上海交通大学：TLS/SSL Security（PPT课件讲稿）

TLS/SSL Security April 19th 2018 上海式大 I JIAO TONG UNIVERSITY

TLS/SSL Security ▪ April 19th, 2018

目录 Contents a Brief introduction of tls/SS(江子山 〈2>TLs13&TLs1.2(江子山 HVLearn(申丰 4> TLS in Android(Houda Boussaadane 5Q&A 上海通大字 SHANGHAI JIAO TONG UNIVERSITY

目录 Contents 1 A Brief Introduction of TLS/SSL (江子山) 2 TLS1.3 & TLS1.2 (江子山) 3 HVLearn (申丰) 4 TLS in Android (Houda Boussaadane) 5 Q&A

A Brief Introduction of TLS/SSL 上通大字

A Brief Introduction of TLS/SSL

上海大字 httpandhttps oacithub,Inc.(us)htTps://github.com www.qq.com Site Security Site Securi GitHub, Inc. ewww.qq.com Secure Connection Connection is Not Secure You are securely connected to this site, owned by Your connection to this site is not private GitHub, Inc. Information you submit could be viewed by others San Francisco (like passwords, messages, credit cards, etc) California, US Verified by: DigiCert Inc More Information More Information

http and https

上海大字 SHANGH AI JIAO TONG INTVEANTY httpandhttps Nmnl Http Hyper Transfer Protocol超文本传 输协议 It is an application-level protocol for distributed. collaborative, and Http Vs Https hypermedia information systems Https Http Secure超文本传输协议 It is an extension of the Hypertext Transfer protocol for secure communication Encrypted by TLS/SSL Httpoverssl/httpovertls

▪ HTTP ▪ Hyper Transfer Protocol 超文本传 输协议 ▪ It is an application-level protocol for distributed, collaborative, and hypermedia information systems. ▪ HTTPS ▪ HTTP Secure 超文本传输协议 ▪ It is an extension of the Hypertext Transfer Protocol for secure communication. Encrypted by TLS/SSL. ▪ HTTP over SSL / HTTP over TLS http and https

上海大字 SHANGH AI JIAO TONG INTVEANTY Http is not secure Nmnl Http TencentWebsiteWww.qq.com FacultySystemofCseWebsitewww.cs.stu.edu.cn/studentlogin.aspx Https Mail system of SJTU: mail sjtu. edu.cn GitHub Login Website: github. com

▪ HTTP ▪ Tencent Website: www.qq.com ▪ Faculty System of CSE Website : www.cs.sjtu.edu.cn/StudentLogin.aspx ▪ HTTPS ▪ Mail system of SJTU: mail.sjtu.edu.cn ▪ GitHub Login Website: github.com HTTP is not secure

上海大字 SHANGH AI JIAO TONG INTVEANTY This reminds me of Mission Impossible 5n

This reminds me of Mission Impossible 5

上海大字 SHANGH AI JIAO TONG INTVEANTY Brief Introduction of SSL/TLs mn SSL Secure Socket layer The standard security technology for establishing an encrypted link between a web server and a browser. This link ensures that all data passed between the web server and browsers remain private and integral The latest version ssl30 Deprecated because of the vulnerability revealed by google in 2014 POODLE(Padding Oracle On downgraded Legacy Encryption) attack. TLS Transport Layer Security Cryptographic protocols that provide communication security over a computer network The processor of SsL, published by Internet Engineering Task Force (ETF The latest version: TLS13 Draft22

▪ SSL ▪ Secure Socket Layer ▪ The standard security technology for establishing an encrypted link between a web server and a browser. This link ensures that all data passed between the web server and browsers remain private and integral. ▪ The latest version: SSL3.0 ▪ Deprecated because of the vulnerability revealed by Google in 2014. ▪ POODLE (Padding Oracle On Downgraded Legacy Encryption) attack. ▪ TLS ▪ Transport Layer Security ▪ Cryptographic protocols that provide communication security over a computer network. ▪ The processor of SSL, published by Internet Engineering Task Force (IETF) ▪ The latest version: TLS1.3 Draft22 Brief Introduction of SSL/TLS

上海大字 SHANGH AI JIAO TONG INTVEANTY History and Development of SSL/TIS nl History c0-0 Nesco IETF TLS 1.2 SSL 2.0SSL 3.0TLS 1.0.1 TLS 1.2" refined 199419961999 2006200820112012 00c0 complete· minor changes MDS-SHA1→SHA256 redesign. no interoperation authenticated encryption with SSL3 e.g. AES in CCM mode can downgrade connections to rotectio ainst cBc-attacks SSL3 implicit I→ explicitⅳ MAC Message Authentication Code MD5 Message Digest Algorithm IETF Internet Engineering Task Force SHA Secure Hash Algorithm CBc Cipher Block Chaining AEs Advanced Encryption Standard Iv Initialization Vector CCM Counter with CBC-MAC Dan Luedtke . Wed Apr IB, 2012.Universty of the Geman Federal /med Foree, Munich e stde 3

History and Development of SSL/TLS

上海大字 SHANGH AI JIAO TONG INTVEANTY Attacks methods Nmnl Privacy The connection is private (or secure) because symmetric cryptography is used to encrypt the data transmitted. The keys for this symmetric encryption are generated uniquely for each connection and are based on a shared secret negotiated at the start of the session Identification The identity of the communicating parties can be authenticated using public-key cryptography. This authentication can be made optional but is generally required for at least one of the parties( typically the server)

▪ Privacy ▪ The connection is private (or secure) because symmetric cryptography is used to encrypt the data transmitted. The keys for this symmetric encryption are generated uniquely for each connection and are based on a shared secret negotiated at the start of the session. ▪ Identification ▪ The identity of the communicating parties can be authenticated using public-key cryptography. This authentication can be made optional, but is generally required for at least one of the parties (typically the server). Attacks & Methods