CHAPTER 5:

TRANSPORT-LEVEL SECURITY.

1
  Web Security considerations
2
 Secure socket layer and transport layer security
 Transport layer security
 HTTPs
 Secure Shell (SSH)

These slides are based on Willian Stallings’s book “Network Security Essentials:
Applications and Standards (Fourth edition)”
3 Web Security Considerations:
 Web security is fundamentally a client/server application running over the
internet and TCP/IP intranets.
 ‘’Web security ,also known as Cyber Security ‘’ Involves protecting that
information by preventing, detecting and responding to attacks.
 The WEB is a highly visible outlet for corporate and product information and
as the platform for business transactions.
 Complex software hide many security flaws.
 Web servers are easy to configure and manage.
 Users are not aware of the risks
4 Web security Threats:
 Security threats faced in using the web
1. One way –Active attacks and Passive attacks
 Passive attacks include eavesdropping on network traffic between
browser and server and gaining access to information on a web site that
is supposed to be restricted.
 Active attacks include impersonating another user, altering messages in
transit between client and server, and altering information on a Web site.
2. Another way :classify location of the threat e.g. web server, web browser,
and network traffic between browser and server. Issues of server and
browser security fall into the category of computer system security
 5 Web Traffic Security Approaches:
 Web security provide to use IP security (IP Sec) .
 The advantage of using IPSec is that it is transparent to end users and applications and
provides a general purpose solution.
 Ipsec includes a filtering capability so that only selected traffic need incur the overhead
of Ipsec processing.
 Another relatively general-purpose solution is to implement security just above
TCP .The foremost example of this approach is Secure Sockets Layer(SSL) and Transport
Layer Security(TLS).
 SSL or TLS could be provided protocol suite
 SSL can be embedded in specific packages
 Comparison of threats on the Web:
6
 Relative location of Security facilities
7
in the TCP/IP STACK:

 PGP-used to send message confidentially

 Kerberos-computer network authentication protocol
 Secure Electronic Transaction(SET) i.e. digital signature transaction
8
Secure Socket Layer(SSL) and
Transport Layer Security:
 SSL was originated by [Link].3 was designed with public review and
input from industry was published as an internet draft document.
Subsequently, when a consensus was reached to submit the protocol for
Internet standardization, the TLS working group was formed within IETF to
develop a common standard.
 This first published version of TLS can be viewed as essentially an
 SSLv3.1 and is very close to and backward compatible with SSLv3.
 Below we are to discuss the principle differences between TLS and SSLv3
 9 SSL Architecture:
 Secure Sockets Layer(SSL) is a
computer networking protocol for
securing connections between
network application clients and
servers over insecure network, such
as the internet.
 SSL is designed to make use of TCP
to provide reliable end to end secure
service.
 SSL is not a single layer protocol but
rather 2 layers of protocols
 The three higher layer protocols
(handshake, change cipher spec and
Alert ) of SSL is used in the
management of SSL exchanges.
10 The two important concepts of SSL
Connection are:
 A connection is a transport (in the OSI layering model definition) that provides a suitable
type of service. For SSL, such connections are peer-to-peer relationships. The
connections are transient. Every connection is associated with one session.
Session
 An SSL session is an association between a client and a server. Sessions are created by
handshake protocol. Sessions are used to avoid the expensive negotiation of new
security parameters.
11 SSL record protocol:
 Provides basic security services to various higher level protocols
 HTTP
 Handshake protocol
 Change Cipher Spec Protocol
 Alert Protocol
 Provides 2 services for SSL connections
Confidentiality : handshake protocol that defines a shared secret key that is used
for conventional encryption of SSL payloads.
Message integrity: handshake protocol also defines a shared secret key used to
form a message authentication code(MAC)
 12
SSL Record protocol operation:
 The SSL Record Protocol takes an
application message to be
transmitted, fragments the data into
manageable blocks, optionally
compresses the data, applies a MAC,
encrypts, adds a header, and
transmits the resulting unit in a TCP
segment.
 Received data are decrypted,
verified, decompressed, and
reassembled before being delivered
to higher-level users.
13 SSL Record protocol operation:
1. The first step is fragmentation ,Each upper-layer message is fragmented into
blocks of 214 bytes (16384 bytes) or less.
2. Next, compression is optionally applied. Compression must be lossless and
may not increase the content length by more than 1024 bytes. In SSLv3 (as
well as the current version of TLS),no compression algorithm is specified, so
the default compression algorithm is null.
3. The next step in processing is to compute a message authentication code
(MAC) over the compressed data. For this purpose, a shared secret key is
used.
4. The compression msg+ MAC are encrypted using symmetric encryption
5. [Link] is to prepare a header consisting of the following fields as below
 14
SSL Record format:
 Content type(8bits)-used to process
the enclosed fragment.
 Major version(8bits)-indicates the
major version of SSL in use for SSLv3
the version is 3.
 Minor version(8bits)-indicates the
minor version of SSL for SSLv3 the
value is 0.
 Compressed length(16bits)- the
length of the bytes of plain text
fragment or compressed fragment if
compression is used.
15 Change Cipher Spec protocol:
 The Change Cipher Spec Protocol is one of the three SSL-specific protocols
that use the SSL Record Protocol, and it is the simplest. This protocol
consists of a single message , which consists of a single byte with the value
1. The sole purpose of this message is to cause the pending state to be
copied into the current state, which updates the cipher suite to be used on
this connection.
16
Alert protocol:
 The Alert Protocol is used to convey SSL-related alerts to the peer entity. As
with other applications that use SSL, alert messages are compressed and
encrypted, as specified by the current state.
 Each message in this protocol consists of two bytes
 The first byte takes the value warning (1) or fatal (2) to convey the severity of
the message.
 If the level is fatal, SSL immediately terminates the connection. Other
connections on the same session may continue, but no new connections on
this session may be established.
17
Alert protocol cont’d:
The second byte contains a code that indicates the specific alert. First, we list
those alerts that are always fatal (definitions from the SSL specification):
 unexpected message: An inappropriate message was received.
 bad_record_mac: An incorrect MAC was received.
 decompression failure: The decompression function received improper
 input (e.g., unable to decompress or decompress to greater than maximum
 allowable length).
 handshake failure: Sender was unable to negotiate an acceptable set of
 security parameters given the options available.
 illegal parameter: A field in a handshake message was out of range or
 inconsistent with other fields.
18 Handshake protocol:
 The most complex part of SSL is the Handshake Protocol. This protocol allows
the server and client to authenticate each other and to negotiate an
encryption and MAC algorithm and cryptographic keys to be used to protect
data sent in an SSL record.
 The Handshake Protocol is used before any application data is transmitted.
 The Handshake Protocol consists of a series of messages exchanged by client
and server.
19
20 The exchange can be viewed as
having four phases.
 Phase 1. establish security caPabilities
 Phase 2. server authentication and Key exchange
 Phase 3. client authentication and Key exchange
 Phase 4. Finish
 Handshake protocol:
21
 22 HTTPS:
 HTTPS (HTTP over SSL)
o Combination of HTTP & SSL/TLS to secure communications between browser & server
 Built into all modern Web browsers
 Depends on the Web server supporting HTTPS communication.

 Use https:// URL rather than http://

o And port 443 rather than 80
 Encrypts
o URL, document contents, form data, cookies, HTTP headers
 23 HTTPS Use:
 connection initiation
o TLS handshake is first done
 HTTP client (browser) acts as TLS client
o After the handshake HTTP request(s) are sent and then responded by the server
• Actually all HTTP data should be sent through TLS record protocol
 connection closure
o have “Connection: close” in HTTP record
o TLS level exchange close_notify alerts
o can then close TCP connection
o must handle TCP close before alert exchange sent or completed
 24
Secure Shell (SSH):
 Protocol for secure network communications
designed for simplicity, easy to implement.
 SSH1 provided secure remote logon facility
 replace TELNET & other insecure
schemes
 SSH2 fixes a number of security flaws
 Documented in RFCs 4250 through 4254
 SSH provides general client/server capability:
TCP
can be used for network functions, e.g., file
transfer, e-mail IP
 SSH client and server applications widely
available for most OSs
SSH Protocol
 Has become method of choice for remote Stack
login, X tunneling
 Pervasive application for encryption
technology outside of embedded systems
 SSH Transport Layer Protocol:
25
Server Authentication:
 Server authentication occurs at the transport layer, based on server’s
public/private key pair
 A server may have multiple host keys using multiple different
asymmetric encryption algorithms
 Multiple hosts may share the same host key
 Server host key is used during key exchange to authenticate the identity
of the host
 SSH Transport Layer: Protocol
26
Packet Exchange, Formation:
 SSH Transport Layer Cryptographic
27
Algorithms:

* = Required
** = Recommended
28 Authentication Methods:
Publickey
 The client sends a message to the server that contains the client’s public key,
with the message signed by the client’s private key
 When the server receives this message, it checks whether supplied key is
acceptable for authentication; if yes, it checks whether signature is correct

Password
 The client sends a message containing a plaintext password, which is protected
by encryption by the Transport Layer Protocol

Hostbased
 Authentication is performed on the client’s host rather than the client itself
 This method works by having the client send a signature created with the
private key of the client host
 Rather than directly verifying the user’s identity, the SSH server verifies the
identity of the client host
 29 SSH Connection Protocol:
 runs on SSH Transport Layer Protocol
 assumes secure authentication
connection
 which is called tunnel
 used for multiple logical channels
 SSH communications use separate
channels
 either side can open with unique id
number
 flow controlled via sliding window
mechanism
 have three stages:
 opening a channel, data transfer, closing Example SSH Connection Protocol
a channel Message
30
Port forwarding:
 convert insecure TCP connection
into a secure SSH connection
 SSH Transport Layer Protocol
establishes a TCP connection
between SSH client & server
 client traffic redirected to local SSH,
travels via tunnel, then remote SSH
delivers to server
 supports two types of port
forwarding
 local forwarding – hijacks selected
traffic
 remote forwarding – client acts for
server
 31
Types of Port forwarding:
1. Local forwarding: 2. Remote forwarding:

i. The SSH client sets up a connection to the i. From the work computer, set up an SSH
remote server. connection to your home computer. The
ii. Select an unused local port number, say 9999,
firewall will allow this, because it is a
and configure SSH to accept traffic from this
port destined for port 110 on the server. protected outgoing connection.
iii. The SSH client informs the SSH server to ii. Configure the SSH server to listen on a
create a connection to the destination, in this local port, say 22, and to deliver data
case mail server port 110. across the SSH connection addressed to
iv. The client takes any bits sent to local port remote port, say 2222.
9999 and sends them to the server inside the iii. You can now go to your home computer,
encrypted SSH session. The SSH server and configure SSH to accept traffic on
decrypts the incoming bits and sends the port 2222.
plaintext to port 110. iv. You now have an SSH tunnel that can be
v. In the other direction, the SSH server takes
used for remote logon to the work
any bits received on port 110 and sends them
inside the SSH session back to the client, who server.
decrypts and sends them to the process
connected to port 9999.
32
Summary:

 SSL provides security at transport layer. TLS is a standardization of SSL

V3.
 SSL consists of 4 protocols: Handshake (Crypto Negotiation), Change
Cipher, Alert, and Record (Encryption and MAC)
 HTTPS is simply http over SSL.
 SSH provides secure remote login and consists of 3 protocols: User
authentication, Connection (Channels), Transport layer (Encryption, MAC,
Server authentication)
 SSH port forwarding (tunneling) allows insecure applications to run in a
secure mode.