SSL - Secure Socket Layer

TLS - Transport Layer Security

Bangladesh University of Professionals

1
Lt Col Md Jahangir Hossain
25 Feb 2022
 Outline
What is SSL
History of SSL
Benefits of SSL
Limitations of SSL
SSL components/architecture
SSL record protocol operation
SSL in real world
Digital signature
Digital Envelope
How SSL works
Attacks against SSL/TLS

2
 What is SSL (Secure Socket Layer)?

Secure Sockets Layer (SSL) is a standard security technology

for establishing an encrypted link between a server and a client
—typically a web server (website) and a browser, or a mail
server and a mail client (e.g., Outlook).

It is a cryptographic protocol used to ensure security of

information and telecommunication system.

Created in 1994 by Netscape, in collaboration with Bank of

America, MCI, Mastercard and Silicon Graphics, it
immediately became the standard to exchange data on the
Internet.

3
 SSL (Secure Socket Layer)
TCP: provides a reliable end-to-end service.
TCP & SSL: provides a reliable & secure end-to-end
service.
HTTPS: HTTP over SSL (or TLS-Transport Layer Security)
 Typically on port 443 (regular http on port 80)
Subsequently became Internet standard known as TLS

4
 SSL/TLS
SSL /TLS shows visitors that they can safely transmit sensitive
information to and from the server. It encrypts all the data transfers in
such a way that they can’t be unscrambled by third-parties such as
hackers and scammers
 SSL/TLS
You can identify whether a website is using SSL or not by looking
for a padlock icon or a green bar at the top of your browser. You
should be able to click on this icon to view the information on who
holds the certificate and to manage your SSL settings.
History of the Protocol
 Benefits of
TLS/SSL
TLS/SSL provides numerous benefits to clients and servers over
other methods of authentication, including:

•Improves security. By transmitting information over an

encrypted connection between the client and the server, this makes
it much harder for anyone to "listen in" on the communication
between both parties.

•Instills trust. Using an SSL TLS connection helps instill trust in

your site's visitors. Seeing that a website is using SSL/TLS gives
visitors who log in to your site a sense of security.

•Easily deployed. Traditionally, SSL certificates are purchased

from a certificate authority (CA) for a given time period.
 Security Achieved by SSL/TLS

Confidentiality
Encrypt data being sent between client and server, so that
passive wiretappers cannot read sensitive data.
Integrity Protection
Protect against modification of messages by an active
wiretapper.
Authentication
Verify that a peer is who they claim to be. Servers are
usually authenticated, and clients may be authenticated if
requested by servers

9
 How SSL Achieves Confidentiality
Create a secret key
Based on information generated by the client with a
secure random number generator
Use public keys to exchange the secret key
The server sends its public key to the client
The client encrypts the secret key with the server's public
key and sends it to the server
The server decrypts the secret key information with the
server’s private key
Encrypt and decrypt data with the secret key
The client and server use the negotiated algorithm

10
 How SSL Achieves Authentication
Optional
Protocol
If the client wants to authenticate the server, then they
follow the protocol in “Authentication with a Public Key
Certificate” with the client.
If the server wants to authenticate the client, then they
follow the protocol in “Authentication with a Public Key
Certificate” with the server.

11
 Limitations of TLS/SSL

There are a few limitations of using TLS/SSL, including:

Increased processor load
This is the most significant limitation of implementing as
TLS/SSL is CPU-intensive. As a result, performance varies when
you are using SSL/TLS. TLS uses the greatest resources while it
is setting up connections.
Administrative overhead
A TLS/SSL environment is complex and requires maintenance;
the system administrator must configure the system and manage
certificates.

12
 SSL components
 SSL Handshake Protocol
 Negotiation of security algorithms and parameters
 key exchange
 server authentication and optionally client authentication
 SSL Record Protocol
 fragmentation
 compression
 message authentication and integrity protection
 encryption
 SSL Alert Protocol
 error messages (fatal alerts and warnings)
 SSL Change Cipher Spec Protocol
 a single message that indicates the end of the SSL handshake

13
SSL Architecture
SSL Record Protocol Services
SSL Record Protocol provides two services.
Message integrity
using a MAC with a shared secret key
similar to HMAC but with different padding
hash functions: MD5, SHA-1
Message confidentiality
using symmetric encryption with a shared secret key
encryption algorithms: AES, IDEA, RC2-40, DES-40,
DES, 3DES, RC4-40, RC4-128
SSL Record Protocol Operation

≤ 214 bytes

(optional; default: null)

 SSL / TLS in the Real World

 The browser reads the site certificate; if it is signed by one

of the trusted certificate authorities (CA), browser accepts
the certificate as valid

 If the certificate is signed by some unknown certificate

authority, Browser will ask you if you want to trust the guy
who signed it

17
SSL / TLS in the Real World
SSL / TLS in the Real World
 SSL Implementation
 The secure web site includes a digital certificate signed by
some certificate authority (CA). The certificate includes
the server name, its public key, IP number, and an
expiration date. It is typically signed with a 1024 bit key by
the CA
 Certificate Authorities
 In cryptography, a certificate authority or certification
authority (CA) is an entity that issues digital certificates.

 A Digital Certificate (DC) or public key certificate is an

electronic document considered as a digital Identity that binds
a Public Key with an identity information such as the websites,
email address, name of a person or an organization, their
address, and so forth. A person can present a Digital Certificate
electronically to prove his/her identity or his right to
access information or services online.

21
Certificate
Authorities
(CA)

22
 Digital Signature

A digital signature is a mathematical technique used to validate the

authenticity and integrity of a message, software or digital
document i.e. proving that a message is effectively coming from a
given sender, much like a signature on a paper document.

When a signer electronically signs a document, the signature is

created using the signer's private key, which is always securely kept
by the signer. The mathematical algorithm acts like a cipher,
creating data matching the signed document, called a hash, and
encrypting that data.

23 Cont…..
 Digital Signature

24
Cont…..
 Objectives of Digital Signature
Authentication
Digital signatures can be used to authenticate the source of
messages.

Integrity
The sender and receiver of a message may have a need for
confidence that the message has not been altered during
transmission.

Non-repudiation
Non-repudiation or more specifically non-repudiation of origin, is
an important aspect of digital signatures. By this property, an
entity that has signed some information cannot later deny having
signed it.
25
Cont…..
 Objectives of Digital Signature
Also:
-Transparency
-Accountability
-Elimination of Intermediator
-Encouraging Citizens to exercise their Rights
-Secured electronic communications within judiciary

26
 Digital Envelope

A digital envelope is a secure electronic data container that is used

to protect a message through encryption and data authentication.
A digital envelope allows users to encrypt data with the speed of
secret key encryption and the convenience and security of public
key encryption. A digital envelope is also known as a digital
wrapper.

A digital envelope uses two layers for encryption: Secret

(symmetric) key and public key encryption.

Secret key encryption is used for message encoding and decoding.

Public key encryption is used to send a secret key to a receiving
party over a network.
27 Cont…..
 Creating Digital Envelope

28
 How SSL Works

SSL/TLS works by having both a private and a public key, as well

as session keys for every unique secure session.

During the initial connection, the public and private keys will be
used to create a session key, which will then be used to encrypt
and decrypt the data that’s being transferred. This session key will
remain valid for a limited time and only be used for that particular
session.
How SSL Works: the Handshake in Detail
 How SSL Works: the Handshake in Detail

1. ClientHello - The client asks the server to establish a

communication by sending, together with that
information, the version number of the supported SSL,
and the information on the private key encryption
algorithms supported by the client.

2. ServerHello - The server sends to the client the

identification number of the SSL protocol version
supported and the settings of the private key encryption
algorithms in use.

31 Cont…..
 How SSL Works: the Handshake in Detail
3. The client proceeds with the authentication of the server
by examining the provided certificate, checking that the CA
appears in the list of trusted CAs.

4. The server requests the certificate to the client for the

authentication.

5. The client sends the certificate to the server. If the server

is not able to authenticate it, then an encrypted SSL
connection cannot be established, instead if the
authentication is successful, then moves to the next phase.

32 Cont…..
 How SSL Works: the Handshake in Detail
6. ClientKeyExchange - The client creates a premaster
secret (session key) that can be used only for the present
exchange of information and data, it is encrypted with
the server's public key (contained in the server's
certificate), and it sends the encrypted session key to the
server.

7. If the server has requested authentication to the client

(optional step) the clients sends part of the data in this
session and digitally signs this data and sends it's
certificate together with the encrypted session key.
33 Cont…..
 How SSL Works: the Handshake in Detail
8. ChangeCipherSpec - Client and Server communicate
to each other that the data that will be exchanged in the
next phase will be encrypted with the session key
previously exchanged.

9. Finished - The server sends an encrypted message

indicating, on its behalf, the end of the handshake
session, the client consequently responds. The
handshake phase ends and the real SSL session
begins. The client and the server use the session key to
encrypt and decrypt the data that they mutually exchange
34
to validate the integrity.
 How SSL Works: the Handshake in Detail

35
Feature SSL TLS
Developed Netscape in 1995 Successor of SLL DEVELOPED by
by IETF in 1999
Version SSL1.0, SSL2.0, TLS1.0,TLS1.1,TLS1.2, TLS1.3
SSL3.0
Compatibilit Doesn't support TLS TLSv1.0 had a fallback mechanism
y
Browser Not supported by Most browser supports this protocol
Support present day browser
Speed It is faster Slower due to the 2-step communication
process of handshaking and data transfer
Starts with a secured Can start with unsecured communication
channel and continues and dynamically switch to a secured
directly to security channel based on the negotiation with the
negations on a other side
dedicated port
Widely supported in Supported and implemented on servers,
client-side application compared to end user devices
Cryptograph Message digest is used Pseu-random function is used to create
ic security to create master key master key
 Attacks against TLS/SSL
Renegotiation attack
Version rollback attacks
BEAST attack
CRIME
BREACH attacks
Padding attacks
Heartbleed Bug

37
 Renegotiation Attack
 Discovered in August 2009
 Plaintext injection attacks against SSL 3.0 and all current
versions of TLS.
 For example, it allows an attacker who can hijack an https
connection to add their own requests into the
conversation the client has with the web server.

38
 Version Rollback Attack
 An attacker may be able to influence the cipher suite
selection in an attempt to downgrade the cipher suite
strength, to use either a weaker symmetric encryption
algorithm or a weaker key exchange.
 Tricks the client and server into using older protocols or
insecure parameters for encrypting the information in
transit.

39
 Version Rollback Attack

Versionc=2.0, suitec, Nc

Server is fooled into thinking he Versions=2.0, suites, Ns,

is communicating with a client
who supports only SSL 2.0
sigca(S,Ks),
“ServerHelloDone”

C {Secretc}Ks
S

C and S end up communicating using SSL

2.0 (weaker earlier version of the protocol
that does not include “Finished” messages)
 BEAST Attack
 Browser Exploit Against SSL/TLS
 BEAST is an attack that exploits a vulnerability in the
Transport-Layer Security (TLS) 1.0 and older SSL
protocols, using the cipher block chaining (CBC) mode
encryption. It allows attackers to capture and decrypt
HTTPS client-server sessions and obtain
authentication tokens.

41
 CRIME Attack

 Compression Ratio Info-leak Made Easy (CRIME)

 CRIME is a security exploit against secret web cookies
over connections using the HTTPS protocols that also use
data compression.
 This is a side-channel attack on SSL/TLS that can be used
to predict sensitive information, such as the session
tokens, web cookies etc.

42
 BREACH Attack
 Browser Reconnaissance & Ex-filtration via Adaptive
Compression of Hypertext
 It allow an attacker to recover the content of web
cookies when data compression is used along with TLS.
When used to recover the content of secret authentication
cookies, it allows an attacker to perform session hijacking
on an authenticated web session.

43
 Padding Attack

 In cryptography, a padding oracle attack is an attack which

uses the padding validation of a cryptographic message to
decrypt the ciphertext.
 A novel variant, called the Lucky Thirteen attack, was
published in 2013.

44
 Heartbleed bug Attack
 The Heartbleed Bug is a serious vulnerability in the popular
OpenSSL cryptographic software library. This weakness allows
stealing the information protected, under normal conditions, by
the SSL/TLS encryption used to secure the data payloads.
 In short, a malicious user could easily trick a vulnerable web
server into sending sensitive information, including usernames
and passwords.

 The Heartbleed bug allows anyone on the Internet to read the

memory of the systems protected by the vulnerable versions of
the OpenSSL software. 

45
 Questions?

46
 Thank You

47