Network Security in CS 142 Lecture Notes
Explore essential topics in network security covered in CS 142 lecture notes, including SSL/TLS overview, HTTPS indicators, mixed content indicators, and more to enhance your understanding of secure communication protocols.
Download Presentation
Please find below an Image/Link to download the presentation.
The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.
You are allowed to download the files provided on this website for personal or commercial use, subject to the condition that they are used lawfully. All files are the property of their respective owners.
The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.
E N D
Presentation Transcript
Certificates CS 142 Lecture Notes: Network Security Slide 1
SSL/TLS Overview Browser Server client-hello server-hello + {server-cert}SKCA Key exchange (several options) Random key K client-key-exchange: {K}PKServer K {HTTP data}K Most common: only the server is authenticated CS 142 Lecture Notes: Network Security Slide 2
SSL Stripping Replace https:// with http:// Active Attacker HTTP request HTTP request Modified response HTTP response HTTP request HTTPS request HTTP response HTTPS response Browser Server Attacker opens HTTPS session, forwards requests and responses Attacker observes private info CS 142 Lecture Notes: Network Security Slide 3
HTTPS Indicators HTTP HTTPS Firefox 10 IE 8 Chrome 17 CS 142 Lecture Notes: Network Security Slide 4
Mixed Content Indicators Silly dialogs Firefox 10: no SSL indicator Chrome 17: caution sign IE 8: warning dialog, no SSL lock CS 142 Lecture Notes: Network Security Slide 5
