Description
Instructions
One of the fundamental tasks of a cybersecurity professional is protecting the organization’s data. There are many things to think about when trying to protect data and plan for potential threats.
In your journal, write about how cryptography is important to cybersecurity. Describe the differences between data in motion and data at rest. Be certain to explain how threat modeling can be used to help protect the organization.
Your entry should be at least two paragraphs long.
Overview
Journals are private and between you and the instructor only. Approach these activities as an opportunity to reflect upon and apply what you learn each week based on the assigned readings, discussions, and activities. As a successful professional, you will need good reflective and writing skills. Journal activities offer you the opportunity to develop these skills further. The journal entries in this course are graded separately.
Prompt
First, complete the assigned readings for the week. Then read the journal prompt and write a reflection. Your journal entry should be two paragraphs long and address the prompt provided in each module.
In your response, be certain to address the following critical elements:
Critical Thinking and Reflection: Support the claims with relevant examples of previous and logical thought processes.
Integration and Application: Show excellent depth of knowledge of the module content and exhibit careful consideration of the topic.
Voice: Write in a style that is appealing and appropriate for the intended audience and use a consistent voice that is evident throughout.
What to Submit
Submit journal assignments as Word documents with double spacing, 12-point Times New Roman font, and one-inch margins. Responses should be at least two paragraphs long and address the points indicated in the journal prompt for each module.
Journal Rubric
Criteria Exemplary (100%) Proficient (85%) Needs Improvement (55%) Not Evident (0%) Value
Critical Thinking and Reflection Supports claims with relevant examples of previous and logical thought processes Supports claims with mostly relevant examples of previous and logical thought processes Supports claims with somewhat relevant examples of previous and logical thought processes Does not support claims with reflection on relevant personal examples 25
Integration and Application Shows excellent depth of knowledge of the module content and exhibits careful consideration of the topic Shows good depth of knowledge of the module content and demonstrates that the module content has been read Shows limited depth of knowledge, indicating the module content may have been reviewed but needs to be explored further Does not address the prompt and reflects that the module content has not been read 25
Voice Writes in a style that is appealing and appropriate for the intended audience and uses a consistent voice that is evident throughout Writes in a style that is generally appropriate for the intended audience and makes an attempt to use a consistent voice Writes in a style that considers the audience but is not consistent in voice, and it is difficult to identify the voice Does not attempt to use a style that considers the audience and leaves no evidence of the voice 25
Writing Is free of errors in organization and grammar Is mostly free of errors in organization and grammar; errors are marginal and rarely interrupt the flow Contains errors in organization and grammar, but errors are limited enough so that it can be understood Contains errors in organization and grammar, making it difficult to understand 25
Total: 100%
Unformatted Attachment Preview
Copyright 2020. NEW AGE International Publishers.
All rights reserved. May not be reproduced in any form without permission from the publisher, except fair uses permitted under U.S. or applicable copyright law.
CHAPTER
2
2.1
Conventional Encryption and
Message Confidentiality
INTRODUCTION
Due to rapid growth of digital communication and electronic data transfer, information security
has become a crucial issue in industry, business and administration. Modern cryptography
provides essential techniques for securing information and protecting data.
The word cryptography comes from the Greek words κρυπτο (hidden or secret) and γραφη
(writing). Oddly enough, cryptography is the art of secret writing. More generally, people think
of cryptography as the art of mangling information into apparent unintelligibility in a manner
allowing a secret method of un-mangling. The basic service provided by cryptography is the
ability to send information between participants in a way that prevents others from reading it.
This chapter covers the key concept of cryptography and different cryptanalysis techniques.
2.2
CONVENTIONAL ENCRYPTION PRINCIPLES
Cryptography is the art or science encompassing the principles and methods of transforming an
intelligible message into one that is unintelligible and then retransforming that message back to
its original form. This kind of cryptography can provide other services, such as;
• Integrity checking : Reassuring the recipient of a message that the message has not
been altered since it was generated by a legitimate source.
• Authentication : Verifying someone’s (or something’s) identity.
But back to the traditional use of cryptography, a message in its original form is known as
plaintext. The distorted information is known as ciphertext. The process for producing ciphertext
from plaintext is known as encryption. The reverse of encryption is called decryption.
Encryption is a mechanism used to protect valuable information such as on-line
transactions, documents and images from un-authorized people accessing or changing it. This
can be performed by using a mathematical formula called cipher and a key to convert readable
data (plain text) into a form that others cannot understand (cipher text). Decryption—means
translation of encrypted text or data into original text. It is also called deciphering.
17
EBSCO Publishing : eBook Collection (EBSCOhost) – printed on 3/16/2024 9:38 PM via SOUTHERN NEW HAMPSHIRE UNIVERSITY
AN: 2706870 ; Acharya, Rathnakar.; Cryptography and Network Security
Account: shapiro.main.eds
18
CRYPTOGRAPHY AND NETWORK SECURITY
A conventional encryption scheme has five elements.
Fig. 2.1: Conventional encryption
Plain Text: This is the original message before encryption and after decryption
Encryption Algorithm: It perform various substitutions and transformations on the plain
text during encryption.
Secret Key: The secret key is an input to the algorithm along with the plain text. The exact
substitution and transformation performed by the algorithm depends on the key selected.
Cipher Text: The message produced after encryption as an output is cipher text. It is a
scrambled message. For different secret keys the cipher text is different.
Decryption Algorithm: It is a reverse process of the encryption operation. It take cipher
text and the secret key as an input and produces the original plain text.
In an encryption process the security level mainly depends on the secrecy of the key used,
and not the secrecy of the algorithm. Generally we need not to keep the algorithm secret; we
need to keep only the key secret.
2.3
CRYPTOGRAPHY
In cryptography the transformed message will be secure and resistant to attacks. Cryptography
is the process of encryption and decryption of message using secret keys. Cryptography is
classified along three independent dimensions. The three different methods of classifications
are based on;
1. The type of operations used for transforming plain text to cipher text;
Substitution: In which each element in the plain text is mapped into another element.
Transposition: In which elements in the plain text are rearranged.
In the above two operation, the fundamental requirement is that no information be lost.
2. The number of keys used;
This is referred to the number of keys used. If both sender and receiver use the same key
the system is referred to as symmetric key encryption, single key, secret key or conventional
encryption. If the sender and receiver each uses a different key, the system is referred to
asymmetric, two key or public key encryption.
EBSCOhost – printed on 3/16/2024 9:38 PM via SOUTHERN NEW HAMPSHIRE UNIVERSITY. All use subject to https://www.ebsco.com/terms-of-use
Conventional Encryption and Message Confidentiality
19
Symmetric key encryption: In this type of crypto system a single key is used for both
encryption and decryption process.
Asymmetric key encryption: In this type of crypto system there are two keys instead of
one. One public key and one private key. The sender encrypt the message using the receiver’s
public key. To decrypt the message the receiver uses his private key.
3. The way in which the plain text is processed;
Block cipher: A block cipher processes the input one block of element at a time, producing
an output block for each input block.
Stream Cipher: A stream cipher processes the input elements continuously producing
output one element at a time as it goes along.
2.4
CRYPTANALYSIS
The process of breaking crypto system to discover the plaintext or key is called cryptanalysis. A
study of cryptanalysis will help to know how vulnerable our cryptosystem is. Using this, better
secret codes can be created to protect our transactions. The five different types of cryptanalysis
attacks are listed as in figure 2.2.
Fig. 2.2: Cryptanalysis attacks
2.4.1
Cipher Text Only Attack (COA)
In cipher text only attack the attacker Eve access only the cipher text. This cipher text is used
to find the corresponding plaintext and the key. It is assumed that the attacker knows the
cryptographic algorithm. He can intercept the ciphertext for cryptanalysis. The attacker will try
to find the key or decrypt one or more pieces of cipher text.
Fig. 2.3: Cipher text only attack
EBSCOhost – printed on 3/16/2024 9:38 PM via SOUTHERN NEW HAMPSHIRE UNIVERSITY. All use subject to https://www.ebsco.com/terms-of-use
20
CRYPTOGRAPHY AND NETWORK SECURITY
Different methods used in cipher text only attacks are;
1. Brute-force attack
2. Statistical attack
3. Pattern attack
Table 2.1: Frequency of characters and character groups in english language
Monogram frequency
Bigram frequency
Trigram frequency
A:
8.55
K:
0.81
TH :
2.71
EN :
1.13 THE: 1.81 ERE : 0.31
U:
2.68
B:
1.60
NG :
0.89
HE :
2.33 HES: 0.24 AND : 0.73
L:
4.21
V:
1.06
AT :
1.12
AL :
0.88 TIO:
0.31 VER : 0.24
C:
3.16
M:
2.53
IN :
2.03
ED :
1.08 ING: 0.72 TER : 0.30
W:
1.83
D:
3.87
IT :
0.88
ER :
1.78
HIS:
0.24 ENT: 0.42
N:
7.17
X:
0.19
ND :
1.07
AS :
0.87 EST:
0.28 OFT : 0.22
E:
12.10
O:
7.47
AN :
1.61
TO :
1.07 ION: 0.42 ERS : 0.28
Y:
1.72
F:
2.18
IS :
0.86
RE :
1.41 ITH:
0.21 HER : 0.36
P:
2.07
Z:
0.11
OR :
1.06
HA :
0.83
ATI:
0.26 FTH : 0.21
G:
2.09
Q:
0.10
ES :
1.32
EA :
1.00 FOR: 0.34 HAT : 0.26
H:
4.96
R:
6.33
ET :
0.76
ON :
1.32 STH: 0.21 THA : 0.33
I:
7.33
S:
6.73
TI :
0.99
SE :
0.73 ATE: 0.25 OTH : 0.21
J:
0.22
T:
8.94
ST :
1.25
AR :
0.98 NTH: 0.33 ALL : 0.25
OU :
0.72
NT :
1.17 RES: 0.21 INT : 0.32
TE :
Quadgram frequency
0.98
OF :
0.71
Quintgram frequency
ETH:
0.24 ONT : 0.20
Common english words
TIO:
0.31
OTH:
0.16
OFTH:
0.18
ANDT:
0.07 THE:
6.42
ON :
0.78
THE:
THE:
THE:
THE:
ING:
OFTH:
THIS:
SAND:
THES:
THEI:
HERE:
INTH:
IONS:
MENT:
0.12
0.16
0.24
0.11
0.15
0.19
0.10
0.14
0.18
0.10
0.13
0.17
0.10
0.12
NTH:
RTH:
DTH:
THA:
FRO:
ETHE:
FTHE:
TING:
STHE:
WITH:
NGTH:
THEC:
ATIO:
ANDT:
0.27
0.12
0.15
0.21
0.10
0.15
0.19
0.10
0.14
0.18
0.10
0.13
0.17
0.10
CTIO:
NDTH:
INTH:
THES:
EDTH:
INGTH:
EOFTH:
TIONA:
NGTHE:
ERTHE:
FORTH:
ATTHE:
FIRST:
THECO:
0.05
0.07
0.16
0.05
0.06
0.09
0.05
0.06
0.08
0.04
0.06
0.07
0.04
0.05
ATIO:
WHIC:
ONTH:
THER:
AFTE:
THEIR:
TOTHE:
ABOUT:
ORTHE:
OTHER:
IONAL:
INGTO:
TIONS:
WOULD:
0.17
0.05
0.07
0.09
0.05
0.06
0.08
0.04
0.06
0.07
0.04
0.06
0.07
0.04
0.47
0.75
2.75
0.41
0.74
2.43
0.39
0.58
1.12
0.35
0.51
0.92
0.33
0.47
OF :
THI:
HE :
TO :
BUT:
AS :
IN :
AN :
HIS:
FOR:
NOT:
BE :
WAS:
OR :
2.76
0.42
0.75
2.67
0.40
0.71
2.31
0.37
0.55
1.01
0.34
0.48
0.88
0.30
ARE:
WIT:
AND:
I:
IT :
A:
HAVE:
AT :
IS :
HAS :
BY :
THAT:
THEY:
FROM:
EBSCOhost – printed on 3/16/2024 9:38 PM via SOUTHERN NEW HAMPSHIRE UNIVERSITY. All use subject to https://www.ebsco.com/terms-of-use
Conventional Encryption and Message Confidentiality
21
Brute-force Attack: In brute-force attack the attacker tries to decrypt the message using
all possible keys, until the actual plaintext is obtained.
Statistical Attack: In this the attacker tries to find the most frequently used characters,
pair of characters or triplet of characters in the cipher text. A statistical cryptanalysis exploits
weakness in cryptosystem such as inability to produce random number or floating point error. It
computes the frequency of such characters in ciphertext. Cryptanalysis is based on the fact that
in any given stretch of ciphertext, certain letters and combination of letter occur with varying
frequencies, moreover there is a character distribution of letters that is roughly the same for all
samples of ciphertext.
For example: For a given section of ciphertext E, T, A and O are the most common,
while Z, Q and X are rare. Likewise TH, ER, ON and AN, are the most common pairs of letter
and SS, EE, TT and FF are most common repeats. The frequency of different characters and
character groups in English language is given in the Table 2.1. It is clear that most frequently
used character is ‘e’.
Pattern Attack: In this case, it is known that all clear messages contain some pattern. This
may be English language words, or encodings of some non-compact alphabets such as ASCII
letters or XML start and end tags or some combinations of all of these.
2.4.2
Known Plain text Attacks (KPA)
In a known plaintext attack and attacker has seen the plaintext and the corresponding ciphertext.
The attacker can make conclusions about the encrypting key and will have validation if the
encrypting key is discovered. As in figure 2.4 Alice (A) want to send an encrypted file to Bob
(B), later Alice made the content of this file public. The attacker will keep this plaintext as a
sample and use the intercepted cipher text for mapping. Once the attacker becomes successful,
he uses them to break the next message from Alice to Bob, assuming that Alice has not changed
his key.
Fig. 2.4: Known plaintext attacks
EBSCOhost – printed on 3/16/2024 9:38 PM via SOUTHERN NEW HAMPSHIRE UNIVERSITY. All use subject to https://www.ebsco.com/terms-of-use
22
CRYPTOGRAPHY AND NETWORK SECURITY
2.4.3
Chosen Plaintext Attack (CPA)
In a chosen plaintext attack the attacker choose the plaintext to be encrypted. This can occur
when user steps away from the computer and the attacker sends a message and captures the
resulting ciphertext. The attacker can select plaintext that will produce clues to the encryption
key used.
This is possible when the attacker have access to Alice’s computer. He can choose some
plaintext and intercept the created cipher text as shown in figure 2.5. The attacker does not have
the key because the key is normally embedded in the software used by Alice.
Fig. 2.5: Chosen-plaintext attack
2.4.4
Chosen Cipher text Attack (CCA)
The attacker has the ability to select any cipher text and study the plaintext produced by
decrypting them. The attacker has capability to make the victim, decrypt a selected ciphertext
and send him the result. Analysing the chosen ciphertext and corresponding received plaintext,
the attacker links to guess the sent key which was used by the victim.
Fig. 2.6: Chosen-cipher text attack
EBSCOhost – printed on 3/16/2024 9:38 PM via SOUTHERN NEW HAMPSHIRE UNIVERSITY. All use subject to https://www.ebsco.com/terms-of-use
Conventional Encryption and Message Confidentiality
2.4.5
23
Chosen-text Attack
The attacker assumes the encryption algorithm to decrypt the intercepted cipher text. A set of
secret keys are used to generate the plaintext.
2.5
LOCATION OF ENCRYPTION DEVICES
Encryption is a powerful and commonly used method to protect the information in a network.
For using the encryption we need to decide what to encrypt and where the encryption
mechanism should be located. There are two fundamental approaches as shown in the figure 2.7:
1. Link Encryption
2. End-to-End Encryption
In link encryption method each vulnerable communication link is equipped on both ends
with an encryption device. Thus all traffic over every communication link is secured. This
mechanism includes number of encryption devices in a large network. It provides high level
security. The security level in the link is very high.
One of the main limitation of this approach is the message is vulnerable at each switch. The
message must be decrypted each time, when it enters a packet switch. This is essential, because
the switch must read the address in the packet header to route the packet. Also if it is a public
packet switching network the user has no control over the security of these nodes.
Fig. 2.7: Location of encryption devices in a packet switched network
In end-to-end encryption, the encryption process is carried out at the end systems by the
sender at the point of origin and only decrypted by the intended receiver. The end terminals
encrypt the message and then transmitted across the network to the destination terminal.
Receiver at the destination decrypts the message using the shared key. This approach would
seem to secure the transmission against attacks on the network links or switches. This method
also has some limitations. Consider that the terminal device encrypts the entire packet. The
packet contains a header and part of the user data. The receiving terminal will not receive this
encrypted packet. This is because, to read and forward this encrypted message the intermediate
nodes will require the address of the next node. If the packet with both header and data are
encrypted, it can route the packets. Therefore the terminal device may only encrypt the user
data portion of the packet and must leave the header in the clear, so that it can be read by the
next node in the network. To attain higher level of security both link and end-to-end encryption
are needed.
EBSCOhost – printed on 3/16/2024 9:38 PM via SOUTHERN NEW HAMPSHIRE UNIVERSITY. All use subject to https://www.ebsco.com/terms-of-use
24
CRYPTOGRAPHY AND NETWORK SECURITY
SUMMARY
• Cryptography is a technique of transforming plain text into cipher text by encrypting
plain text message and also obtaining original plain text by decryption. This kind of
cryptography can also provide other services such as integrity checking and authentication.
• In cryptography the encryption process and security level mainly depend on the secrecy
of the key used and not on the secrecy of the algorithm.
• The type of transformation from plain text to cipher text is based on either substitution or
transformation method.
• Based on the number of keys used, cryptography is classified as symmetric key and
asymmetric key encryption.
• Based on the way in which the plain text is processed it is classified as block cipher or
stream cipher methods.
• The process of breaking crypto system to discover the plain text or key is called
cryptanalysis.
• The encryption is made safer by using a particular encryption technique and the location
of the encryption mechanism. The two approaches are link encryption and end-to-end
encryption.
REVIEW QUESTIONS
1. What are the principle procedures of conventional encryption technique?
2. Explain standard data encryption algorithm in detail.
3. What is cryptanalysis?
4. What is plain text? What is cipher text? Explain the procedure for the conversion of plain
text into cipher text.
5. What is the difference between substitution cipher and transposition cipher?
6. What are the two basic ways of transforming plain text into cipher text?
MULTIPLE CHOICE QUESTIONS
1. In cryptography, what is cipher?
(a) Algorithm for performing encryption and decryption
(b) Encrypted message
(c) Both (a) and (b)
(d) None of the mentioned
2. In asymmetric key cryptography, the private key is kept by
(a) Sender
(b) Receive
(c) Sender and receiver
(d) All the connected devices to the network
EBSCOhost – printed on 3/16/2024 9:38 PM via SOUTHERN NEW HAMPSHIRE UNIVERSITY. All use subject to https://www.ebsco.com/terms-of-use
Conventional Encryption and Message Confidentiality
25
3. Cryptanalysis is used
(a) To find some insecurity in a cryptographic scheme
(b) To increase the speed
(c) To encrypt the data
(d) None of the mentioned
4. The encrypted message are termed as
(a) Plain text
(b) Clear text
(c) Cipher text
(d) Encryption text
5. Substitution cipher performs
(a) Characters are replaced by other characters
(b) Rows are replaced by columns
(c) Columns are replaced by rows
(d) None of the above
6. A combination of an encryption algorithm and a decryption algorithm is called a
(a) Cipher
(b) Secret
(c) Key
(d) None of the above
7. In a (n) ___________ cipher, the same key is used by both the sender and receiver.
(a) Symmetric key (b) Asymmetric key (c) Both (a) and (b) (d) None of the above
8. In a (n) _____________, the key is called the secret key.
(a) Symmetric key (b) Asymmetric key (c) Both (a) and (b) (d) None of the above
9. In link encryption method each vulnerable communication link is equipped on both ends
with an,
(a) Encryption device
(b) Communication link
(c) User terminal
(d) Packet switched network
10. The __________ of a threat measures its potential impact on a system.
(a) Vulnerabilities (b) Countermeasures (c) Degree of harm
(d) Susceptibility
EBSCOhost – printed on 3/16/2024 9:38 PM via SOUTHERN NEW HAMPSHIRE UNIVERSITY. All use subject to https://www.ebsco.com/terms-of-use
Copyright 2020. NEW AGE International Publishers.
All rights reserved. May not be reproduced in any form without permission from the publisher, except fair uses permitted under U.S. or applicable copyright law.
CHAPTER
16
16.1
Transport Layer Security
INTRODUCTION
One of the problem of publically accessible information repositories or dissemination systems
that contain sensitive but unclassified data to ensure sensitive data is protected appropriate with
the risk and magnitude of the harm that would result for the loss, misuse, or unauthorized access
to or modification of such data. Given the nature of interconnected networks and the use of the
Internet to share information, protection of the sensitive data can become difficult if proper
mechanisms are not employed to protect the data. Transport Layer Security (TLS) provides
such a mechanism to protect sensitive data during message communication across the Internet.
TLS is a protocol developed to provide the security services such as; confidentiality,
authentication, and integrity between two communicating applications. TLS is based on a
predecessor protocol called Secure Socket Layer Version 3.0 (SSL 3.0). SSL was developed
by Netscape Communications Corporation in 1994 to secure transactions over World Wide
Web. Soon-after that IETF began to work to develop a standard protocol that provide the same
functionality. They used SSL 3.0 as the basis for that work become the TLS protocol.
TLS and SSL are most widely recognized as the protocols that provide secure HTTP
(HTTPS) for Internet transactions between web browser and web servers. TLS/SSL can also
be used for other application level protocols, such as file transfer protocol (FTP), Lightweight
Directory Access Protocol (LDAP) and SMTP.
16.2
SECURE SOCKET LAYER (SSL)
The SSL Protocol was adopted by Netscape in 1994 as a response to the growing concerns over
Internet security. The objective is to create a secured data path between a client and a server.
SSL is designed to provide security for web traffic including confidentiality, message integrity
and authentication. These security services are achieved by the use of cryptography and properly
authenticated digital signature.
The SSL protocol is a protocol which may be placed between a reliable connections
oriented network layer protocols (e.g. TCP/IP) and the application layer protocol (e.g. HTTP).
The SSL provides for secure communication between client and server by allowing mutual
authentication, the use of digital signature for integrity and encryption for privacy. The protocol
is designed to support a range of choice for specific algorithm used for cryptography, digests and
354
EBSCO Publishing : eBook Collection (EBSCOhost) – printed on 3/16/2024 9:40 PM via SOUTHERN NEW HAMPSHIRE UNIVERSITY
AN: 2706870 ; Acharya, Rathnakar.; Cryptography and Network Security
Account: shapiro.main.eds
Transport Layer Security
355
signatures. The table 16.1 identify the key establishment, confidentiality, digital signature and
hash mechanisms used in both TLS and SSL 3.0 protocols. SSL certificate therefore are critical
for the user to trust a website operating from a server before sending private information to the
server. But encryption is only one part of the trust question that SSL delivers.
Generally SSL provides three levels of security as;
• Privacy – connection through encryption.
• Identity Authentication – Identification through certifications
• Reliability – Dependable maintenance of the server connection through message
integrity checking.
Table 16.1 Mapping the security parts of TLS and SSL
Mechanism
SSL (3.0)
TLS (1.0)
Key establishment
RSA
DH – RSA
DH-DSS
DHE-RSA
DHE-DSS
DH-Anon
Fortezza-KEA
RSA
DH-RSA
DH-DSS
DHE-RSA
DHE-DSS
DH-Anon
Confidentiality
IDEA-CBC
RC4-128bit
3DES – EDE-CBC
Fortezza-CBC
IDEA – CBC
RC4-128
3DES-EDE-CBC
Kerberos
AES
Signature
RSA
DSA
RSA
DSA
Elliptic Curve (EC)
Hash
MD5
SHA-1
MD5
SHA-1
A common application of SSL with a web system is on on-line store, where client computers
are sending request to a merchant’s server. Since the SSL protocol is integrated into most
web browsers, and those browsers are normally used to access web applications, no further
configuration is required from the client side of the SSL connection.
16.2.1
Working of SSL Protocol
SSL has two different entities, server and client. The client is the entity that initiates the
transaction, whereas the server is the entity that responds to the client and negotiates which
cipher suites are used for encryption. In SSL, the Web browser acts as the client and the Website server as the server. Three protocols lie within SSL are; the Handshake Protocol, the Record
Protocol, and the Alert Protocol. The client authenticates the server during the Handshake
Protocol. When the session is initiated and the handshake is complete, the data transfer is
encrypted during the Record Protocol phase. If there are any alarms at any point during the
session, the alert is attached to the questionable packet and handled according to the Alert
Protocol.
EBSCOhost – printed on 3/16/2024 9:40 PM via SOUTHERN NEW HAMPSHIRE UNIVERSITY. All use subject to https://www.ebsco.com/terms-of-use
356
CRYPTOGRAPHY AND NETWORK SECURITY
Handshake protocol
Fig. 16.1: Handshaking process between the client and server
The client always authenticates the server, and the server has the option of also
authenticating the client. In general,Web servers do not authenticate the client during the
Handshake Protocol because the server has other ways to verifythe client other than SSL.
For e-commerce, theWeb-site server can verify the credit card number externally from the
SSL session. In this way, the server can reserve precious processing resources for encrypted
transactions. Messages are exchanged between the client and server to establish a handshake
that begins a secure connection. The handshaking is done in four phases as shown in figure 16.1
it involves the following steps:
Client Hello, Server Hello, Server key exchange, Server Hello Done, Client Key Exchange,
ChangeCipherSpec Finished, ChangeCipherSpec Finished.
Phase I: Creating security competence
Negotiation of the session ID, key exchange algorithm, MAC algorithm, encryption
algorithm and exchange of initial random number.
EBSCOhost – printed on 3/16/2024 9:40 PM via SOUTHERN NEW HAMPSHIRE UNIVERSITY. All use subject to https://www.ebsco.com/terms-of-use
Transport Layer Security
357
Hello messages
Client Message to Server:
The client initiates a session by sending a Client
Hello message to the server. It contains:
• Version Number – The client sends the
version number corresponding to the
highest version it supports. Version 2 is used
for SSL 2.0, version 3 for SSL 3.0, and version
3.1 for TLS. Although the IETF RFC for TLS is
TLS version 1.0, the protocol uses 3.1 in the
version field to indicate that it is a higher
level (newer and with more functionality)
than SSL 3.0.
• Randomly Generated Data – Client
Random[32 bit], the random value, is a
4-byte number that consists of the client’s
date and time plus a 28-byte randomly
generated number that will ultimately
be used with the server random value to
generate a master secret from which the
encryption keys will be derived.
• Session Identification (if any) – The session
ID is included to enable the client to resume
a previous session. Resuming a previous
session can be useful, because creating a
new session requires processor-intensive
public key operations that can be avoided
by resuming an existing session with its
established session keys. Previous session
information, identified by the sessionID, is
stored in the respective client and server
session caches.
• Cipher Suite – The list of cipher suites
available on the client. An example of a
cipher suite is TLS_RSA_WITH_DES_CBC_
SHA.
• Where TLS is the protocol version, RSA is
the algorithm that will be used for the
key exchange, DES_CBC is the encryption
algorithm (using a 56-bit key in CBC
mode), and SHA is the hash function.
Server Response to Client:
Server Hello – The server responds with a
Server Hello message. The Server Hello message
includes:
• Version Number. The server sends the
highest version number supported by
both sides. This is the lower of: the highest
version number the server supports and the
version sent in the Client Hello message.
• Randomly Generated Data – Server
Random[32 bit], the Random Value, is a
4-byte number of the server’s date and time
plus a 28-byte randomly generated number
that will be ultimately used with the client
random value to generate a master secret
from which the encryption keys will be
derived.
• Session Identification (if any) – This can be
one of three choices.
• New session ID – The client did not
indicate a session to resume so a new
ID is generated. A new session ID is also
generated when the client indicates a
session to resume but the server can’t
or won’t resume that session. This latter
case also results in a new session ID.
• Resumed Session ID– The ID is the same
as indicated in the client hello. The client
indicated a session ID to resume and the
server is willing to resume that session.
• Null – this is a new session, but the
server is not willing to resume it at a
later time so no ID is returned.
• Cipher Suite – The server will choose the
strongest cipher that both the client and
server support. If there are no cipher suites
that both parties support, the session is
ended with a “handshake failure” alert.
• Compression Algorithm – Specifies the
compression algorithm to use (none
currently supported).
The following is an example of a Server Hello
Message:
Version 3,1
ServerRandom[32]
EBSCOhost – printed on 3/16/2024 9:40 PM via SOUTHERN NEW HAMPSHIRE UNIVERSITY. All use subject to https://www.ebsco.com/terms-of-use
358
CRYPTOGRAPHY AND NETWORK SECURITY
• Compression Algorithm – The requested SessionID:
bd608869foc629767ea7e3ebf7a63bdc
compression algorithm (none currently
ffb0ef58b1b941e6b0c044acb6820a77
supported).
The following is an example of a Client Hello Use Cipher Suite:
TLS_RSA_WITH_3DES_EDE_CBC_SHA
message:
Compression Algorithm: NONE
ClientVersion 3,1
ClientRandom[32]
SessionID: None (new session)
Suggested Cipher Suites:
TLS_RSA_WITH_3DES_EDE_CBC_SHA
TLS_RSA_WITH_DES_CBC_SHA
Suggested Compression Algorithm: NONE
Phase II: Server Authentication
In this phase the server may send its certificate and key exchange message, and it may request
the client to send a certificate, server signals end of Hello process.
Server Certificate: The server sends its certificate to the client. The server certificate contains
the server’s public key. The client will use this key to authenticate the server and to encrypt the
premaster secret. The client also checks the name of the server in the certificate to verify that
it matches the name the client used to connect. The browser will warn the user if these names
do not match.
Server Key Exchange: This is an optional step in which the server creates and sends a temporary
key to the client. This key can be used by the client to encrypt the Client_Key_Exchange message
later in the process. The step is only required when the public key algorithm does not provide the
key material necessary to encrypt the Client_Key_Exchange message, such as when the server’s
certificate does not contain a public key.
Client Certificate Request: This is an optional step in which the server requests authentication of
the client. This step might be used for Web sites (such as a banking Web site) where the server
must confirm the identity of the client before providing sensitive information.
Server Hello Done: This message indicates that the server is finished and awaiting a response
from the client.
Phase III: Client Authentication
Client sends certificate if requested and may send an explicit certificate verification message,
client always sends its key exchange message.
Client Response to Server
Client Certificate: If the server sent a Client Certificate Request, the client sends its certificate to
the server for client authentication. The client’s certificate contains the client’s public key.
Client Key Exchange: The client sends a Client_Key_Exchange message after computing the
premaster secret using both random values. The premaster secret is encrypted by the public key
from the server’s certificate before being transmitted to the server. Both parties will compute the
master secret locally and derive the session key from it.
EBSCOhost – printed on 3/16/2024 9:40 PM via SOUTHERN NEW HAMPSHIRE UNIVERSITY. All use subject to https://www.ebsco.com/terms-of-use
Transport Layer Security
359
If the server can decrypt this data and complete the protocol, the client is assured that the server
has the correct private key. This step is crucial to prove the authenticity of the server. Only the
server with the private key that matches the public key in the certificate can decrypt this data
and continue the protocol negotiation.
This message will also include the protocol version. The server will verify that it matches the
original value sent in the client hello message. This measure guards against rollback attacks.
Rollback attacks work by manipulating the message in order to cause the server and the client to
use a less secure, earlier version of the protocol.
Certificate Verify: This message is sent only if the client previously sent a Client Certificate
message. The client is authenticated by using its private key to sign a hash of all the messages up
to this point. The recipient verifies the signature using the public key of the signer, thus ensuring
it was signed with the client’s private key.
Change Cipher Spec: This message notifies the server that all messages that follow the Client
Finished message will be encrypted using the keys and algorithms just negotiated.
Client Finished: This message is a hash of the entire conversation to provide further
authentication of the client. This message is the first message that the record layer encrypts and
hashes.
Phase IV: Finishing the Handshake
Change-Cipher_Spec and Finished handshake.
Server Final Response to Client
Change_Cipher_Spec Message: This message notifies the client that the server will begin
encrypting messages with the keys just negotiated.
Server Finished Message: This message is a hash of the entire exchange to this point using the
session key and the MAC secret. If the client is able to successfully decrypt this message and
validate the contained hashes, it is assured that the SSL/TLS handshake was successful, and the
keys computed on the client mach