SlideShare una empresa de Scribd logo

SSL

Duy Do Phan
Duy Do Phan
1 de 17
Introduction SSL/TLS Nguyen Ngo, Ninh Khong
Agenda Introduction  Background • What ‘s SSL/TLS? • Cryptography Methods. • Where SSL/TLS Fit? • SSL Architecture HandShake Protocol • Client Hello. • Server Hello • Client Exchange Applications  Web and Mail  Other
INTRODUCTION
Background
What ‘s SSL/TLS? Transport Layer Security (TLS) and Its predecessor, Secure Sockets Layer (SSL), are cryptographic protocols that provide communication security over the Internet. TLS and SSL encrypt the segments of network connections above the Transport Layer.
Cryptography Methods • Key Exchange: Using Assymmetric Cryptography. • Privacy: Using Symmetric Cryptography. • Message Integrity: Using Message Authentication Codes (MAC).
Where SSL/TLS Fit? HTTP SMTP POP3 HTTPS SSMTP SPOP3 80 25 110 443 465 995 Secure Sockets Layer Transport Network Link
SSL Architecture
HandShake Protocol
Handshake Protocol 1 ClientHello 1 ServerHello 2 2 Client Certificate 3 Server 3 CertificateRequest 4 4 “ServerHelloDone” 5 5 6 Certificate 6 7 ClientKeyExchange 7 8 CertificateVerify 8 9 [ChangeCipherSpec] 9 10 Finished 10 [ChangeCipherSpec] 11 11 Finished 12 12
Client Hello (RFC) struct { TimeStamptimestamp; ProtocolVersion client_version; Random random; SessionID session_id; CipherSuite cipher_suites; CompressionMethod compression_methods; } ClientHello
Server Hello Client 1 C, Versionc, suitec, Nc 1 Server Versions, suites, Ns, 2 2 sigca(S,Ks), 3 3 “ ServerHelloDone” 4 4
Client Key Exchange Client 1 C, Versionc, suitec, Nc 1 Server Versions, suites, Ns, 2 2 sigca(S,Ks), 3 3 “ServerHelloDone” 4 4 5 {Secretc}Ks 5
Applications
Web and Mail • HTTPS • Secure Mail • SSMTP • SPOP3
Others • sTelnet • sTunnel • OpenSSH • SSLProxy • sFTP
THANK YOU

Recomendados

SSL/TLS
SSL/TLSSSL/TLS
SSL/TLSpavansmiles
 
SSL
SSLSSL
SSLtheekuchi
 
Securing TCP connections using SSL
Securing TCP connections using SSLSecuring TCP connections using SSL
Securing TCP connections using SSLSagar Mali
 
Ssl (Secure Sockets Layer)
Ssl (Secure Sockets Layer)Ssl (Secure Sockets Layer)
Ssl (Secure Sockets Layer)Asad Ali
 
Secure Socket Layer
Secure Socket LayerSecure Socket Layer
Secure Socket LayerAbhishek Gupta
 
SSL Secure socket layer
SSL Secure socket layerSSL Secure socket layer
SSL Secure socket layerAhmed Elnaggar
 
SSL overview
SSL overviewSSL overview
SSL overviewTodd Benson (I.T. SPECIALIST and I.T. SECURITY)
 
SSl/TLS Analysis
SSl/TLS AnalysisSSl/TLS Analysis
SSl/TLS AnalysisDuduman Bogdan Vlad
 

Recomendados

SSL/TLS
SSL/TLSSSL/TLS
SSL/TLSpavansmiles
 
SSL
SSLSSL
SSLtheekuchi
 
Securing TCP connections using SSL
Securing TCP connections using SSLSecuring TCP connections using SSL
Securing TCP connections using SSLSagar Mali
 
Ssl (Secure Sockets Layer)
Ssl (Secure Sockets Layer)Ssl (Secure Sockets Layer)
Ssl (Secure Sockets Layer)Asad Ali
 
Secure Socket Layer
Secure Socket LayerSecure Socket Layer
Secure Socket LayerAbhishek Gupta
 
SSL Secure socket layer
SSL Secure socket layerSSL Secure socket layer
SSL Secure socket layerAhmed Elnaggar
 
SSL overview
SSL overviewSSL overview
SSL overviewTodd Benson (I.T. SPECIALIST and I.T. SECURITY)
 
SSl/TLS Analysis
SSl/TLS AnalysisSSl/TLS Analysis
SSl/TLS AnalysisDuduman Bogdan Vlad
 
Introduction to SSL/TLS
Introduction to SSL/TLSIntroduction to SSL/TLS
Introduction to SSL/TLSkeithrozario
 
Ssl in a nutshell
Ssl in a nutshellSsl in a nutshell
Ssl in a nutshellFrank Kelly
 
Secure Socket Layer (SSL)
Secure Socket Layer (SSL)Secure Socket Layer (SSL)
Secure Socket Layer (SSL)amanchaurasia
 
secure socket layer
secure socket layersecure socket layer
secure socket layerAmar Shah
 
Basics of ssl
Basics of sslBasics of ssl
Basics of ssln|u - The Open Security Community
 
Secure Socket Layer (SSL)
Secure Socket Layer (SSL)Secure Socket Layer (SSL)
Secure Socket Layer (SSL)Samip jain
 
SSL/TLS 101
SSL/TLS 101SSL/TLS 101
SSL/TLS 101Chul-Woong Yang
 
Introduction to SSL and How to Exploit & Secure
Introduction to SSL and How to Exploit & SecureIntroduction to SSL and How to Exploit & Secure
Introduction to SSL and How to Exploit & SecureBrian Ritchie
 
What is SSL ? The Secure Sockets Layer (SSL) Protocol
What is SSL ? The Secure Sockets Layer (SSL) ProtocolWhat is SSL ? The Secure Sockets Layer (SSL) Protocol
What is SSL ? The Secure Sockets Layer (SSL) ProtocolMohammed Adam
 
PPT ON WEB SECURITY BY MONODIP SINGHA ROY
PPT ON WEB SECURITY BY MONODIP SINGHA ROYPPT ON WEB SECURITY BY MONODIP SINGHA ROY
PPT ON WEB SECURITY BY MONODIP SINGHA ROYMonodip Singha Roy
 
Secure Socket Layer
Secure Socket LayerSecure Socket Layer
Secure Socket LayerNaveen Kumar
 
Secure socket layer
Secure socket layerSecure socket layer
Secure socket layerNishant Pahad
 
Transport Layer Security (TLS)
Transport Layer Security (TLS)Transport Layer Security (TLS)
Transport Layer Security (TLS)Arun Shukla
 
SSL
SSLSSL
SSLBadrul Alam bulon
 
SSL/TLS Introduction with Practical Examples Including Wireshark Captures
SSL/TLS Introduction with Practical Examples Including Wireshark CapturesSSL/TLS Introduction with Practical Examples Including Wireshark Captures
SSL/TLS Introduction with Practical Examples Including Wireshark CapturesJaroslavChmurny
 
SSL/TLS
SSL/TLSSSL/TLS
SSL/TLSSirish Kumar
 
Secure Socket Layer
Secure Socket LayerSecure Socket Layer
Secure Socket LayerPina Parmar
 
Sniffing SSL Traffic
Sniffing SSL TrafficSniffing SSL Traffic
Sniffing SSL Trafficdkaya
 
SSL/TLS
SSL/TLSSSL/TLS
SSL/TLSDr Anjan Krishnamurthy
 
OpenSSL
OpenSSLOpenSSL
OpenSSLTimbal Mayank
 
BlackBerry Basic
BlackBerry BasicBlackBerry Basic
BlackBerry BasicDuy Do Phan
 
WCF
WCFWCF
WCFDuy Do Phan
 

Más contenido relacionado

La actualidad más candente

Introduction to SSL/TLS
Introduction to SSL/TLSIntroduction to SSL/TLS
Introduction to SSL/TLSkeithrozario
 
Ssl in a nutshell
Ssl in a nutshellSsl in a nutshell
Ssl in a nutshellFrank Kelly
 
Secure Socket Layer (SSL)
Secure Socket Layer (SSL)Secure Socket Layer (SSL)
Secure Socket Layer (SSL)amanchaurasia
 
secure socket layer
secure socket layersecure socket layer
secure socket layerAmar Shah
 
Secure Socket Layer (SSL)
Secure Socket Layer (SSL)Secure Socket Layer (SSL)
Secure Socket Layer (SSL)Samip jain
 
Introduction to SSL and How to Exploit & Secure
Introduction to SSL and How to Exploit & SecureIntroduction to SSL and How to Exploit & Secure
Introduction to SSL and How to Exploit & SecureBrian Ritchie
 
What is SSL ? The Secure Sockets Layer (SSL) Protocol
What is SSL ? The Secure Sockets Layer (SSL) ProtocolWhat is SSL ? The Secure Sockets Layer (SSL) Protocol
What is SSL ? The Secure Sockets Layer (SSL) ProtocolMohammed Adam
 
PPT ON WEB SECURITY BY MONODIP SINGHA ROY
PPT ON WEB SECURITY BY MONODIP SINGHA ROYPPT ON WEB SECURITY BY MONODIP SINGHA ROY
PPT ON WEB SECURITY BY MONODIP SINGHA ROYMonodip Singha Roy
 
Secure Socket Layer
Secure Socket LayerSecure Socket Layer
Secure Socket LayerNaveen Kumar
 
Transport Layer Security (TLS)
Transport Layer Security (TLS)Transport Layer Security (TLS)
Transport Layer Security (TLS)Arun Shukla
 
SSL/TLS Introduction with Practical Examples Including Wireshark Captures
SSL/TLS Introduction with Practical Examples Including Wireshark CapturesSSL/TLS Introduction with Practical Examples Including Wireshark Captures
SSL/TLS Introduction with Practical Examples Including Wireshark CapturesJaroslavChmurny
 
Secure Socket Layer
Secure Socket LayerSecure Socket Layer
Secure Socket LayerPina Parmar
 
Sniffing SSL Traffic
Sniffing SSL TrafficSniffing SSL Traffic
Sniffing SSL Trafficdkaya
 

La actualidad más candente (20)

Introduction to SSL/TLS
Introduction to SSL/TLSIntroduction to SSL/TLS
Introduction to SSL/TLS
 
Ssl in a nutshell
Ssl in a nutshellSsl in a nutshell
Ssl in a nutshell
 
Secure Socket Layer (SSL)
Secure Socket Layer (SSL)Secure Socket Layer (SSL)
Secure Socket Layer (SSL)
 
secure socket layer
secure socket layersecure socket layer
secure socket layer
 
Basics of ssl
Basics of sslBasics of ssl
Basics of ssl
 
Secure Socket Layer (SSL)
Secure Socket Layer (SSL)Secure Socket Layer (SSL)
Secure Socket Layer (SSL)
 
SSL/TLS 101
SSL/TLS 101SSL/TLS 101
SSL/TLS 101
 
Introduction to SSL and How to Exploit & Secure
Introduction to SSL and How to Exploit & SecureIntroduction to SSL and How to Exploit & Secure
Introduction to SSL and How to Exploit & Secure
 
What is SSL ? The Secure Sockets Layer (SSL) Protocol
What is SSL ? The Secure Sockets Layer (SSL) ProtocolWhat is SSL ? The Secure Sockets Layer (SSL) Protocol
What is SSL ? The Secure Sockets Layer (SSL) Protocol
 
PPT ON WEB SECURITY BY MONODIP SINGHA ROY
PPT ON WEB SECURITY BY MONODIP SINGHA ROYPPT ON WEB SECURITY BY MONODIP SINGHA ROY
PPT ON WEB SECURITY BY MONODIP SINGHA ROY
 
Secure Socket Layer
Secure Socket LayerSecure Socket Layer
Secure Socket Layer
 
Secure socket layer
Secure socket layerSecure socket layer
Secure socket layer
 
Transport Layer Security (TLS)
Transport Layer Security (TLS)Transport Layer Security (TLS)
Transport Layer Security (TLS)
 
SSL
SSLSSL
SSL
 
SSL/TLS Introduction with Practical Examples Including Wireshark Captures
SSL/TLS Introduction with Practical Examples Including Wireshark CapturesSSL/TLS Introduction with Practical Examples Including Wireshark Captures
SSL/TLS Introduction with Practical Examples Including Wireshark Captures
 
SSL/TLS
SSL/TLSSSL/TLS
SSL/TLS
 
Secure Socket Layer
Secure Socket LayerSecure Socket Layer
Secure Socket Layer
 
Sniffing SSL Traffic
Sniffing SSL TrafficSniffing SSL Traffic
Sniffing SSL Traffic
 
SSL/TLS
SSL/TLSSSL/TLS
SSL/TLS
 
OpenSSL
OpenSSLOpenSSL
OpenSSL
 

Destacado

BlackBerry Basic
BlackBerry BasicBlackBerry Basic
BlackBerry BasicDuy Do Phan
 
SECURE SOCKET LAYER ( WEB SECURITY )
SECURE SOCKET LAYER ( WEB SECURITY )SECURE SOCKET LAYER ( WEB SECURITY )
SECURE SOCKET LAYER ( WEB SECURITY )Monodip Singha Roy
 
Twitter Bootstrap Presentation
Twitter Bootstrap PresentationTwitter Bootstrap Presentation
Twitter Bootstrap PresentationDuy Do Phan
 
Strong Authentication with PKI
Strong Authentication with PKIStrong Authentication with PKI
Strong Authentication with PKISylvain Maret
 
Cryptography101
Cryptography101Cryptography101
Cryptography101NCC Group
 
Identité Numérique et Authentification Forte
Identité Numérique et Authentification ForteIdentité Numérique et Authentification Forte
Identité Numérique et Authentification ForteSylvain Maret
 
Work life balance
Work life balanceWork life balance
Work life balanceDuy Do Phan
 
Work life balance issues- How to deal with it.
Work life balance issues- How to deal with it.Work life balance issues- How to deal with it.
Work life balance issues- How to deal with it.Sandipan Samaddar
 

Destacado (13)

BlackBerry Basic
BlackBerry BasicBlackBerry Basic
BlackBerry Basic
 
WCF
WCFWCF
WCF
 
SSL TSL;& SET
SSL TSL;& SETSSL TSL;& SET
SSL TSL;& SET
 
SECURE SOCKET LAYER ( WEB SECURITY )
SECURE SOCKET LAYER ( WEB SECURITY )SECURE SOCKET LAYER ( WEB SECURITY )
SECURE SOCKET LAYER ( WEB SECURITY )
 
Twitter Bootstrap Presentation
Twitter Bootstrap PresentationTwitter Bootstrap Presentation
Twitter Bootstrap Presentation
 
Strong Authentication with PKI
Strong Authentication with PKIStrong Authentication with PKI
Strong Authentication with PKI
 
SSL TLS Protocol
SSL TLS ProtocolSSL TLS Protocol
SSL TLS Protocol
 
PCI DSS
PCI DSSPCI DSS
PCI DSS
 
Cryptography101
Cryptography101Cryptography101
Cryptography101
 
Identité Numérique et Authentification Forte
Identité Numérique et Authentification ForteIdentité Numérique et Authentification Forte
Identité Numérique et Authentification Forte
 
Pki for dummies
Pki for dummiesPki for dummies
Pki for dummies
 
Work life balance
Work life balanceWork life balance
Work life balance
 
Work life balance issues- How to deal with it.
Work life balance issues- How to deal with it.Work life balance issues- How to deal with it.
Work life balance issues- How to deal with it.
 

Similar a SSL

03-SSL (1).ppt03-SSL (1).ppt03-SSL (1).ppt03-SSL (1).ppt03-SSL (1).ppt03-SSL ...
03-SSL (1).ppt03-SSL (1).ppt03-SSL (1).ppt03-SSL (1).ppt03-SSL (1).ppt03-SSL ...03-SSL (1).ppt03-SSL (1).ppt03-SSL (1).ppt03-SSL (1).ppt03-SSL (1).ppt03-SSL ...
03-SSL (1).ppt03-SSL (1).ppt03-SSL (1).ppt03-SSL (1).ppt03-SSL (1).ppt03-SSL ...ghorilemin
 
this is ppt this is ppt this is ppt this is ppt
this is ppt this is ppt this is ppt this is pptthis is ppt this is ppt this is ppt this is ppt
this is ppt this is ppt this is ppt this is pptghorilemin
 
TLS/SSL Protocol Design
TLS/SSL Protocol DesignTLS/SSL Protocol Design
TLS/SSL Protocol DesignNate Lawson
 
Webinar SSL English
Webinar SSL EnglishWebinar SSL English
Webinar SSL EnglishSSL247®
 
IBM MQ V8 Security: Latest Features Deep-Dive
IBM MQ V8 Security: Latest Features Deep-DiveIBM MQ V8 Security: Latest Features Deep-Dive
IBM MQ V8 Security: Latest Features Deep-DiveMorag Hughson
 
8.SSL encryption.ppt
8.SSL encryption.ppt8.SSL encryption.ppt
8.SSL encryption.pptNoName261177
 
Kerberos presentation
Kerberos presentationKerberos presentation
Kerberos presentationChris Geier
 
SPS Ozarks 2012: Kerberos Survival Guide
SPS Ozarks 2012: Kerberos Survival GuideSPS Ozarks 2012: Kerberos Survival Guide
SPS Ozarks 2012: Kerberos Survival GuideJ.D. Wade
 
Rakesh raj
Rakesh rajRakesh raj
Rakesh rajDBNCOET
 
All you need to know about transport layer security
All you need to know about transport layer securityAll you need to know about transport layer security
All you need to know about transport layer securityMaarten Smeets
 

Similar a SSL (20)

03-SSL (1).ppt
03-SSL (1).ppt03-SSL (1).ppt
03-SSL (1).ppt
 
03-SSL (2).ppt
03-SSL (2).ppt03-SSL (2).ppt
03-SSL (2).ppt
 
03-SSL (1).ppt03-SSL (1).ppt03-SSL (1).ppt03-SSL (1).ppt03-SSL (1).ppt03-SSL ...
03-SSL (1).ppt03-SSL (1).ppt03-SSL (1).ppt03-SSL (1).ppt03-SSL (1).ppt03-SSL ...03-SSL (1).ppt03-SSL (1).ppt03-SSL (1).ppt03-SSL (1).ppt03-SSL (1).ppt03-SSL ...
03-SSL (1).ppt03-SSL (1).ppt03-SSL (1).ppt03-SSL (1).ppt03-SSL (1).ppt03-SSL ...
 
this is ppt this is ppt this is ppt this is ppt
this is ppt this is ppt this is ppt this is pptthis is ppt this is ppt this is ppt this is ppt
this is ppt this is ppt this is ppt this is ppt
 
SIP over TLS
SIP over TLSSIP over TLS
SIP over TLS
 
The last picks
The last picksThe last picks
The last picks
 
TLS/SSL Protocol Design
TLS/SSL Protocol DesignTLS/SSL Protocol Design
TLS/SSL Protocol Design
 
Webinar SSL English
Webinar SSL EnglishWebinar SSL English
Webinar SSL English
 
IBM MQ V8 Security: Latest Features Deep-Dive
IBM MQ V8 Security: Latest Features Deep-DiveIBM MQ V8 Security: Latest Features Deep-Dive
IBM MQ V8 Security: Latest Features Deep-Dive
 
8.SSL encryption.ppt
8.SSL encryption.ppt8.SSL encryption.ppt
8.SSL encryption.ppt
 
Kerberos presentation
Kerberos presentationKerberos presentation
Kerberos presentation
 
fengmei.ppt
fengmei.pptfengmei.ppt
fengmei.ppt
 
fengmei.ppt
fengmei.pptfengmei.ppt
fengmei.ppt
 
Deep Dive In To Kerberos
Deep Dive In To KerberosDeep Dive In To Kerberos
Deep Dive In To Kerberos
 
SPS Ozarks 2012: Kerberos Survival Guide
SPS Ozarks 2012: Kerberos Survival GuideSPS Ozarks 2012: Kerberos Survival Guide
SPS Ozarks 2012: Kerberos Survival Guide
 
Rakesh raj
Rakesh rajRakesh raj
Rakesh raj
 
All you need to know about transport layer security
All you need to know about transport layer securityAll you need to know about transport layer security
All you need to know about transport layer security
 
CRYPTOGRAPHY AND NETWORK SECURITY- Transport-level Security
CRYPTOGRAPHY AND NETWORK SECURITY- Transport-level SecurityCRYPTOGRAPHY AND NETWORK SECURITY- Transport-level Security
CRYPTOGRAPHY AND NETWORK SECURITY- Transport-level Security
 
kerberos
kerberoskerberos
kerberos
 
SSL Demystified
SSL DemystifiedSSL Demystified
SSL Demystified
 

Más de Duy Do Phan

Location based AR & how it works
Location based AR & how it worksLocation based AR & how it works
Location based AR & how it worksDuy Do Phan
 
Linux Introduction
Linux IntroductionLinux Introduction
Linux IntroductionDuy Do Phan
 
Cryptography Fundamentals
Cryptography FundamentalsCryptography Fundamentals
Cryptography FundamentalsDuy Do Phan
 
Android Programming Basic
Android Programming BasicAndroid Programming Basic
Android Programming BasicDuy Do Phan
 
SMS-SMPP-Concepts
SMS-SMPP-ConceptsSMS-SMPP-Concepts
SMS-SMPP-ConceptsDuy Do Phan
 
One minute manager
One minute managerOne minute manager
One minute managerDuy Do Phan
 

Más de Duy Do Phan (8)

Location based AR & how it works
Location based AR & how it worksLocation based AR & how it works
Location based AR & how it works
 
Linux Introduction
Linux IntroductionLinux Introduction
Linux Introduction
 
Iso8583
Iso8583Iso8583
Iso8583
 
Cryptography Fundamentals
Cryptography FundamentalsCryptography Fundamentals
Cryptography Fundamentals
 
Android Programming Basic
Android Programming BasicAndroid Programming Basic
Android Programming Basic
 
iOS Basic
iOS BasiciOS Basic
iOS Basic
 
SMS-SMPP-Concepts
SMS-SMPP-ConceptsSMS-SMPP-Concepts
SMS-SMPP-Concepts
 
One minute manager
One minute managerOne minute manager
One minute manager
 

SSL

  • 1. Introduction SSL/TLS Nguyen Ngo, Ninh Khong
  • 2. Agenda Introduction  Background • What ‘s SSL/TLS? • Cryptography Methods. • Where SSL/TLS Fit? • SSL Architecture HandShake Protocol • Client Hello. • Server Hello • Client Exchange Applications  Web and Mail  Other
  • 5. What ‘s SSL/TLS? Transport Layer Security (TLS) and Its predecessor, Secure Sockets Layer (SSL), are cryptographic protocols that provide communication security over the Internet. TLS and SSL encrypt the segments of network connections above the Transport Layer.
  • 6. Cryptography Methods • Key Exchange: Using Assymmetric Cryptography. • Privacy: Using Symmetric Cryptography. • Message Integrity: Using Message Authentication Codes (MAC).
  • 7. Where SSL/TLS Fit? HTTP SMTP POP3 HTTPS SSMTP SPOP3 80 25 110 443 465 995 Secure Sockets Layer Transport Network Link
  • 9. HandShake Protocol
  • 10. Handshake Protocol 1 ClientHello 1 ServerHello 2 2 Client Certificate 3 Server 3 CertificateRequest 4 4 “ServerHelloDone” 5 5 6 Certificate 6 7 ClientKeyExchange 7 8 CertificateVerify 8 9 [ChangeCipherSpec] 9 10 Finished 10 [ChangeCipherSpec] 11 11 Finished 12 12
  • 11. Client Hello (RFC) struct { TimeStamptimestamp; ProtocolVersion client_version; Random random; SessionID session_id; CipherSuite cipher_suites; CompressionMethod compression_methods; } ClientHello
  • 12. Server Hello Client 1 C, Versionc, suitec, Nc 1 Server Versions, suites, Ns, 2 2 sigca(S,Ks), 3 3 “ ServerHelloDone” 4 4
  • 13. Client Key Exchange Client 1 C, Versionc, suitec, Nc 1 Server Versions, suites, Ns, 2 2 sigca(S,Ks), 3 3 “ServerHelloDone” 4 4 5 {Secretc}Ks 5
  • 15. Web and Mail • HTTPS • Secure Mail • SSMTP • SPOP3
  • 16. Others • sTelnet • sTunnel • OpenSSH • SSLProxy • sFTP

Notas del editor

  1. Section divider 1
  2. Slide text 2
  3. Section divider 1
  4. Section divider 1
  5. Section divider 1
  6. Section divider 2