security in different layers new 2003

8/14/2019 Security in Different Layers New 2003

1/17


2/17

Security services in following layer

Application layer:

In this layer consist of three servicesconfidentiality , authentication , integrity.

Transport layer:

In transport layer security services provided withhelp of transport protocol.

Network layer:

security is provided at the network layer on a host host basis.

Link layer:when security is provided on a link basis , then the

data in all frames travelling over the link receive the securityservices.


3/17

Secure E-mail

Here first we create high level design of secure e-mail system.

Before designing a secure e-mail system we should

consider which security feature most desirable forthem.

Following feature are used in secure e-mail system

1.confidentiality

2.sender authentication3.message integrity.


4/17

Mr. A uses symmetric session key, to

send a secret e-mail to Mr. B

Ks(.)m

kB+(.)

ks

internet -

+

Ks(.)

kB-(.)

m

Kb+(.)


5/17

Using hash function & digital

signature

Ks(.)m

internet-+

Ks(.)

kB-(.)

ka

compare


6/17

PGP (PRETTY GOOD PRIVACY):

PGP is an e-mail encryption scheme that has become a defacto standard.

Versions of PGP are available in public domain, and thenPGP versions are PGPI 2004,zimmermann 2004.

Depending on the version PGP software uses MD5 or SHAfor calculating the message digest.

Sum of the symmetric key encryptions are CAST, triple-DES, or IDEA.

In addition PGP provides data compression.

When PGP installed ,the software creates a public key pairfor the user..

PGP also provide a mechanism for public key certification.


7/17

uses symmetric key cryptography , public key

cryptography , a hash function,

m H(.) Ka^-(.)

+ Ks(.)

-

Kb^+(.)

interne

t


8/17

Features of SSL

SSL server authentication:

In this case allowing userto confirm a server identity.

An SSL enabled browser maintain list of trustedcertification authorities (CAs) with public key ofCAs;.

This feature allows the browser to authenticate theserver before the user submits a payment card

number. SSL client authentication:

It allowing a server toconfirm a users identity .


9/17

Encrypted SSL:

information send between

browser and server.

* Its encrypted by sending software and

decrypted by receiving software.


10/17

Secure sockets layer(SSL) and Transport

layer security(TLS) Various mechanisms of SSL & TLS:-

1.encryption

2.authentication

3.key distribution

4.message integrity

5.digital signature.


11/17

Secure sockets layer(SSL)

SSL developed by Netscape in 1994.

This protocol design to provide data encryption &authentication..

The protocol begins with handshake phase thatindicates an encryption algorithm..

Once handshake is completed then all the data will beencrypted with help of session key.

Applications:* internet commerce , browsers and web

server.


12/17

Working of SSL

The browser and server run the handshake

protocol which

(1)authenticates the server(2)generates a shared symmetric key.

* These tasks make use of RSA public key

technology.


13/17

Steps for SSL handshake

The browser sends the server browsers SSLversion number & cryptographic preference

The server sends the browser the serversSSL version , cryptographic preference andits certificate.

The browser has a list of trusted CAs and apublic key for each CA on the list.


14/17

The browser generates a symmetrickey & encrypts with server publickey &sends to the server.

The browser sends a informingmessage to the server ..

The server sends a informing

message to the browser.. The SSL handshake is complete and

then the data will be encrypt&decrypt with help of session key.


15/17

High level overview of the handshake

phase of SSL

Bob extract

Alices

public key

Bobgenerates a

randomsymmetric

key andencrypts it

using

Bob browse

Alices secure

page

Alice extractthe symmetric

key

Alice sends Bobher certificate


16/17

Limitations of SSL

SSL was not specifically created for payment

card transaction .

Client authorization is one of the limitations of

SSL.


17/17

Thank you

security in different layers new 2003

Documents