View
220
Download
1
Tags:
Embed Size (px)
Citation preview
SSL/PKI/SET
CIS345 Spring 2003
OSI – Open Systems Interconnection
Security Review – where is SET and SSL
Security Objectives – Reasons (1)Security Objectives – Reasons (1)
Protect traffic between trusted hosts from forgery or eavesdropping. It is because traffic between end pairs over the Internet might pass through hostile hosts. Attackers could do damage.
Protect the whole range of Internet software currently in use. The services include such as e-mail, HTTP, Remote access that relies on TCP/IP must be protected. (too expensive to replace it.)
Example of protecting trafficExample of protecting traffic
Security Objectives – Reasons (2)Security Objectives – Reasons (2)
An untrusted network is in place. In many cases, the untrusted network is the public Internet and is too expensive to replace by an a trusted network between two end pairs.
Protection is automatic. Individual users do not need to modify the protocol.
Internet
PublicNetwork
Untrusted
SSL- Secure Sockets Layer
Secure Sockets Layer (SSL) is the dominant protocol for encrypting general communications between browser and server
What is Secure Socket Layer –SSL?
It is a flexible, general-purpose encryption system.
It was introduced in 1994 in the Netscape Navigator browser.
There have been three versions of SSL
SSL Purpose
Provides security between WEB Server and Browser to pass sensitive information.
Social Security Number (SSN)
Secret information, etc
Padlock at bottom of screen.
Open
Closed
What is the benefit of SSL? If you want to send a
message through an untrusted network, you have to encrypt it prior to sending, as you fear that your data will be modified/tapped by unauthorised users.
With the SSL, it provides the built-in data encryption, which means that you DON”T need to encrypt it. No need to encrypt
SSL History
Developed by Netscape in 1994 –v1.
SSLv2 released in 1995
SSL v3 also released in 1995 due to bugs in v2.
In 1996 the Internet Engineering Task Force (IETF) formed the:
Transport Layer Security (TLS) committee.
TLSv1 was based upon SSLv3
Both Netscape and Microsoft support TLSv1.
SSL Characteristics
SSL protocol operates at TCP/IP transport layer, TCP layer (or layer 4 in ISO/OSI model).
It works with NTTP (news), HTTP (web) and SMTP (e-mail)
This gives SSL flexibility and protocol independence.
SSL Functions
SSL serves four basic functions:
Authentication between the Web Server and client.
Encryption between Web server and client.
Integrity between Web Server and Client.
Key Exchange between Web Server and Client.
SSL/TLS
It is now the focal point of Internet Standards activity by the Internet Engineering Task Force (IETF).
The proposed Transport layer security (TLS v1) protocol is based on SSL version 3.
How about the current status?
SSL Encryption:
SSL uses two different encryption technologies: Public Key encryption (asymmetric) is used to
authenticate the server and/or client and to exchange a private session key between the server and
the client.
Private Key encryption (symmetric) is used to encrypt the data between the server and client.
SSL Cracked In 1995, a French used a cipherpunk using a brute force attack to attack the secret message.
In 9/1995, two Berkey
students found that the
session keys were
predictable.
Yes
In 10/1995, some students
used packet sniffer
technology to modify the
binary as it passed through
the newtrok.
It uses 40 bits and is not secure, as it takes 3.5 hours using brute force (try all combinations).
Features of SSL
SSL was put at the transport layer so that it is not specifically for the HTTP protocol.
It is not as efficient for Web browsing. SSL connection must use TCP/IP socket. However, SSL is flexible to use any DES,
cipher block, triple DES, RC2 or RC4
The cipher suite descriptions that follow refer to these algorithms:
•DES. Data Encryption Standard, an encryption algorithm used by the U.S. Government.
•DSA. Digital Signature Algorithm, part of the digital authentication standard used by the U.S. Government.
•KEA. Key Exchange Algorithm, an algorithm used for key exchange by the U.S. Government.
•MD5. Message Digest algorithm developed by Rivest.
•RC2 and RC4. Rivest encryption ciphers developed for RSA Data Security.
•RSA. A public-key algorithm for both encryption and authentication. Developed by Rivest, Shamir, and Adleman. (The Rivest-Shamir-Adleman (RSA) algorithm was the first realization of a public key system, and has also become the most widely used public-key system. We will see that the security is conjectured to be as hard as factoring large integers. )
•RSA key exchange. A key-exchange algorithm for SSL based on the RSA algorithm.
•SHA-1. Secure Hash Algorithm, a hash function used by the U.S. Government.
•SKIPJACK. A classified symmetric-key algorithm implemented in FORTEZZA-compliant hardware used by the U.S. Government.
Data Encryption Standard (DES)
US standard Symmetrical Encryption 64 bit plain text blocks 56 bit key Declared insecure in 1998 Electronic Frontier Foundation DES Cracker machine DES now worthless Alternatives include TDEA
PKI – Public Key Infrastructure
A PKI enables users of a basically unsecure public network such as the Internet to securely and privately exchange data and money through the use of a public and a private cryptographic key pair that is obtained and shared through a trusted authority. The public key infrastructure provides for a digital certificate that can identify an individual or an organization and directory services that can store and, when necessary, revoke the certificates.
Functions of a PKI
Generate public/private key pairs Identify and authenticate key subscribers Bind public keys to subscriber by digital
certificate Issue, maintain, administer, revoke, suspend,
reinstate, and renew digital certificates Create and manage a public key repository
PKI - Authentication
PKi provides the basic security required to carry out electronic business so that users, who do not know each other, or are widely distributed, can communicate securly.
PKI is based on digital certificates which bind the user’s digital signature to their public key.
PKI should consist of A security policy Certificate Authority (CA) Registration Authority (RA) Certificate Distribution System PKI enabled applications
Certification Authority
A certificate authority (CA) is an authority in a network that issues and manages security credentials and public keys for message encryption. As part of a public key infrastructure (PKI), a CA checks with a registration authority (RA) to verify information provided by the requestor of a digital certificate. If the RA verifies the requestor's information, the CA can then issue a certificate.
Depending on the public key infrastructure implementation, the certificate includes the owner's public key, the expiration date of the certificate, the owner's name, and other information about the public key owner.
Certification Authority– cont.
Public key of sender is required to be distributed. But how can we ensure that the receiver gets a
trusted copy of the public key of the sender? Use certificates. The trustworthy institution is usually called
Certification Authority (CA). The CA must be trusted by all parties.
Certificates: digital documents binding a public key to a name (individual or organization)
issued by a certificate authority (CA). X.509 standard. Certificates have expiry
dates can be revoked. Hierarchy of CA’s.
Certification Authorities –cont.
Digital Certificate
1. USE CA’S PUBLIC KEY TO VERIFY CERTIFICATE IS GENUINE AND HAS NOT BEEN ALTERED.
2. VERIFY THAT CA NAME MATCHES.
3. VERIFY IDENTITY OF SENDER.
4. DECRYPT SENDER’S MESSAGE USING SENDER’S PUBLIC KEY
0. CA AUTHENTICATES SENDER, DIGITALLY SIGNS CERTIFICATE
An entity generates a public private key pair and sends the public key to CA.
Based on the level of assurance (low, medium, high) of the certificate, the CA may go through differing degrees of effort to validate identity (physical visit, notarized document etc).
Verisign (www.verisign.com) is an example of a CA
Thawte (www.thawte.com) is another example, they offer free e-mail certificate at current time.
Certification Authorities –cont.
SSL handshake
SSL handshake means the communication between client and server
It consists of ninenine steps that authenticate the two parties and create a shared session key.
The goal of the protocol is to authenticate the server and optionally the client using a secret symmetric key that both used for encryption.
1. Client sends client-hello message 22 server acknowledges with server-
hello message22 Server sends its certificates22 Server requestsclients’ certificate5. Client sends its certificate 6. Client sends ClientKeyExchange
message 7. Client sends a Certificate Verify
message 22 Both send ChangeCipherSpec
messages 22 Both send Finished messages
SSL Handshake – cont.
Something to remember
Once both the client and server switch into encrypted mode, both will use the session key to symmetrically encrypt subsequent transmissions in both direction.
The session key only lasts for this transaction and will be different for the next transaction
It use symmetric encryption (note that public/private is asymmetric key).
Secure Electronic Transactions (SET)
It is a specialised protocol for safeguarding credit-card-based transaction.
SET uses a system of locks and keys along with certified account IDs for both consumers and merchants. Then, through a unique process of "encrypting" or scrambling the information exchanged between the shopper and the online store, SET ensures a payment process that is convenient, private and most of all secure.
SET – cont.
Credit Card and its relationship
Customer Merchant
Card issued bank Merchant’s bank
Money
Pay Pay
SET’s services
It supports four basic services, namely, 1) authentication, 2) confidentially, 3) message integrity and 4) linkage.
It handles real-time transactions, batch transaction and installment payments.
Set’s four services
Authentication: It means all the parties (card holder, merchant, merchant bank, card issued bank) in the transaction are authenticated using digital signatures
Confidentially: The transaction is encrypted so that other cannot tap/modify the information.
Message integrity: The transaction cannot be tampered with by devious individuals to alter the account number or the amount of transaction
Linkage: SET allows a message sent to one party to contain an attachment that can be read only by another customer.
Summary of SET:
1.EstablishesEstablishes industry standards to keep your order and payment information confidential.2.IncreasesIncreases integrity for all transmitted data through encryption. 3.ProvidesProvides authentication that a cardholder is a legitimate user of a branded payment card account.4.ProvidesProvides authentication that a merchant can accept branded payment card transactions through its relationship with an acquiring financial institution.5.AllowsAllows the use of the best security practices and system design techniques to protect all legitimate parties in an electronic commerce transaction .
SET product covers
Cardholder registration Merchant registration Purchase requests Payment authorisation Payment capture (funds transfer between banks) Chargebacks (refunds to consumers for disputed
charges) Credits Credits reversals Debit card
Why not use SSL?
SSL is a general protocol and it encrypts the message between customer and merchant.
However, it cannot resolve the issue between others such as checking the validity of card number, credit/debit the money, actual transaction.
This must be handled between bank and customer, bank and merchant and bank to bank etc.
SET – how it works
3. Merchant forwards payment information to bank
6. Bank authorizes payment 8. Merchant captures transaction
9. Issuer sends credit card bill information
4. Bank checks with issuer for payment authorization.
5. Issuers authorizes payment.
Customer browses and decides to buy SET sends order and payment information
7 Merchant completes order
Authentication steps in SET
SSL uses a pair of keys (private/public keys, 2 keys) for encryption and digital signature.
SET uses two pairs of keys (4 keys), one pair for encryption, while the other for digital signature.
SET applies to merchant, merchant’s bank and card issuing bank.
It uses Secure hash Algorithm (SHA) which produces 160-bit hash, the private/public key uses RSA (1024 bit) algorithm.
Other Digital Payments
First virtual: it is designed for low- to medium- priced software sales, fee-for-service information purchases over the Internet. The consumer must first signs up for virtual account through on-line application form.
Cybercash: a product of the CyberCash Corporations, is a SET like systems for credit/debit card transactions
Digicash: A product of Netherlands-based Digicash systems. It is a digital cash system that works for phone cards.
•The SET Secure Electronic Transaction TM protocol is an open industry standard developed for the secure transmission of payment information over the Internet and other electronic networks.
•SSL Secure Socket Layer (SSL) (developed by Netscape Communications Company) is a standard that encrypts data between a Web browser and a Web server. SSL does not specify what data is sent or encrypted. In an SSL session, all data sent is encrypted.
Summary: SSL vs SET
Summary
SSL is a general purpose protocol between browser and server, current version is 3.
SET is a special protocol among customer, merchant, card issuing bank and merchant’s bank
SSL uses a pair of keys for encryption and digital signature
SET uses two pairs of keys for separating encryption and digital signature
SET’s limitation is that it only works with credit/debit card.