Secure Socket Layer
#1

SSL is a protocol using different cryptographic algorithms to implement security-using authentication with certificates, session key exchange algorithms, encryption and integrity check. It is a common protocol, often used to ensure that the communication between WWW-server and WWW-client is safe and encrypted.

Digital certificates encrypt data using Secure Sockets layer (SSL) technology, the industry-standard method for protecting web communications developed by Netscape Communications Corporation. The SSL security protocol provides data encryption, server authentication, message integrity and optional client authentication for a TCP/IP connection. Because SSL is built into all major browsers and web servers, simply installing a digital certificate turns on their SSL capabilities.

SSL comes in two strengths, 40-bit, and 128-bit, which refer to the length of the ?session key? generated by every encrypted transaction. The longer the key, the more difficult it is to break the encryption code. Most browsers support 40-bit SSL sessions, and the latest browsers, including Netscape Communicator 4.0, enable users to encrypt transactions in 128-bit sessions ? trillions of times stronger than 40-bit sessions. Global companies that require international transactions over the web can use global server certificates program to offer strong encryption to their customers...
Reply
#2
[attachment=14977]
PRESENTATION ON SECURE SOCKET LAYER (SSL)
DEFINITION

Internet protocol for secure exchange of
information between the web browser and the
web server
HISTORY
Developed by Netscape corporation in 1994
Versions – 2,3,3.1
Popular version – 3, released in 1995
SERVICES
Provides 2 basic security services :
1. Authentication
2. Confidentiality
Logically it provides a secure pipe between the web browser and the web server.
POSITION OF SSL IN TCP/IP PROTOCOL SUITE
Located between the application layer and the
transport layer
COMMUNICATION BETWEEN VARIOUS LAYERS
L5 data SH
HOW SSL WORKS ?
Has 3 sub protocols :
Handshake protocol
Record protocol
Alert protocol
1. THE HANDSHAKE PROTOCOL
First sub protocol used by client and the server
to communicate using SSL enabled connections
Consists of series of messages between the client and the server
MESSAGE FORMAT OF HANSHAKE PROTOCOL
Has 3 fields :
Type (1 byte) : indicates message types
Length (3 bytes) : indicates the length of
message.
3. Content (1 or more byte) : contains the
parameters associated with message
PHASES OF HANDSHAKE PROTOCOL
There are 4 phases of handshake protocol :
Establish security capabilities
Server authentication & key exchange
Client authentication & key exchange
Finish
Phase 1: Establish security capabilities
Initiate a logical connection & establish the security capabilities
Consists of two messages : client hello & server hello
CLIENT HELLO
Consists of following parameters :
Version : indicates the highest version of SSL the client can support
Random : used for actual communication.
It consists of 2 sub fields :
32-bit date-time field that identifies current system date & time on the client computer
28-byte random number generated by the random number generator software built inside the client computer
CLIENT HELLO CONT.
3. Session id : variable length session identifier
It has two values :
3.1. Non zero value : shows that a connection already exists between the client and the server
3.2. Zero value :indicates that the client wants to
create a new connection with the server
4. Cipher suite : contains list of cryptographic
algorithms supported by client
5. Compression method : contains list of
compression algorithms supported by client
SERVER HELLO
Contains the same fields as that of client but
with different purpose :
Version : identifies the lower of the versions suggested by the client & the highest supported by the server
Random : same structure as that of client
Session id : for non zero value - server uses the same value sent by client
For zero value – server creates a new session id & puts it in this field
Cipher suite : contains single cipher suite selected from the list sent by client
Compression method : contains a compression algorithm selected from the list sent by client
PHASE 2 : SERVER AUTHENTICATION & KEY EXCHANGE
Server initiates this phase of SSL handshake
Server is the only sender & the client is the only receiver.
This phase contains 4 steps:
Certificate
Server key exchange
Certificate request
Server hello done
1.CERTIFICATE
Server sends its digital certificate to the client
This helps client to authenticate the server using server’s public key from server’s certificate.
2. SERVER KEY EXCHANGE
Optional step & is used if the sender doesn’t send its digital certificate to the client
Server sends its public key to the client
3. CERTIFICATE REQUEST
Server can request for the client’s digital signatures
This step is optional because the client authentication in SSL is optional.
4. SERVER HELLO DONE
Indicates the client that its portion of hello message is complete
The client can verify the certificates sent by the server
After sending this message the server waits for the client’s response
PHASE 3: CLIENT AUTHENTICATION & KEY EXCHANGE
The client initiates this phase.
Client is the sender & the server is the receiver.
This phase consists of 3 steps:
Certificate
Client key exchange
Certificate verify
1. CERTIFICATE
Optional step
Performed only if the server had requested for the client’s certificate
If the client sends no certificate instead of a certificate message then its upto server if it still wants to continue.
2. CLIENT KEY EXCHANGE
Allows the client to send information to the server based on the symmetric key
Client creates a 48-byte pre-master secret & encrypts it with the server’s public key & sends this pre-master secret to the server.
3. CERTIFICATE VERIFY
Necessary only if the server had demanded client authentication
The client combines the pre-master secret with the random numbers exchanged by the client & server after hashing them together.
PHASE 4 : FINISH
Client initiates this phase and the server ends.
This consists of 4 steps:
The first two masseges are from client :
Change cipher specs
Finished
The server responds back with the two same identical
messages
MASTER KEY GENERATION CONCEPT
Based on pre-master secret , both the server and the client create a 48-byte quantity called the master secret
Master key is calculated after computing message digests of pre-master secret, client random & server random.
SYMMETRIC KEY GENERATION CONCEPT
Finally symmetric keys to be used by the client & server are generated
2. RECORD PROTOCOL
Provides 2 services :
Confidentiality : achieved by the secret key defined by handshake protocol
Integrity : shared secret key is used to ensure the message integrity
OPERATION OF RECORD PROTOCOL
DETAILS OF THE STEPS
Fregmentation: original message is broken into blocks of size less than or equal to 16,384 bytes
Compression: fregmented blocks are compressed optionally with loss less compression mechanism
Addition of MAC: MAC is calculated for each block using the shared secret key.
Encryption: using the symmetric key the output is encrypted
5. Append header: header is added to the encrypted block.
The header contains the following fields :
Content type(8 bits): specifies the protocol
used for processing the record in next higher level
Major version(8 bits): specifies the major
version of SSL protocol in use
Minor version(8 bits)Confusedpecifies the minor
version of SSL protocol in use
Compressed length(16 bits): specifies the
length of the original plain text block
3. ALERT PROTOCOL
When either the client or the server detects an
error, the detecting party sends an alert message
to the other party
For fatal error : SSL connection is immediately closed, session identifiers, secrets & keys are destroyed
For non fatal errors :parties handle the errors & continue
ALERT PROTOCOL MESSAGE FORMAT
Alert message contains 2 bytes :
Severity : signifies the type of error. If it is a warning ,this byte contains 1. If it is fatal, this contains 2.
Cause : specifies the actual errors
CLOSING AND RESUMING SSL CONNECTIONS
Before ending communication , the client & the server must inform each other
Each party sends a close notify alert to ensure graceful closure
If the SSL connection ends without a close notify alert it cant be resumed
Any SSL connection can’t be reused after 24 hours
Reply

Important Note..!

If you are not satisfied with above reply ,..Please

ASK HERE

So that we will collect data for you and will made reply to the request....OR try below "QUICK REPLY" box to add a reply to this page
Popular Searches: ssl tls handshake, presentation layer in the osi, socket and spigot cotter joint manufacturing method, secure socket layer seminar report, layer 3 switch seminar report, osi layer, secure socket connection,

[-]
Quick Reply
Message
Type your reply to this message here.

Image Verification
Please enter the text contained within the image into the text box below it. This process is used to prevent automated spam bots.
Image Verification
(case insensitive)

Possibly Related Threads...
Thread Author Replies Views Last Post
  3D PASSWORD FOR MORE SECURE AUTHENTICATION full report computer science topics 116 82,030 03-04-2014, 11:39 PM
Last Post: seminar report asees
  A Secure Mobile Healthcare System using Trust-Based Multicast Scheme seminar class 3 7,951 22-12-2012, 10:54 AM
Last Post: seminar details
  Secure Data Transmission PPT seminar surveyer 2 3,414 24-11-2012, 01:35 PM
Last Post: seminar details
  Next Generation Secure Computing Base (NGSCB) computer science crazy 8 8,140 27-10-2012, 12:22 PM
Last Post: seminar details
  Secure access system using signature verification over tablet PC project topics 1 1,766 24-10-2012, 01:27 PM
Last Post: seminar details
  Monitoring the Application Layer-DDoS Attack for Popular Websites full report project topics 12 11,282 26-01-2012, 10:17 AM
Last Post: seminar addict
  Fluorescent Multi-layer Disc computer science crazy 1 2,468 23-01-2012, 11:24 AM
Last Post: seminar addict
  A Secure Routing Protocol for Mobile Adhoc Network computer science topics 1 5,134 30-11-2011, 10:24 PM
Last Post: VickyBujju
Music SILC(Secure Internet Live conferencing) Download The Seminar Report computer science crazy 5 6,245 20-09-2011, 09:50 AM
Last Post: seminar addict
  secure socket layer jitharun 0 1,176 06-07-2011, 09:26 PM
Last Post: jitharun

Forum Jump: