上海大字 SHANGH AI JIAO TONG INTVEANTY What properties do SSL/TLS provide?nL Integrity The connection ensures integrity because each message transmitted includes a message integrity check using a message authentication code to prevent undetected loss or alteration of the data during transmission
▪ Integrity ▪ The connection ensures integrity because each message transmitted includes a message integrity check using a message authentication code to prevent undetected loss or alteration of the data during transmission What properties do SSL/TLS provide?
上海大字 SHANGH AI JIAO TONG INTVEANTY Privacy Nmnl AccoprLanguage en-uSen,q=0.8 Cookie: wp-settings-time-1=1470576264; wordpress_test_ cookie=WP+Cookie+check g=admin&pwd= C2bGV%5E7HRZEkGDV%40EiF %29Q9N'&wp-submit=Log+in& redirect_toshttp63a%62f%62fwww.examplecom%2fwp-admin 27-1EL1.<,3=-9-y-M6|10=a--7DVA=qeV4b-%5.0e0 …5S]7-0)kQL)-=m>% BH.K tm8:1c00--5e%"Y< 6/p18Rg-f…7L2>n-15-5Dlm-"9.cJ7D-LuQ 809%.MSe
Privacy
上海大字 SHANGH AI JIAO TONG INTVEANTY Identification Nmnl Man-in-the-Middle attack Example Jack Peter Man in the Victim 1 Victim 2 Middle Send over your key Send over your ke Peter sends his own key to jack Jill sends her key to Jack Jack sends his account Peter sends jill his account number as 123456789 number987654321 Jill sends money to the wrong account The MITM attack is co mplet
Identification
上海大字 SHANGH AI JIAO TONG INTVEANTY ntegrity Nmnl □ SENDER RECEIVER MESSAGE MESSAGE MAC MESSAGE MAC Key(K)→ Algorithm Key(K)→ MAC Algorithm MAC MAc+<=?←MAc MAC: If the same mAc is found then Message Authentication Code the message is authentic and integrity checked Else: something is not right
Integrity
上海大字 SHANGH AI JIAO TONG INTVEANTY TLS Handshake Layer Nmnl The transport layer Security (tls) handshake Protocol is responsible for the authentication and key exchange necessary to establish or resume sessions When establishing a secure session, the handshake protocol manages the following Cipher suit negotiation Authentication of the server and optionally, the client Session key information exchange
▪ The Transport Layer Security (TLS) Handshake Protocol is responsible for the authentication and key exchange necessary to establish or resume sessions. When establishing a secure session, the Handshake Protocol manages the following: ▪ Cipher suit negotiation ▪ Authentication of the server and optionally, the client ▪ Session key information exchange TLS Handshake Layer