Indian Institute of Technology Kharagpur

Basic Cryptographic Concepts

Part III

Prof. Indranil Sen Gupta

Dept. of Computer Science & Engg.
I.I.T. Kharagpur, INDIA

Lecture 34: Basic cryptographic concepts

– Part III
On completion, the student will be able to:
1. Explain the secure socket layer (SSL)
architecture and protocol.
2. Explain the IPSec protocol for providing IP
layer security.
3. Explain the secure HTTP protocol for
providing web security.

1
 Secure Socket Layer (SSL)

Secure Socket Layer (SSL)

• SSL was first used by Netscape.

¾To ensure security of data sent through
HTTP, LDAP or POP3.
• Uses TCP to provide reliable end-to-
end secure service.
• In general, SSL can be used for
secure data transfer for any network
service running over TCP/IP.

2
¾What is HTTP?
ƒ Protocol for communication between a web
browser and a web server.
¾What is LDAP?
ƒ An Internet directory service which is
typically used by email systems to find
more information about a user.
¾What is POP3?
ƒ A protocol using which email systems
retrieve mails from the mail server.

Application
HTTP LDAP POP3
Layer

SSL
Network
TCP/IP Layer

3
 ¾SSL Record Protocol provides basic
security services to various higher level
protocols.
ƒ HTTP can work on top of SSL, for
instance.
¾Almost all HTTP servers support SSL
sessions.
¾All popular browsers come with SSL-
enabled client software.

Basic Objectives of SSL

• The main objectives are:

¾Authenticate the client and server to
each other.
¾Ensure data integrity.
¾Ensure data privacy.
ƒ Required for both the protocol data
and also the application data.

4
 SSL Architecture

• SSL consists of two layers of protocols:

¾SSL Record Protocol
ƒ Ensures data security and integrity.
¾Protocols required to establish SSL
connection.
ƒ Three protocols used in this layer:
SSL Handshake Protocol
SSL ChangeCipherSpec Protocol
SSL Alert Protocol

SSL SSL SSL Application

Handshake ChangeCipherSpec Alert Protocol
Protocol Protocol Protocol (HTTP, etc.)

SSL Record Protocol

TCP

IP

5
 SSL Record Protocol

• Mainly responsible for data encryption and

integrity.
¾Also used to encapsulate data sent by
other higher level SSL protocols.
• Basic function:
¾Take an application message to be sent.
¾Fragment the application message data.
ƒ 16 Kbytes or smaller.
¾Encapsulate it with appropriate headers
and create an object called a record.
¾Encrypt the record and forward it to TCP.

Application Data

Fragments

Compressed data

MAC
Add MAC

Encrypt data
H: SSL record
TCP packet H header

6
 ¾SSL record header consists of:
ƒ Content type:
– identifies the type of payload (that is, the
higher level protocol being used)
ƒ Major version:
– for SSL 3.0, the value is 3.
ƒ Minor version:
– for SSL 3.0, the value is 0.
ƒ Compressed length:
– size of the compressed data in bytes.

The Higher Layer Protocols

• SSL Alert Protocol

¾Used to send session messages
associated with data exchange and
functioning of the protocol.
¾Each message consists of two bytes:
ƒ First byte is either 1 (warning) or 2 (fatal). If
“fatal”, the SSL session is terminated.
ƒ Second byte contains one of the defined
error codes.

7
• SSL ChangeCipherSpec Protocol
¾Consists of a single message that
carries the value of 1.
¾Purpose of this message is to cause the
pending session state to be established
as a fixed state.
ƒ Define the set of protocols to be used.
ƒ Must be sent from client to server, and vice
versa.

• SSL Handshake Protocol

¾Used to initiate a session between the
server and the client.
¾Within the application data, algorithms
and keys used for data encryption can
be negotiated.
¾Provides mutual authentication.
¾Process of negotiation divided into four
phases.

8
 ¾Client sends to the server
ƒ SSL version
ƒ Random (used to protect key exchange)
ƒ Session ID
ƒ CipherSuite
¾Server sends back
ƒ SSL version
ƒ Random (a different number is generated)
ƒ Session ID
ƒ CipherSuite

client certific
hello
Phase 1

ate
Phase 3

certific
he llo ate ver
server ificatio
n
client
key ex
c hange
ate
certific
c hange
key ex chang
server e ciph
Phase 2

er spe
t c
t’s cer
Phase 4

st clien
Reque finishe
d
ec
done her sp
server cha nge cip
d
finishe
CLIENT SERVER CLIENT SERVER

9
 Some SSL Based Services

• HTTPS
ƒ Port number 443
• LDAP
ƒ Port number 646
• SMTP
ƒ Port number 465
• POP3
ƒ Port number 995

Transport Layer Security (TLS)

• Extension of SSL.
• Aim is to provide security and data
integrity features at the transport
layer between two web applications.
• Supported my most web servers and
browsers today.

10
 Secure Shell (SSH)

Introduction

• Originally developed in 1995.

¾As a secure replacement for telnet, rlogin,
rcp, etc.
¾Allows port forwarding (tunneling over SSH)
¾Built-in support for proxies/firewalls.
• Widely used nowadays.

11
 SSHv1 Protocol

• The server uses two keys:

¾Long-term server identification key.
ƒ Binds the connection to the server.
ƒ 1024 bit RSA.
¾Short-term encryption key, changed
every hour.
ƒ Makes later recovery impossible.
ƒ Short-term keys are regenerated as a
background task.
ƒ 768 bit RSA.

• Multiple authentication mechanisms

¾Straight passwords (protected by SSH
encryption).
¾RSA based authentication.
ƒ Client decrypts a challenge from the server;
returns the hash to the server.
¾Plug-in mechanisms (biometrics,
smartcard, etc.).

12
 IP Security (IPSec)

Introduction

• Security built into the IP layer.

¾Provides host-to-host (or firewall-to-
firewall) encryption and authentication.
¾Required for IPv6, but optional for IPv4.
• Consists of two parts:
¾IPSec proper (for encryption and
authentication).
¾IPSec key management.

13
 IPSec

• Provides two modes of protection

¾Tunnel Mode
¾Transport Mode
• Authentication and Integrity
• Confidentiality
• Replay Protection

Tunnel Mode

• Encapsulates the entire IP packet

within IPSec protection.
• Tunnels can be created between
several different node types:
¾Firewall to firewall
¾Host to firewall
¾Host to host

14
 Transport Mode

• Encapsulates only the transport layer

information within IPSec protection.
• Can only be created between host
nodes.

Authentication and Integrity

• Verifies the origin of data.

• Assures that data sent is the data
received.
• Assures that the network headers
have not changed since the data was
sent.

15
 Confidentiality

• Encrypts data to protect against

eavesdropping.
• Can hide data source when
encryption is used over a tunnel.

Replay Prevention

• Causes retransmitted packets to be

dropped.

16
 Problems with IPSec

• Excessively complex and difficult to

use.
• Does now allow use of NAT.
• Routers need to be made IPSec
aware.

Secure HTTP (S-HTTP)

17
 Introduction

• An extension to the HTTP protocol to

support sending data securely over
the web.
• Difference from SSL:
¾SSL is designed to establish a secure
connection between two hosts.
¾s-HTTP is designed to send individual
messages securely.

Some Features

• Provides a variety of security

mechanisms to HTTP clients and
servers.
• Does not require client-side public
certificates (or public keys), as it
supports symmetric key-only operation
modes.
• Provides full flexibility of cryptographic
algorithms, modes and parameters.

18
 Point to Note

• s-HTTP and HTTPS are not the same.

• HTTPS is an alternative to s-HTTP.
¾HTTP runs on top of SSL or TSL for
secured transactions.

19
SOLUTIONS TO QUIZ
QUESTIONS ON
LECTURE 33

20
 Quiz Solutions on Lecture 33

1. For 10 parties communicating using RSA,

how many keys are required in total?

Twenty.

2. In public key cryptography, how are the

keys used for encryption applications?

The public key of the receiver is used for

encryption, and the private key of the
receiver is used for decryption.

Quiz Solutions on Lecture 33

3. In public key cryptography, how are the

keys used for authentication applications?

The private key of the sender is used for

encryption, and the public key of the
sender is used for decryption.

4. Which of the two is faster, RSA or DES?

DES is much faster as compared to RSA.

21
 Quiz Solutions on Lecture 33

5. On what factor does the security of the

RSA algorithm depend on?

On the difficulty of breaking a large number

into its prime factors.

6. Give an efficient algorithm to compute XY,

where X and Y are integers.

Consider the binary representation of Y.

Hint: X1011 = X8 . X2 . X1

QUIZ QUESTIONS ON
LECTURE 34

22
 Quiz Questions on Lecture 34

1. What is the basic purpose of SSL record

protocol?
2. What does SSL handshake protocol aim to
achieve?
3. What is the difference between tunnel mode
and transport mode in IPSec?
4. What is the difference in the functionalities
of SSL and s-HTTP?

23