William Liu

Secure Sockets Layer (SSL) and TLS

SSL and TLS are both cryptographic protocols that provide authentication and data encryption between servers. SSL and TLS are how we secure network communications using encryption.

SSL stands for Secure Socket Layer TLS stands for Transport Layer Security - supercedes SSL

What is a Protocol

So what is a protocol? It’s the official procedure or system of rules.

It’s like we all agree that there are only 24 hours in a day, a week is 7 days, etc. even though we track time differently.

Common Protocols

If we want to connect to a web site from a client browser, we’ll use HTTP (Hypertext Transfer Protocol) If we want to transfer large files, we’ll use a FTP (File Transfer Protocol) over a TCP/IP based network connection. If we want to send email, we use SimpleMail Transfer Protocol (SMTP)

Secure Protocols

SSH allows remote login and execution. It is a cryptographic network protocol used for secure data communication. It is secured through the use of generated keys out of band (i.e. shared across a public median).

SSL stands for Secure Socket Layer (SSL) and is superceded by TLS. The terms are sometimes used interchangeably. The idea is that data is scrambled in transit so attackers can’t read it. Our SSL Wrapper is a little different than HTTP, FTP, SMTP, which works on the Application Layer of the OSI Model. Instead, our SSL wrapper works on the Transport Layer of the OSI Model.

OSI Model

OSI model stands for the Open Systems Interconnection model, which is made up of:

7 Application 6 Presentation 5 Session 4 Transport 3 Network 2 Data Link 1 Physical

Detailed breakdown of the OSI model layers:

Layer Protocol data unit (PDU) Function Host layers 7 Application Data High-level APIs, including resource sharing, remote file access 6 Presentation Data Translation of data between a networking service and an application; including character encoding, data compression and encryption/decryption 5 Session Data Managing communication sessions, i.e. continuous exchange of information in the form of multiple back-and-forth transmissions between two nodes 4 Transport Segment, Datagram Reliable transmission of data segments between points on a network, including segmentation, acknowledgement and multiplexing Media layers 3 Network Packet Structuring and managing a multi-node network, including addressing, routing and traffic control 2 Data link Frame Reliable transmission of data frames between two nodes connected by a physical layer 1 Physical Symbol Transmission and reception of raw bit streams over a physical medium

Introduction to Cryptography

Cryptography is the computerized enciphering and deciphering of information. As we pass messages back and forth between our network (in transit), we do not want data to be stolen or altered. Cryptography stands for ‘kryptos’ (hidden) and ‘graphein’ (writing), meaning hidden writing. We’re hiding data that we’re writing.

How does encryption work?

Let’s think of a lock and a key. The lock is used to keep unauthorized people out. The key is used to both close and open that lock. With computer systems, we do not want to reuse the same key over and over, otherwise that key might be stolen.

Why do we use Cryptography?

We use cryptography so that we can have:

Encryption Types

Symmetric Encryption

Symmetric encryption uses the same key for both encryption and decryption. The issue with symmetric encryption is that keys have to be shared between parties, usually across a public medium. If this key is intercepted during transit (e.g. man in the middle), then security is compromised.

Symmetric Algorithms include:

Asymmetric Encryption

Asymmetric encryption uses two keys for encryption and decryption. The issue with asymmetric encryption is because it is extremely slow, taking a lot of processing power and so it is impractical when encrypting large amounts of data.

Asymmetric Algorithms include:

Diffie-Hellman

Diffie-Hellman Key Exchange is the first asymmetric key exchange. It was built to fix the issues that a symmetric encryption had. To facilitate this, both users in an exchange agree on a shared private key. Say my key is 300 and your key is 200, our shared key could be 300 * 200 = 60000. At least that is the basic idea.

RSA

RSA is one of the most widely encryptions used for secure data transmission. In RSA, each user has a widely available public key as well as a secret private key. When sending a message, the sender uses the receiver’s public key to encrypt that message. The only key that can be used to decrypt that message is the receiver’s private key.

PKI

PKI stands for public key infrastructure. PKI is asymmetric encryption that is used for transactional exchanges. It is not a specific technology but rather a framework based on asymmetric technologies. Users need to have certificates that are issued by a trusted certificate authority (CA).

So how does this work?

Web Server SSL Certificates

A Web server SSL Certificate is based off PKI.

Hybrid Encryption

Due to the negatives of symmetric encryption and asymmetric encryption, there’s now a hybrid encryption. So how does it work?

So basically, we do a TLS Handshake to negotiate keys before creating a secure network connection. We mitigate the issues with using only symmetric encryption or only using asymmetric encryption.

Public Key Exchange (TLS Handshake)

We do a TLS Handshake to ensure that the data we send from our browser to a web server is confidential. How do we know that there isn’t a man in the middle?