TLS-Transport Layer Security full report
Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
seminar presentation
Active In SP

Posts: 582
Joined: Apr 2010
30-05-2010, 11:18 PM

.ppt   TLS-Transport Layer Security-seminar.ppt (Size: 392 KB / Downloads: 102)

TLS (Transport Layer Security)

Presented By
Angshuman Karmakar
Roll “ 000610501011
B.C.S.E “ IV


¢ TLS and SSL encrypt the segments of network connections at the Transport Layer end-to-end.
¢ 1994: Netscape designed and built SSLv2
“ and told consumers that they needed SSL; credit card numbers were too sensitive to let go unencrypted
¢ Only Netscape Commerce Server supported SSL
“ It relied on X.509 certificates issued by RSADSI
¢ Microsoft had PCT (Private Communications Technology), backwards-compatible with SSLv2
“ Fixed various problems, added some new features
¢ 1995: SSLv3 (what we will see)
¢ Microsoft Secure Transport Layer Protocol (STLP)
“ Derived from SSLv3
¢ Supported unreliable transport (UDP), client auth via shared secrets
1996 IETF Transport Layer Security working group formed to pick up a protocol as a standard Transport Layer Security protocol.
“ to reconcile SSL and PCT/STLP (and others) into an IETF protocol
“ SSLv3 "won" and is the basis for TLS
“ IESG (steering group) instructed working group to add DSS, DH, 3DES
¢ TLS published in January 1999 as RFC 2246


¢ SSL connection
“ a transient, peer-to-peer, communications link, typically a TCP connection
“ associated with a SSL session
¢ SSL session
“ an association between client & server
“ Used to avoid negotiation of new security parameters for each connection
“ created by the Handshake Protocol
“ define a set of cryptographic parameters
“ may be shared by multiple SSL connections

TLS Record Protocol

The SSL Record Protocol provides two services for SSL connections:
using encryption with a shared secret key defined by Handshake Protocol
message is compressed before encryption
message integrity
using a MAC (Message Authentication Code) with shared secret key
similar to HMAC Algorithm but with different padding
Record Protocol
SSL Change Cipher Spec Protocol
Consists of a single one byte message
one of 3 SSL specific protocols which use the SSL Record protocol
Causes pending state to become current
Hence updates the cipher suite in use

SSL Alert Protocol

¢ The Alert Protocol is used to convey SSL-related alerts to the peer entity.
¢ Each message in this protocol consists of two bytes .
¢ The first byte takes the value warning(1) or fatal(2) to convey the severity of the message.
¢ If the level is fatal, SSL immediately terminates the connection. Other connections on the same session may continue, but no new connections on this session may be established
¢ compressed & encrypted

TLS Handshake Protocol

¢ The most Important part of the TLS protocol
¢ Can Be Divided into Four Phases
Negotiation Phase
- Client Sends Client_Hello message containing highest version it supports,a random number, a list of suggested cipher suites and compression methods.

- The server responds with a Server_Hello message, containing the chosen protocol version, a random number, cipher suite, and compression method from the choices offered by the client. The server may also send a session id as part of the message to perform a resumed handshake.

Handshake Protocol

Server Authentication and Key Exchange
-The server sends its Certificate message
-server_key_exchange message may be sent if it is required. (not required if Diffie-Hellman , or RSA key exchange is to be used.)
-The server requests a certificate from the client, so that the connection can be mutually authenticated, using a CertificateRequestmessage.
- The server sends a ServerHelloDone message, indicating it is done with handshake negotiation.

Client Authentication and Key Exchange

-If requested client sends a Certificate message, which contains the client's certificate

-The client sends a ClientKeyExchange message, which may contain a PreMasterSecret, public key, or nothing. (depending on the selected cipher.) This PreMasterSecret is encrypted using the public key of the server certificate.

- The client sends a CertificateVerify message, which is a signature over the previous handshake messages using the client's certificate's private key. This signature can be verified by using the client's certificate's public key. This lets the server know that the client has access to the private key of the certificate and thus owns the certificate.
-The client and server then use the random numbers and PreMasterSecret to compute a common secret, called the "master secret". All other key data for this connection is derived from this master secret

Handshake Protocol

- The client sends a ChangeCipherSpec message and copies the pending CipherSpec into the current CipherSpec
-client sends an encrypted Finished message, containing a hash and MAC over the previous handshake messages. The server will attempt to decrypt the client's Finished message, and verify the hash and MAC. If the decryption or verification fails, the handshake is considered to have failed and the connection should be torn down.
- Similarly server sends a ChangeCipherSpec message
and an Finished message.Client perform the similar tasks
on them.

¢ TLS Version 1.0

defined in RFC 2246 in January 1999 based on SSL Version 3.0
differences between them is significant enough
¢ TLS version 1.1
TLS 1.1 was updated from the previous verson 1.0 in RFC 4346 in April 2006. Significant differences in this version include;
The implicit Initialization Vector (IV) was replaced with an explicit IV.
Change in handling of padding errors.
support for IANA registration of parameters.
¢ TLS version 1.2
TLS 1.2 was updated in RFC 5246 in August 2008, that was based on the earlier TLS 1.1 specification. Major differences include:
The MD5/SHA-1 combination in the pseudorandom function (PRF) was replaced with cipher-suite-specified PRFs.
The MD5/SHA-1 combination in the digitally-signed element was replaced with a single hash, specified in a new field.
Enhancement in the client's and server's ability to specify which hash and signature algorithms they will accept.
Expansion of support for authenticated encryption.
TLS Extensions definition and Advanced Encryption Standard (AES) Cipher Suites were added
Applications Using TLS

Thank You
Use Search at wisely To Get Information About Project Topic and Seminar ideas with report/source code along pdf and ppt presenaion

Important Note..!

If you are not satisfied with above reply ,..Please


So that we will collect data for you and will made reply to the request....OR try below "QUICK REPLY" box to add a reply to this page

Quick Reply
Type your reply to this message here.

Image Verification
Please enter the text contained within the image into the text box below it. This process is used to prevent automated spam bots.
Image Verification
(case insensitive)

Possibly Related Threads...
Thread Author Replies Views Last Post
  web spoofing full report computer science technology 13 9,014 20-05-2016, 11:59 AM
Last Post: Dhanabhagya
  Security using colors and Armstrong numbers Moiz ansari 2 170 21-10-2015, 12:10 PM
Last Post: mkaasees
  Wireless Sensor Network Security model using Zero Knowledge Protocol seminar ideas 2 1,451 31-03-2015, 09:08 AM
Last Post: Guest
  security features of atm ppt jaseelati 0 289 16-02-2015, 04:47 PM
Last Post: jaseelati
  abstract cybercrime and security paper presentation jaseelati 0 291 13-02-2015, 02:01 PM
Last Post: jaseelati
  security features of atm abstract jaseelati 0 304 17-01-2015, 04:13 PM
Last Post: jaseelati
  android full report computer science technology 57 73,251 24-09-2014, 05:05 PM
Last Post: Michaelnof
  steganography full report project report tiger 23 25,817 01-09-2014, 11:05 AM
Last Post: computer science crazy
  3D PASSWORD FOR MORE SECURE AUTHENTICATION full report computer science topics 144 92,700 13-05-2014, 10:16 AM
Last Post: seminar project topic
Video Random Access Memory ( Download Full Seminar Report ) computer science crazy 2 2,423 10-05-2014, 09:44 AM
Last Post: seminar project topic