Notes on SANS Beginner's guide on SSL and TLS

Two communication protocols that could be used to encrypt data in transit between the user and the server on which sensitive information resides are:

- Secure Sockets Layer (SSL)
- Transport Layer Security (TLS)

SSL

  • Capable of securing any transmission over TCP.
  • HTTPS (Secure HTTP) utilizes SSL in e-commerce or password transactions.

  • Focuses on the combination of 3 points to provide connection security:

    • Privacy: connection through encryption.
    • Identity authentication - identification through certificates.
    • Reliability - dependable maintenance of a secure connection through message integrity checking.

  • SSL version 3.0 was released by Netscape in 1999.

  • The IETF created a similar protocol in an attempt to standardize SSL within the Internet community, and is the TLS protocol.
  • Server authenticates itself to a client that is transmitting information through a series of 9 messages; but it is not critical that the user has an identifying certificate on her machine.

Application to a Web System

  • Common application is for e-Commerce where a client machine is sending a request to a merchant's server.
  • SSL protocol is integrated into most web browsers (so no client configuration required).

  • SSL needs to be configured on the server:

    1. Web server administrator needs to acquire a digital certificate.

      • Can be obtained from a Certification Authority (CA) - Verisign, RSA Data Security.
      • Certificates must be renewed after a set length of time.

    2. Proper configuration to allow SSL connections.

    3. Add an accelerator to the web server (not requirement but suggested)
      • These are PCI cards that speed up processing actions required to encrypt information for secure communications.

  • SSL connections do slow communications due to exchanging of keys and other information during the startup phase of the session.

  • Public key cryptography requires a "sizeable amount of information" to be passed between the client and server machines.

How SSL works

  • 4 protocol layers encapsulate all communication between client and server:

    1. Record Layer

      • Formats the Alert, ChangeCipherSpec, Handshake and application protocol messages.
      • Provides a header for each message and a hash, generated from a Message Authentication Code (MAC) at the end.

    2. ChangeCipherSpec Protocol

      • Composed of one message that signals the beginning of secure communications between the client and server.

    3. Alert Protocol

      • Sends errors, problems or warnings about the connection between parties.
      • Two fields: Severity Level, Alert Description

    4. Handshake Protocol

      • A series of messages establish a handshake that begins a secure connection.
        • ClientHello
        • ServerHello
        • ServerKeyExchange
        • ServerHelloDone
        • ClientKeyExchange - point where "man in the middle" attack is mitigated.
        • ChangeCipherSpec
        • Finished

  • After the handshake process, a lock icon appears to indicate that the secure protocol has been agreed upon.

  • Message authentication: performed using "an algorithm that uses cryptographic technology to create a digital summary of information so that if the information is altered, the summary (known as a hash) will also change."
  • MD5 and SHA are common hash functions used in SSL

TLS: Transport Layer Security Protocol

  • Released in January 1999 to create a standard for private communications.

  • Goals of TLS are:

    • Cryptographic security
    • Interoperability
    • Extensibility
    • Relative efficiency

  • Implementation is on two levels:

    1. TLS Record protocol

      • Negotiates a private, reliable connection between client and server.
      • Can be used without encryption but uses symmetric cryptography keys to ensure a private connection.
      • Connection is secured through the use of hash functions generated by using a Message Authentication Code.

    2. TLS Handshake protocol

      • Allows authenticated communication to commence between server and client.
      • Uses the same handshake protocol procedure as SSL.

7 Main differences between SSL and TLS

  1. Protocol Version in Messages
  2. Alert Protocol Message Types

  3. Message Authentication

    • TLS implements standardized MAC (H-MAC) - operates with any hash function, not just MD5 or SHA as explicitly stated by the SSL protocol.

  4. Key Material Generation

    • TLS uses HMAC standard and its pseudorandom function (PRF) output to generate key material.
    • SSL uses RSA, Diffie-Hellman or Fortezza/DMS output to create key material.

  5. CertificateVerity

  6. Finished
  7. Baseline Cipher Suites