SSL/TLS Protocols and Handshake Process

ssl tls n.w
1 / 6
Embed
Share

Explore the evolution of SSL/TLS protocols, the goals of these cryptographic protocols, the two-phase handshake process to establish secure communication, and the record-layer protocol for encryption and authentication. Discover how SSL/TLS ensures secure transmission of sensitive information like credit card numbers over the internet.

  • SSL
  • TLS
  • Security
  • Encryption
  • Handshake
rayaanacharya
naka315 Follow

Uploaded on | 2 Views

Download Presentation

Please find below an Image/Link to download the presentation.

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author. If you encounter any issues during the download, it is possible that the publisher has removed the file from their server.

You are allowed to download the files provided on this website for personal or commercial use, subject to the condition that they are used lawfully. All files are the property of their respective owners.

Download Presentation

The content on the website is provided AS IS for your information and personal use only. It may not be sold, licensed, or shared on other websites without obtaining consent from the author.

E N D

Presentation Transcript

  1. SSL / TLS Slides by Prof. Jonathan Katz. Lightly edited by me.

  2. SSL/TLS How can you securely send your credit card number to Amazon? SSL/TLS Secure Socket Layer (Netscape, mid- 90s) Transport Layer Security TLS 1.0 (1999) TLS 1.2 (2008) TLS 1.3 (2018) Used by every web browser for https connections

  3. SSL/TLS Goals Understand (at a high level) a real-world crypto protocol Pull together everything learned in this course Not goals Understanding low-level details/implementation Defining or proving security

  4. SSL/TLS Two phases Handshake protocol Establish a shared key between two entities Record-layer protocol Use the shared key for secure communication

  5. Handshake protocol https://bank.com, NC pk, cert, NB Verify! c =Encpk(pmk) pkCA sk, pk, certCA Bank Macmk(transcript) mk = H(pmk, NC, NB) kC, k C, kS, k S = G(mk) pmk = Decsk(c) mk = H(pmk, NC, NB) kC, k C, kS, k S = G(mk) Verify! Macmk(transcript ) Verify!

  6. Record-layer protocol Parties now share kC, k C, kS, k S Client uses kC, k C to encrypt/authenticate all messages it sends Server uses kS, k S to encrypt/authenticate all messages it sends Prevents reflection attacks Sequence numbers prevent replay attacks

Related


Best Practices for Accessible PowerPoint Presentations

Best Practices for Accessible PowerPoint Presentations

gabrielius
Roughtime: Securing time for IoT devices

Roughtime: Securing time for IoT devices

jayda
Challenges in Standard QUIC Protocol Implementation

Challenges in Standard QUIC Protocol Implementation

azaiah
Enhancing Eduroam Security with New Standards and Practices

Enhancing Eduroam Security with New Standards and Practices

pippa
Modernizing Network Security with nQUIC Noise-Based Packet Protection

Modernizing Network Security with nQUIC Noise-Based Packet Protection

katarina
TLS v1.3: Enhancing Round-Trip Times and SSL Configuration

TLS v1.3: Enhancing Round-Trip Times and SSL Configuration

mohammed
Why CMPv2 and X.509 Certificates are Essential for Secured Communication in ONAP

Why CMPv2 and X.509 Certificates are Essential for Secured Communication in ONAP

clint
Performance of Post-Quantum Signatures: Analysis and Comparison

Performance of Post-Quantum Signatures: Analysis and Comparison

lucan
Transport Layer Security (TLS)

Transport Layer Security (TLS)

amabel
5G Use Case Proposal for Dublin Ericsson

5G Use Case Proposal for Dublin Ericsson

raina
Enhancing Security with Hardware Attestation in TLS

Enhancing Security with Hardware Attestation in TLS

alissa
A New Approach to TLS Inspection

A New Approach to TLS Inspection

aviend
DANE, DNSSEC, and TLS in Go6Lab

DANE, DNSSEC, and TLS in Go6Lab

kasz640
Automated Detection of SSL Vulnerabilities in Applications

Automated Detection of SSL Vulnerabilities in Applications

alve_ale
Upgrade Requirements, Challenges, and Solutions for Same-Server DoT Implementation

Upgrade Requirements, Challenges, and Solutions for Same-Server DoT Implementation

mbout
TLS/SSL: Security, Attacks, and TLS 1.3

TLS/SSL: Security, Attacks, and TLS 1.3

otts_oel
Transport Layer Security (TLS) and Secure Sockets Layer (SSL)

Transport Layer Security (TLS) and Secure Sockets Layer (SSL)

ambell
Network Monitoring Workshop - Incident Response Overview

Network Monitoring Workshop - Incident Response Overview

adalaid
TLS Freight Forwarding Pvt Ltd: Your Business Partner for Complete Logistics & Supply Chain Solutions

TLS Freight Forwarding Pvt Ltd: Your Business Partner for Complete Logistics & Supply Chain Solutions

rayl_9
Domain Names for Authoritative DNS Servers

Domain Names for Authoritative DNS Servers

asy_mar
Practical Aspects of Modern Cryptography: November 2016

Practical Aspects of Modern Cryptography: November 2016

stripling_d
Network Security Course Overview - INFSCI 1075 by Amir Masoumzadeh

Network Security Course Overview - INFSCI 1075 by Amir Masoumzadeh

caer131

More Related Content