SSL/PKI/SET

CIS345 Spring 2003

OSI – Open Systems Interconnection

Security Review – where is SET and SSL

Security Objectives – Reasons (1)Security Objectives – Reasons (1)

Protect traffic between trusted hosts from forgery or eavesdropping. It is because traffic between end pairs over the Internet might pass through hostile hosts. Attackers could do damage.

Protect the whole range of Internet software currently in use. The services include such as e-mail, HTTP, Remote access that relies on TCP/IP must be protected. (too expensive to replace it.)

Example of protecting trafficExample of protecting traffic

Security Objectives – Reasons (2)Security Objectives – Reasons (2)

An untrusted network is in place. In many cases, the untrusted network is the public Internet and is too expensive to replace by an a trusted network between two end pairs.

Protection is automatic. Individual users do not need to modify the protocol.

Internet

PublicNetwork

Untrusted

SSL- Secure Sockets Layer

Secure Sockets Layer (SSL) is the dominant protocol for encrypting general communications between browser and server

What is Secure Socket Layer –SSL?

It is a flexible, general-purpose encryption system.

It was introduced in 1994 in the Netscape Navigator browser.

There have been three versions of SSL

SSL Purpose

Provides security between WEB Server and Browser to pass sensitive information.

Social Security Number (SSN)

Secret information, etc

Padlock at bottom of screen.

Open

Closed

What is the benefit of SSL? If you want to send a

message through an untrusted network, you have to encrypt it prior to sending, as you fear that your data will be modified/tapped by unauthorised users.

With the SSL, it provides the built-in data encryption, which means that you DON”T need to encrypt it. No need to encrypt

SSL History

Developed by Netscape in 1994 –v1.

SSLv2 released in 1995

SSL v3 also released in 1995 due to bugs in v2.

In 1996 the Internet Engineering Task Force (IETF) formed the:

Transport Layer Security (TLS) committee.

TLSv1 was based upon SSLv3

Both Netscape and Microsoft support TLSv1.

SSL Characteristics

SSL protocol operates at TCP/IP transport layer, TCP layer (or layer 4 in ISO/OSI model).

It works with NTTP (news), HTTP (web) and SMTP (e-mail)

This gives SSL flexibility and protocol independence.

SSL Functions

SSL serves four basic functions:

Authentication between the Web Server and client.

Encryption between Web server and client.

Integrity between Web Server and Client.

Key Exchange between Web Server and Client.

SSL/TLS

It is now the focal point of Internet Standards activity by the Internet Engineering Task Force (IETF).

The proposed Transport layer security (TLS v1) protocol is based on SSL version 3.

How about the current status?

SSL Encryption:

SSL uses two different encryption technologies: Public Key encryption (asymmetric) is used to

authenticate the server and/or client and to exchange a private session key between the server and

the client.

Private Key encryption (symmetric) is used to encrypt the data between the server and client.

SSL Cracked In 1995, a French used a cipherpunk using a brute force attack to attack the secret message.

In 9/1995, two Berkey

students found that the

session keys were

predictable.

Yes

In 10/1995, some students

used packet sniffer

technology to modify the

binary as it passed through

the newtrok.

It uses 40 bits and is not secure, as it takes 3.5 hours using brute force (try all combinations).

Features of SSL

SSL was put at the transport layer so that it is not specifically for the HTTP protocol.

It is not as efficient for Web browsing. SSL connection must use TCP/IP socket. However, SSL is flexible to use any DES,

cipher block, triple DES, RC2 or RC4

The cipher suite descriptions that follow refer to these algorithms:

•DES. Data Encryption Standard, an encryption algorithm used by the U.S. Government.

•DSA. Digital Signature Algorithm, part of the digital authentication standard used by the U.S. Government.

•KEA. Key Exchange Algorithm, an algorithm used for key exchange by the U.S. Government.

•MD5. Message Digest algorithm developed by Rivest.

•RC2 and RC4. Rivest encryption ciphers developed for RSA Data Security.

•RSA. A public-key algorithm for both encryption and authentication. Developed by Rivest, Shamir, and Adleman. (The Rivest-Shamir-Adleman (RSA) algorithm was the first realization of a public key system, and has also become the most widely used public-key system. We will see that the security is conjectured to be as hard as factoring large integers. )

•RSA key exchange. A key-exchange algorithm for SSL based on the RSA algorithm.

•SHA-1. Secure Hash Algorithm, a hash function used by the U.S. Government.

•SKIPJACK. A classified symmetric-key algorithm implemented in FORTEZZA-compliant hardware used by the U.S. Government.

Data Encryption Standard (DES)

US standard Symmetrical Encryption 64 bit plain text blocks 56 bit key Declared insecure in 1998 Electronic Frontier Foundation DES Cracker machine DES now worthless Alternatives include TDEA

PKI – Public Key Infrastructure

A PKI enables users of a basically unsecure public network such as the Internet to securely and privately exchange data and money through the use of a public and a private cryptographic key pair that is obtained and shared through a trusted authority. The public key infrastructure provides for a digital certificate that can identify an individual or an organization and directory services that can store and, when necessary, revoke the certificates.

Functions of a PKI

Generate public/private key pairs Identify and authenticate key subscribers Bind public keys to subscriber by digital

certificate Issue, maintain, administer, revoke, suspend,

reinstate, and renew digital certificates Create and manage a public key repository

PKI - Authentication

PKi provides the basic security required to carry out electronic business so that users, who do not know each other, or are widely distributed, can communicate securly.

PKI is based on digital certificates which bind the user’s digital signature to their public key.

PKI should consist of A security policy Certificate Authority (CA) Registration Authority (RA) Certificate Distribution System PKI enabled applications

Certification Authority

A certificate authority (CA) is an authority in a network that issues and manages security credentials and public keys for message encryption. As part of a public key infrastructure (PKI), a CA checks with a registration authority (RA) to verify information provided by the requestor of a digital certificate. If the RA verifies the requestor's information, the CA can then issue a certificate.

Depending on the public key infrastructure implementation, the certificate includes the owner's public key, the expiration date of the certificate, the owner's name, and other information about the public key owner.

Certification Authority– cont.

Public key of sender is required to be distributed. But how can we ensure that the receiver gets a

trusted copy of the public key of the sender? Use certificates. The trustworthy institution is usually called

Certification Authority (CA). The CA must be trusted by all parties.

Certificates: digital documents binding a public key to a name (individual or organization)

issued by a certificate authority (CA). X.509 standard. Certificates have expiry

dates can be revoked. Hierarchy of CA’s.

Certification Authorities –cont.

Digital Certificate

1. USE CA’S PUBLIC KEY TO VERIFY CERTIFICATE IS GENUINE AND HAS NOT BEEN ALTERED.

2. VERIFY THAT CA NAME MATCHES.

3. VERIFY IDENTITY OF SENDER.

4. DECRYPT SENDER’S MESSAGE USING SENDER’S PUBLIC KEY

0. CA AUTHENTICATES SENDER, DIGITALLY SIGNS CERTIFICATE

An entity generates a public private key pair and sends the public key to CA.

Based on the level of assurance (low, medium, high) of the certificate, the CA may go through differing degrees of effort to validate identity (physical visit, notarized document etc).

Verisign (www.verisign.com) is an example of a CA

Thawte (www.thawte.com) is another example, they offer free e-mail certificate at current time.

Certification Authorities –cont.

SSL handshake

SSL handshake means the communication between client and server

It consists of ninenine steps that authenticate the two parties and create a shared session key.

The goal of the protocol is to authenticate the server and optionally the client using a secret symmetric key that both used for encryption.

1. Client sends client-hello message 22 server acknowledges with server-

hello message22 Server sends its certificates22 Server requestsclients’ certificate5. Client sends its certificate 6. Client sends ClientKeyExchange

message 7. Client sends a Certificate Verify

message 22 Both send ChangeCipherSpec

messages 22 Both send Finished messages

SSL Handshake – cont.

Something to remember

Once both the client and server switch into encrypted mode, both will use the session key to symmetrically encrypt subsequent transmissions in both direction.

The session key only lasts for this transaction and will be different for the next transaction

It use symmetric encryption (note that public/private is asymmetric key).

Secure Electronic Transactions (SET)

It is a specialised protocol for safeguarding credit-card-based transaction.

SET uses a system of locks and keys along with certified account IDs for both consumers and merchants. Then, through a unique process of "encrypting" or scrambling the information exchanged between the shopper and the online store, SET ensures a payment process that is convenient, private and most of all secure.

SET – cont.

Credit Card and its relationship

Customer Merchant

Card issued bank Merchant’s bank

Money

Pay Pay

SET’s services

It supports four basic services, namely, 1) authentication, 2) confidentially, 3) message integrity and 4) linkage.

It handles real-time transactions, batch transaction and installment payments.

Set’s four services

Authentication: It means all the parties (card holder, merchant, merchant bank, card issued bank) in the transaction are authenticated using digital signatures

Confidentially: The transaction is encrypted so that other cannot tap/modify the information.

Message integrity: The transaction cannot be tampered with by devious individuals to alter the account number or the amount of transaction

Linkage: SET allows a message sent to one party to contain an attachment that can be read only by another customer.

Summary of SET:

1.EstablishesEstablishes industry standards to keep your order and payment information confidential.2.IncreasesIncreases integrity for all transmitted data through encryption. 3.ProvidesProvides authentication that a cardholder is a legitimate user of a branded payment card account.4.ProvidesProvides authentication that a merchant can accept branded payment card transactions through its relationship with an acquiring financial institution.5.AllowsAllows the use of the best security practices and system design techniques to protect all legitimate parties in an electronic commerce transaction .

SET product covers

Cardholder registration Merchant registration Purchase requests Payment authorisation Payment capture (funds transfer between banks) Chargebacks (refunds to consumers for disputed

charges) Credits Credits reversals Debit card

Why not use SSL?

SSL is a general protocol and it encrypts the message between customer and merchant.

However, it cannot resolve the issue between others such as checking the validity of card number, credit/debit the money, actual transaction.

This must be handled between bank and customer, bank and merchant and bank to bank etc.

SET – how it works

3. Merchant forwards payment information to bank

6. Bank authorizes payment 8. Merchant captures transaction

9. Issuer sends credit card bill information

4. Bank checks with issuer for payment authorization.

5. Issuers authorizes payment.

Customer browses and decides to buy SET sends order and payment information

7 Merchant completes order

Authentication steps in SET

SSL uses a pair of keys (private/public keys, 2 keys) for encryption and digital signature.

SET uses two pairs of keys (4 keys), one pair for encryption, while the other for digital signature.

SET applies to merchant, merchant’s bank and card issuing bank.

It uses Secure hash Algorithm (SHA) which produces 160-bit hash, the private/public key uses RSA (1024 bit) algorithm.

Other Digital Payments

First virtual: it is designed for low- to medium- priced software sales, fee-for-service information purchases over the Internet. The consumer must first signs up for virtual account through on-line application form.

Cybercash: a product of the CyberCash Corporations, is a SET like systems for credit/debit card transactions

Digicash: A product of Netherlands-based Digicash systems. It is a digital cash system that works for phone cards.

•The SET Secure Electronic Transaction TM protocol is an open industry standard developed for the secure transmission of payment information over the Internet and other electronic networks.

•SSL Secure Socket Layer (SSL) (developed by Netscape Communications Company) is a standard that encrypts data between a Web browser and a Web server. SSL does not specify what data is sent or encrypted. In an SSL session, all data sent is encrypted.

Summary: SSL vs SET

Summary

SSL is a general purpose protocol between browser and server, current version is 3.

SET is a special protocol among customer, merchant, card issuing bank and merchant’s bank

SSL uses a pair of keys for encryption and digital signature

SET uses two pairs of keys for separating encryption and digital signature

SET’s limitation is that it only works with credit/debit card.