BIT/Faculty of Computing/C&CS/CH-7 Security at Transport Layer

Chapter VII

Security at Transport Layer

By:
Dr. K. Raja Shekar
Bahir Dar University
Cryptography and Computer Security [Link] Shekar
 BIT/Faculty of Computing/C&CS/CH-7 Security at Transport Layer

Transport Layer Security / Web Security

Introduction:
• Transport layer security provides an end‐to‐end security for applications that use a
reliable transport layer protocol such as TCP.
• It provides security services for transaction over the internet.
• The World Wide Web for e‐commerce is a client/ server application running over the
Internet and TCP/IP intranets.
• As such, the security tools and approaches are relevant to the issue of Web
security.
• The Internet is two way. Unlike electronic publishing systems , the Web is vulnerable to
attacks on the Web servers over the Internet.
• We look at two standardized security schemes on the web:
• Secure Sockets Layer (SSL) / Transport Layer Security (TLS)
• Secure Electronic Transaction (SET).

Cryptography and Computer Security [Link] Shekar

 BIT/Faculty of Computing/C&CS/CH-7 Security at Transport Layer

Transport Layer Security / Web Security

Secure Sockets Layer (SSL) / Transportation Layer Security (TLS)
• The SSL/TLS lives between the application layer and the transport layer in the Internet
protocol stack.
• SSL/TLS most often deals with Web browsing, in which case the application layer
protocol is HTTP and the transport layer protocol is TCP.
• The SSL/TLS layer is illustrated in the following Figure:

• One of the goals of these protocols is to provide server and client authentication, data
confidentiality and data integrity.
• Application layer client/server programs, such as HTTP that use the services of TCP can
encapsulate their data in SSL packets.
• If client/server runs SSL/TLS, then client can use the URL [Link] instead of [Link]
to allow HTTP message to be encapsulated in SSL/TLS packets.
• For example, credit card number can be safely transferred via internet for online
shoppers.
Cryptography and Computer Security [Link] Shekar
 BIT/Faculty of Computing/C&CS/CH-7 Security at Transport Layer

Secured Socket Layer

SSL Architecture:
• SSL is used extensively to secure e‐commerce on the Internet today.
• SSL is an elegant and efficient protocol
• It is designed to provide security and compression services to data generated from the
application layer.
• SSL is designed to make use of TCP to provide a reliable end‐to‐end secure service.
• SSL can receive data from any application protocol, but usually the protocol is HTTP.
• The data received from the application is compressed (optional), signed and encrypted.
• The data is then passed to a reliable transport layer protocol such as TCP.
• SSL is not a single protocol but rather two layers of protocols, as illustrated in Figure:

Cryptography and Computer Security [Link] Shekar

 BIT/Faculty of Computing/C&CS/CH-7 Security at Transport Layer

Secured Socket Layer

SSL Architecture:
• The SSL Record Protocol provides basic security services to various higher layer
protocols.
• In particular, the HTTP which provides the transfer service for Web client/server
interaction, can operate on top of SSL.
• Three higher‐layer protocols are defined as part of SSL:
• Handshake Protocol,
• Change Cipher Spec Protocol, and
• Alert Protocol.
• These SSL specific protocols are used in the management of SSL exchanges.
• Two important SSL concepts are:
• SSL session and
• SSL connection

Cryptography and Computer Security [Link] Shekar

 BIT/Faculty of Computing/C&CS/CH-7 Security at Transport Layer

Secured Socket Layer

SSL Architecture:
SSL Session:
• An SSL session is an association between a client and a server.
• Sessions are created by the Handshake Protocol.
• After a session is established , the two parties will have the common information which
is specified by a session states.
• A session state is a set of parameters established between the client and the server:

Cryptography and Computer Security [Link] Shekar

 BIT/Faculty of Computing/C&CS/CH-7 Security at Transport Layer

Secured Socket Layer

SSL Architecture:
SSL Connection:
• For two entities to exchange data, a session is necessary but not sufficient; they need to
create a connection between themselves.
• For SSL, such connections are peer‐to‐peer relationships.
• Connections are transient.
• Every connection is associated with one session.
• A connection is defined by a connection state, a set of parameters established between
two peers:

Cryptography and Computer Security [Link] Shekar

 BIT/Faculty of Computing/C&CS/CH-7 Security at Transport Layer

Secured Socket Layer

SSL Architecture:
SSL Protocols:
• SSL accomplishes its task by implementing 4 protocols in two layers:
• SSL Record Protocol:
• It is a carrier which carries messages from three other protocols as well as the
data coming from the application layer.
• Messages from the Record Protocol are payload to the transport layer,
normally TCP.
• SSL Handshake Protocol:
• This provides security parameters for the record protocol
• It establishes a cipher set and provides keys and security parameters.
• SSL Change Cipher Spec Protocol:
• This is used for signaling the readiness of cryptographic secrets.
• SSL Alert Protocol:
• It is used to report abnormal conditions

Cryptography and Computer Security [Link] Shekar

 BIT/Faculty of Computing/C&CS/CH-7 Security at Transport Layer

Secured Socket Layer

SSL Record Protocols:
• The following Figure indicates the overall operation of the SSL Record Protocol.

• Record Protocol takes an application message to be transmitted, fragments the data

into manageable blocks, optionally compresses the data, applies a MAC, encrypts, adds
a header, and transmits the resulting unit in a TCP segment.
• Received data are decrypted, verified, decompressed, and reassembled and then
delivered to higher level users.

Cryptography and Computer Security [Link] Shekar

 BIT/Faculty of Computing/C&CS/CH-7 Security at Transport Layer

Secured Socket Layer

SSL Record Protocols:
Step 1: Fragmentation. Each upper‐layer message is fragmented into blocks of 214 bytes
(16384 bytes) or less.
Step 2: Compression. It is optionally applied. Compression must be lossless and may not
increase the content length by more than 1024 bytes.
Step 3: MAC. At the sender, this is done over the compressed data. For this purpose, a
secrete key is used. (pad 2=0101 0110,pad 1=0011 0110)
• MAC Computation:

Cryptography and Computer Security [Link] Shekar

 BIT/Faculty of Computing/C&CS/CH-7 Security at Transport Layer

Secured Socket Layer

SSL Record Protocols:
Step 4: Encryption/Decryption:
• The compressed message plus the MAC are encrypted using symmetric encryption at
the sender’s end. Similarly the received message is decrypted at the receiver’s end.
• The following encryption /decryption algorithms are permitted:

Step 5: Framing/Deframing
• After encryption, the record protocol header is added at the sender. The header is
removed at the receiver before decryption.

Cryptography and Computer Security [Link] Shekar

 BIT/Faculty of Computing/C&CS/CH-7 Security at Transport Layer

Secured Socket Layer

SSL Record Protocols:
Step 5: Framing/Deframing (contd…)
• The header, consists of the following fields:
• Content Type (8 bits): The higher layer protocol used to process the enclosed
fragment.
• Major Version (8 bits): Indicates major version of SSL in use. For SSLv3, the value is
3.
• Minor Version (8 bits): Indicates minor version in use. For SSLv3, the value is O.
• Compressed Length (16 bits): The length in bytes of the plaintext fragment (or
compressed fragment if compression is used). The maximum value is 214+ 2048.

Cryptography and Computer Security [Link] Shekar

 BIT/Faculty of Computing/C&CS/CH-7 Security at Transport Layer

Secured Socket Layer

SSL Change Cipher Spec Protocol:
• This protocol has one message, the ChangeCipherSpec message, which is only 1 byte,
encapsulated in the record protocol message with protocol value 20:(It will change
pending state to current state)

SSL Alert Protocol:

• The Alert Protocol has one message that reports errors in the process.
• Alert messages are compressed and encrypted in the Record Protocol with protocol
value 21.
• The two fields of the Alert Protocol are:
• Level: The one byte field that defines the level of the error. Two levels are defined:
warning and fatal error (Connection b/w client and server lost)
• Description: The 1‐byte description defines the type of error.

Cryptography and Computer Security [Link] Shekar

 BIT/Faculty of Computing/C&CS/CH-7 Security at Transport Layer

Secured Socket Layer

SSL Handshake Protocol:
• This protocol allows the server and client to authenticate each other and to negotiate
an encryption algorithm, MAC algorithm and cryptographic keys.
• It is used before any application data is transmitted.
• It consists of a series of messages exchanged by client and server. The exchange can be
viewed as having four phases.
Phase 1: Establish Security Capabilities
• This phase is used to initiate a logical connection and to establish the security
capabilities that will be associated with it.
• The exchange is initiated by the client, which sends a clientHello message .
• After sending the clientHello message, the client waits for the serverHello message,
which contains the same parameters as the clientHello message.
Phase 2. Server Authentication and Key Exchange
• The server begins this phase by sending its certificate, if it needs to be authenticated;
the message contains one or a chain of X.509 certificates.
• Next, a server_key_exchange message may be sent if it is required.
• It is not required in two instances:
• (1) The server has sent a certificate with fixed Diffie‐Hellman parameters, or
• (2) RSA key exchange is to be used.

Cryptography and Computer Security [Link] Shekar

 BIT/Faculty of Computing/C&CS/CH-7 Security at Transport Layer

Secured Socket Layer

SSL Handshake Protocol:
Phase 2. Server Authentication and Key Exchange
• Next, a non‐anonymous server can request a certificate from the client, the certificate
request message
• The final message in Phase 2, and one that is always required, is the server done
message
• This is sent by the server to indicate the end of the server hello and associated
messages.
• After sending this message, the server will wait for a client response.
Phase 3. Client Authentication and Key Exchange
• Upon receipt of the server done message, the client should verify that the server
provided a valid certificate if required .
• If alI is satisfactory, the client sends one or more messages back to the server.
• If the server has requested a certificate, the client begins this phase by sending a
certificate message. If no suitable certificate is available, the client sends a
noncertificate alert instead.
• Next, is the client_key_exchange message, which must be sent in this phase.
• Finally, the client may send a certificate verify message to provide explicit verification
of a client certificate.

Cryptography and Computer Security [Link] Shekar

 BIT/Faculty of Computing/C&CS/CH-7 Security at Transport Layer

Secured Socket Layer

SSL Handshake Protocol:
Phase 4. Finish
• This phase completes setting up of a secure connection.
• The client sends a change_cipher_spec message copies the pending CipherSpec into the
current CipherSpec.
• The client then immediately sends the finish message under the new algorithms, keys
and secrets.
• The finished message verifies that the key exchange and authentication processes are
successful.

Cryptography and Computer Security [Link] Shekar

 BIT/Faculty of Computing/C&CS/CH-7 Security at Transport Layer

Secured Socket Layer

SSL Handshake Protocol:

Cryptography and Computer Security [Link] Shekar

 BIT/Faculty of Computing/C&CS/CH-7 Security at Transport Layer

Transport Layer Security / Web Security

Secured Electronics Transaction (SET):
 Provide confidentiality of payment and ordering information.

 Ensure the integrity of all transmitted data.

 Provide authentication that a cardholder is a legitimate user of a credit card

account.

 Provide authentication that a merchant can accept credit card transactions

through its relationship with a financial institution.

 Ensure the use of the best security practices and system design techniques to
protect all legitimate parties in an electronic commerce transaction.

 Create a protocol that neither depends on transport security mechanisms nor

prevents their use.

 Facilitate and encourage interoperability among software and network providers.

Cryptography and Computer Security [Link] Shekar

 BIT/Faculty of Computing/C&CS/CH-7 Security at Transport Layer

SET Participants

• Card Holder:‐user

• Merchant

• Issuer :‐ Bank of card holder

• Acquirer:‐ Financial institute related to merchant

• Payment Gateway:‐Master card/Visa card

• Certificate Authority :– Trusted Third party

Cryptography and Computer Security [Link] Shekar

BIT/Faculty of Computing/C&CS/CH-7 Security at Transport Layer

Participants in the SET System

Cryptography and Computer Security [Link] Shekar

BIT/Faculty of Computing/C&CS/CH-7 Security at Transport Layer

SET Transactions:

Cryptography and Computer Security [Link] Shekar

BIT/Faculty of Computing/C&CS/CH-7 Security at Transport Layer

SET Transactions

• The customer opens an account with a card issuer.

– MasterCard, Visa, etc.

• The customer receives a X.509 V3 certificate signed by a bank.

– X.509 V3

• A merchant who accepts a certain brand of card must possess two X.509
V3 certificates.

– One for signing & one for key exchange

• The customer places an order for a product or service with a merchant.

• The merchant sends a copy of its certificate for verification.

Cryptography and Computer Security [Link] Shekar

BIT/Faculty of Computing/C&CS/CH-7 Security at Transport Layer

Key Technologies of SET

• Confidentiality of information: DES

• Integrity of data: RSA digital signatures with SHA‐1 hash codes

• Cardholder account authentication: X.509v3 digital certificates with RSA

signatures

• Merchant authentication: X.509v3 digital certificates with RSA signatures

• Privacy: separation of order and payment information using dual

signatures

Cryptography and Computer Security [Link] Shekar