Chapter 6: Transport-Level Security Flashcards
Transport-Level Security
What are some Web Security Threats and how can they be countered?
Integrity:
- Modification of data/memory/messages in transit
- Trojan horse browser
Countermeasures = crypto checksums
Confidentiality:
- Eavesdropping
- Theft of info from client/server
- Network configuration info
- Info about client-server connections
Countermeasures = encryption, web proxies
DoS:
Countermeasures = difficult to prevent
Authentication:
Countermeasures = crypto techniques
What is TLS?
Transport Layer Security, evolved from SSL.
A general-purpose service implemented as a set of protocols that rely on TCP.
Security mechanisms based on (or on top of) the transport layer, providing secure services to the application layer.
What does the TLS architecture look like?
Designed to make use of TCP to provide a reliable end-to-end secure service.
It consists of two layers of protocols.
The Record protocol provides basic security services to various higher-layer protocols.
On the “top” layer there is 5 different protocols.
HTTP provides transfer services for Web client/server interaction
Heartbeat protocol
The Handshake, Change Cipher Spec and Alert Protocol are TLS specific protocols used in the management of TLS exchange.
Describe the TLS concepts TLS connection and TLS session
Connection: A transport (OSI definition) that provides a suitable type of service. For TLS that is peer-to-peer relationships. They are transient and every connection is associated with one session
Session: an association between a client and a server. Created by the handshake protocol. They define a set of cryptographic security parameters, which can be shared among multiple connections.
What three services does the record protocol provide?
Confidentiality: the handshake protocol defines a shared secret key that is used for conventional encryption of TLS payloads.
Message Integrity: the handshake protocol also defines a shared secret key that is used to form MACs.
Message authentication: The handshake protocol allows both peers to authenticate their identity
In simple terms, how does the record protocol operate?
- Fragmentation of messages
- (optional) compression, must be lossless, may not increase length by more than 1024 bytes
- compute MAC on the compressed data
- Encrypt the message and the MAC, may not increase length by more than 1024 bytes
- Prepend a header
Describe the Change Cipher Spec Protocol
Consist of a single message (1 byte with the value 1).
Purpose: To cause the pending state to be copied into the current state, this updates the cipher suite to be used on this connection.
Describe the alert protocol
Used to convey TLS-related alerts to the peer-entity.
The alerts are (optionally) compressed and (not optionally) encrypted.
Contains a value warning on the severity of the message, (warning, or fatal).
Fatal connections are terminated immediately.
Describe the TLS handshake protocol
It allows the server and client to:
1. authenticate each other
2. agree on an encryption, MAC algorithm and cryptographic keys
Used before any application data is transmitted.
Consists of a series of messages exchanged by client and server in four phases:
Phase 1:
- Hello
Phase 2:
- Server sends certificates, key exchange, requests certificate.
Phase 3:
Client sends certificate, key exchange, and may send certificate verification
Phase 4:
- change cipher suite and finish
What key exchange methods does the handshake protocol support?
RSA
Fixed DH
Ephemeral DH
Anonymous DH
What are the different phases of the handshake protocol?
Phase 1: Establish security capabilities: initiates a logical connection and established the security capabilities that will be associated with it. Initiated by client with a hello message.
Phase 2: Server authentication and key exchange: server sends its certificate if it needs to be authenticated. If necessary a key exchange message is sent. A certificate request can be sent to the client.
Phase 3: Client authentication and key exchange: verification of servers certificate (if required). If requested, client sends certificate to server.
Phase 4: completes setting up a secure connection. Change cipher spec message. Verification of successful process.
What is master secret creation?
It creates a shared master secret by means of the key exchange.
It is a one-time 48-byte value generated for this session by means of secure key exchange.
Shortly describe TLS pseudorandom function
It is referred to as PRF.
The input to the PRF is a secret value, an identifying label and a seed.
It is based on a data expansion function that makes use of the HMAC algorithm.
It uses two hash algorithms, this should ensure the security of it as long as one of the algorithms remain secure.
What is the heartbeat protocol?
Established during phase 1 of the handshake protocol.
Consists of two messages: heartbeat_request/response
Serves two purposes:
- Assures the sender that the recipient is still alive.
- Generates activity across the connection during idle periods, which avoids closure by firewalls that do not allow idle connections.
What is HTTPS?
HTTP over SSL. The combo of HTTP and SSL to implement secure communication between a Web browser and a Web server.