase 3: Client Authentication and Key Exchange
•Step 2- Client Key Exchange:
•Like the server key exchange message, this second step allows the
client to send information to the server, but in the opposite direction.
•This information is related to the symmetric key that both the parties
will use in this session.
•Here, the client creates a 48-byte pre-master secret, and encrypts it
with the server's public key and sends this encrypted pre-master
secret it to the server.
Cryptography & Cyber Security Mrs. Kanchan Patil Department of Information Technology
SSL Handshake Protocol
•Phase 3: Client Authentication and Key Exchange
•Step 3- Certificate verify:
•It is necessary only if the server had demanded client authentication.
•As we know, if this is the case, the client has already sent its certificate to
the server.
•However, additionally, the client also needs to prove to the server that it is
the correct and authorized holder of the private key corresponding to the
certificate.
•For this purpose, in this optional step, the client combines the pre-master
secret with the random numbers exchanged by the client and the server
earlier (in Phase 1: Establish security capabilities) after hashing them
together using MD5 and SHA-1 and signs the result with its private key
Cryptography & Cyber Security Mrs. Kanchan Patil Department of Information Technology
•Phase 3: Client Authentication and Key Exchange
•Step 3- Certificate verify:
•It is necessary only if the server had demanded client authentication.
•As we know, if this is the case, the client has already sent its certificate to
the server.
•However, additionally, the client also needs to prove to the server that it is
the correct and authorized holder of the private key corresponding to the
certificate.
•For this purpose, in this optional step, the client combines the pre-master
secret with the random numbers exchanged by the client and the server
earlier (in Phase 1: Establish security capabilities) after hashing them
together using MD5 and SHA-1 and signs the result with its private key
Cryptography & Cyber Security Mrs. Kanchan Patil Department of Information Technology
SSL Handshake Protocol
•Phase 4: Finish
•The client initiates this fourth phase of the SSL handshake, which the server ends.
•This phase contains four steps.
•The first two messages are from the client: Change cipher specs, Finished.
•The server responds back with two identical messages: Change cipher specs,
Finished.
Cryptography & Cyber Security Mrs. Kanchan Patil Department of Information Technology
•Phase 4: Finish
•The client initiates this fourth phase of the SSL handshake, which the server ends.
•This phase contains four steps.
•The first two messages are from the client: Change cipher specs, Finished.
•The server responds back with two identical messages: Change cipher specs,
Finished.
Cryptography & Cyber Security Mrs. Kanchan Patil Department of Information Technology
SSL Handshake Protocol
•Phase 4: Finish
•Based on the pre-master secret that was created and sent by the
client in the Client key exchange message, both the client and the
server create a master secret.
•Before secure encryption or integrity verification can be performed on
records, the client and server need to generate shared secret
information known only to them.
•This value is a 48-byte quantity called the master secret.
•The master secret is used to generate keys and secrets for encryption
and MAC computations.
•The master secret is calculated after computing message digests of
the pre-master secret, client random and server random as shown in
figure
Cryptography & Cyber Security Mrs. Kanchan Patil Department of Information Technology
•Phase 4: Finish
•Based on the pre-master secret that was created and sent by the
client in the Client key exchange message, both the client and the
server create a master secret.
•Before secure encryption or integrity verification can be performed on
records, the client and server need to generate shared secret
information known only to them.
•This value is a 48-byte quantity called the master secret.
•The master secret is used to generate keys and secrets for encryption
and MAC computations.
•The master secret is calculated after computing message digests of
the pre-master secret, client random and server random as shown in
figure
Cryptography & Cyber Security Mrs. Kanchan Patil Department of Information Technology
SSL Handshake Protocol
•Phase 4: Finish
•Finally, the symmetric keys to be used by the client and the server are
generated.
Cryptography & Cyber Security Mrs. Kanchan Patil Department of Information Technology
•Phase 4: Finish
•Finally, the symmetric keys to be used by the client and the server are
generated.
Cryptography & Cyber Security Mrs. Kanchan Patil Department of Information Technology
SSL Handshake Protocol
•The key generation formula is as follows
•After this, the first step (Change cipher specs) is a confirmation from the
client that all is well from its end, which it strengthens with the Finished
message.
•The server sends identical messages to the client.
Cryptography & Cyber Security Mrs. Kanchan Patil Department of Information Technology
•The key generation formula is as follows
•After this, the first step (Change cipher specs) is a confirmation from the
client that all is well from its end, which it strengthens with the Finished
message.
•The server sends identical messages to the client.
Cryptography & Cyber Security Mrs. Kanchan Patil Department of Information Technology
SSL Change cipher spec Protocol
•It is upper layer SSL protocol
•It is simplest protocol
•It consists of single message which is 1 byte length and can have only one
value
•Unless Handshake Protocol is completed, the SSL record Output will be in a
pending state. After the handshake protocol, the Pending state is converted
into the current state.
•It is used for notification between the client and the server that the
subsequent packets are to be protected and transmitted based on the
newly negotiated cipher suite and key.
Cryptography & Cyber Security Mrs. Kanchan Patil Department of Information Technology
•It is upper layer SSL protocol
•It is simplest protocol
•It consists of single message which is 1 byte length and can have only one
value
•Unless Handshake Protocol is completed, the SSL record Output will be in a
pending state. After the handshake protocol, the Pending state is converted
into the current state.
•It is used for notification between the client and the server that the
subsequent packets are to be protected and transmitted based on the
newly negotiated cipher suite and key.
Cryptography & Cyber Security Mrs. Kanchan Patil Department of Information Technology
SSL Alert Protocol
•It is upper layer SSL protocol
•Enables the SSL client and server to send alert messages to each other.
•An alert message contains the alert severity level and a description.
•Each message in this protocol contains 2 bytes.
•The level is further classified into two parts:
•Level 1: Warning
•Level 2: Fatal Error
Cryptography & Cyber Security Mrs. Kanchan Patil Department of Information Technology
•It is upper layer SSL protocol
•Enables the SSL client and server to send alert messages to each other.
•An alert message contains the alert severity level and a description.
•Each message in this protocol contains 2 bytes.
•The level is further classified into two parts:
•Level 1: Warning
•Level 2: Fatal Error
Cryptography & Cyber Security Mrs. Kanchan Patil Department of Information Technology
SSL Alert Protocol
•Warning (level = 1):
•This Alert has no impact on the connection between sender and
receiver. Some of them are:
•Bad certificate: When the received certificate is corrupt.
•No certificate: When an appropriate certificate is not available.
•Certificate expired: When a certificate has expired.
•Certificate unknown: When some other unspecified issue arose in processing
the certificate, rendering it unacceptable.
•Close notify: It notifies that the sender will no longer send any messages in
the connection.
•Unsupported certificate: The type of certificate received is not supported.
•Certificate revoked: The certificate received is in revocation list.
Cryptography & Cyber Security Mrs. Kanchan Patil Department of Information Technology
•Warning (level = 1):
•This Alert has no impact on the connection between sender and
receiver. Some of them are:
•Bad certificate: When the received certificate is corrupt.
•No certificate: When an appropriate certificate is not available.
•Certificate expired: When a certificate has expired.
•Certificate unknown: When some other unspecified issue arose in processing
the certificate, rendering it unacceptable.
•Close notify: It notifies that the sender will no longer send any messages in
the connection.
•Unsupported certificate: The type of certificate received is not supported.
•Certificate revoked: The certificate received is in revocation list.
Cryptography & Cyber Security Mrs. Kanchan Patil Department of Information Technology
SSL Alert Protocol
•Fatal Error (level = 2):
•This Alert breaks the connection between sender and receiver.
•The connection will be stopped, cannot be resumed but can be restarted.
Some of them are :
•Handshake failure: When the sender is unable to negotiate an acceptable set
of security parameters given the options available.
•Decompression failure: When the decompression function receives improper
input.
•Illegal parameters: When a field is out of range or inconsistent with other
fields.
•Bad record MAC: When an incorrect MAC was received.
•Unexpected message: When an inappropriate message is received.
•The second byte in the Alert protocol describes the error.
Cryptography & Cyber Security Mrs. Kanchan Patil Department of Information Technology
•Fatal Error (level = 2):
•This Alert breaks the connection between sender and receiver.
•The connection will be stopped, cannot be resumed but can be restarted.
Some of them are :
•Handshake failure: When the sender is unable to negotiate an acceptable set
of security parameters given the options available.
•Decompression failure: When the decompression function receives improper
input.
•Illegal parameters: When a field is out of range or inconsistent with other
fields.
•Bad record MAC: When an incorrect MAC was received.
•Unexpected message: When an inappropriate message is received.
•The second byte in the Alert protocol describes the error.
Cryptography & Cyber Security Mrs. Kanchan Patil Department of Information Technology
SSL Record Protocol
•The SSL Record Protocol comes into the picture after the successful
handshake is completed between the client and the server.
•The SSL Record Protocol provides two services for SSL connections:
•Confidentiality: The Handshake Protocol defines a shared secret key that is
used for conventional encryption of SSL payloads.
•Message Integrity: The Handshake Protocol also defines a shared secret
key that is used to form a message authentication code (MAC)
Cryptography & Cyber Security Mrs. Kanchan Patil Department of Information Technology
•The SSL Record Protocol comes into the picture after the successful
handshake is completed between the client and the server.
•The SSL Record Protocol provides two services for SSL connections:
•Confidentiality: The Handshake Protocol defines a shared secret key that is
used for conventional encryption of SSL payloads.
•Message Integrity: The Handshake Protocol also defines a shared secret
key that is used to form a message authentication code (MAC)
Cryptography & Cyber Security Mrs. Kanchan Patil Department of Information Technology
SSL Record Protocol
•Figure indicates the overall operation
of the SSL Record Protocol.
•It takes an application message to be
transmitted, fragments the data into
manageable blocks, optionally
compresses the data, applies a MAC,
encrypts, adds a header, and
transmits the resulting unit in a TCP
segment.
•Received data are decrypted,
verified, decompressed, and
reassembled before being delivered
to higher-level users.
Cryptography & Cyber Security Mrs. Kanchan Patil Department of Information Technology
•Figure indicates the overall operation
of the SSL Record Protocol.
•It takes an application message to be
transmitted, fragments the data into
manageable blocks, optionally
compresses the data, applies a MAC,
encrypts, adds a header, and
transmits the resulting unit in a TCP
segment.
•Received data are decrypted,
verified, decompressed, and
reassembled before being delivered
to higher-level users.
Cryptography & Cyber Security Mrs. Kanchan Patil Department of Information Technology
SSL Record Protocol
•Fragmentation:
•Each upper-layer message is fragmented into blocks of 2^14 bytes
(16384 bytes) or less.
•Compression:
•It is optionally applied.
•Compression must be lossless and may not increase the content
length by more than 1024 bytes.
•Calculation of MAC (1/3):
•The next step in processing is to compute a message authentication
code over the compressed data.
•For this purpose, a shared secret key is used.
Cryptography & Cyber Security Mrs. Kanchan Patil Department of Information Technology
•Fragmentation:
•Each upper-layer message is fragmented into blocks of 2^14 bytes
(16384 bytes) or less.
•Compression:
•It is optionally applied.
•Compression must be lossless and may not increase the content
length by more than 1024 bytes.
•Calculation of MAC (1/3):
•The next step in processing is to compute a message authentication
code over the compressed data.
•For this purpose, a shared secret key is used.
Cryptography & Cyber Security Mrs. Kanchan Patil Department of Information Technology
SSL Record Protocol
•Calculation of MAC (2/3):
•The calculation is defined as a concatenation operation
•Where,
•MAC_write_secret = shared secret key
•hash = cryptographic hash algorithm (either MD5 or SHA-1)
•pad_1 = the byte 0x36 (0011 0110) repeated 48 times (384 bits)
for MD5 and 40 times (320 bits) for SHA-1
•pad_2 = the byte 0x5C (0101 1100) repeated 48 times for MD5 and
40 times for SHA-1
Cryptography & Cyber Security Mrs. Kanchan Patil Department of Information Technology
•Calculation of MAC (2/3):
•The calculation is defined as a concatenation operation
•Where,
•MAC_write_secret = shared secret key
•hash = cryptographic hash algorithm (either MD5 or SHA-1)
•pad_1 = the byte 0x36 (0011 0110) repeated 48 times (384 bits)
for MD5 and 40 times (320 bits) for SHA-1
•pad_2 = the byte 0x5C (0101 1100) repeated 48 times for MD5 and
40 times for SHA-1
Cryptography & Cyber Security Mrs. Kanchan Patil Department of Information Technology
SSL Record Protocol
•Calculation of MAC (3/3):
•The calculation is defined as a concatenation operation
•Where,
•seq_num = the sequence number for this message
•SSLCompressed.type = the higher-level protocol used to process
this fragment
•SSLCompressed.length = the length of the compressed fragment
•SSLCompressed.fragment = the compressed fragment (if
compression is not used, this is the plaintext fragment
Cryptography & Cyber Security Mrs. Kanchan Patil Department of Information Technology
•Calculation of MAC (3/3):
•The calculation is defined as a concatenation operation
•Where,
•seq_num = the sequence number for this message
•SSLCompressed.type = the higher-level protocol used to process
this fragment
•SSLCompressed.length = the length of the compressed fragment
•SSLCompressed.fragment = the compressed fragment (if
compression is not used, this is the plaintext fragment
Cryptography & Cyber Security Mrs. Kanchan Patil Department of Information Technology
SSL Record Protocol
•Encryption:
•Each upper-layer message is fragmented into blocks of 2^14 bytes (16384
bytes) or less.
•The compressed message plus the MAC are encrypted using symmetric
encryption established in handshake protocol.
•Encryption may not increase the content length by more than 1024 bytes,
so that the total length may not exceed 2^14 + 2048.
•The following encryption algorithms are permitted
Cryptography & Cyber Security Mrs. Kanchan Patil Department of Information Technology
•Encryption:
•Each upper-layer message is fragmented into blocks of 2^14 bytes (16384
bytes) or less.
•The compressed message plus the MAC are encrypted using symmetric
encryption established in handshake protocol.
•Encryption may not increase the content length by more than 1024 bytes,
so that the total length may not exceed 2^14 + 2048.
•The following encryption algorithms are permitted
Cryptography & Cyber Security Mrs. Kanchan Patil Department of Information Technology
SSL Record Protocol
•Append Header:
•The final step of SSL Record Protocol processing is to prepare a header
consisting of the following fields:
•Content Type (8 bits): The higher-layer protocol used to process the
enclosed fragment.
•Major Version (8 bits): Indicates major version of SSL in use. For
SSLv3, the value is 3.
•Minor Version (8 bits): Indicates minor version in use. For SSLv3, the
value is 0.
•Compressed Length (16 bits): The length in bytes of the plaintext
fragment (or compressed fragment if compression is used).
•The maximum value is 2^14 + 2048.
Cryptography & Cyber Security Mrs. Kanchan Patil Department of Information Technology
•Append Header:
•The final step of SSL Record Protocol processing is to prepare a header
consisting of the following fields:
•Content Type (8 bits): The higher-layer protocol used to process the
enclosed fragment.
•Major Version (8 bits): Indicates major version of SSL in use. For
SSLv3, the value is 3.
•Minor Version (8 bits): Indicates minor version in use. For SSLv3, the
value is 0.
•Compressed Length (16 bits): The length in bytes of the plaintext
fragment (or compressed fragment if compression is used).
•The maximum value is 2^14 + 2048.
Cryptography & Cyber Security Mrs. Kanchan Patil Department of Information Technology
References:
Cryptography & Cyber Security Mrs. Kanchan Patil Department of Information Technology
•Atul Kahate,”Cryptography and Network Security”, second edition, Tata
McGraw Hill
•William Stallings, “Cryptography and Network Security-Principles and
practice”
Cryptography & Cyber Security Mrs. Kanchan Patil Department of Information Technology
•Atul Kahate,”Cryptography and Network Security”, second edition, Tata
McGraw Hill
•William Stallings, “Cryptography and Network Security-Principles and
practice”
Categories
GeneralDownload
Download Slideshow Get the original presentation fileQuick Actions
Statistics
- Views 472
- Slides 38
- Favorites 1
- Age 255 days
Related Slideshows
22
Pray For The Peace Of Jerusalem and You Will Prosper
RodolfoMoralesMarcuc
30 views
26
Don_t_Waste_Your_Life_God.....powerpoint
chalobrido8
32 views
31
VILLASUR_FACTORS_TO_CONSIDER_IN_PLATING_SALAD_10-13.pdf
JaiJai148317
30 views
14
Fertility awareness methods for women in the society
Isaiah47
29 views
35
Chapter 5 Arithmetic Functions Computer Organisation and Architecture
RitikSharma297999
26 views
5
syakira bhasa inggris (1) (1).pptx.......
ourcommunity56
28 views