L18-Certificate-TLS

Page 1: Public Key Cryptography and Certificates in TLS

Overview

  • Introduction to Public Key Cryptography: Public key cryptography is a method of encrypting data that uses a pair of keys: a public key, which can be freely shared, and a private key, which is kept secret. This ensures secure communication and enables various security services such as authentication and integrity verification.

  • Importance of Certificates in Transport Layer Security (TLS): Certificates serve as a trust mechanism in TLS, allowing users to confirm the identity of the entities they are communicating with. They encode relationship data between public keys and their respective owners, contributing to the prevention of man-in-the-middle (MITM) attacks while establishing secure connections.

Page 2: Key Concepts in Public Key Cryptography

  • Public-Key Encryption:

    • Permits secure communication without needing shared secrets, which are a traditional vulnerability point.

    • Any user can encrypt a message using the recipient's public key, ensuring only the owner of the corresponding private key can decrypt and read the message.

  • Digital Signatures:

    • The private key owner can create a digital signature that proves the authenticity of a message.

    • This signature can be verified by anyone using the public key, ensuring the message has not been altered during transmission and confirming the sender's identity.

Page 3: Security Concerns of Public-Key Cryptography

  • Man-in-the-Middle (MITM) Attacks:

    • Attackers impersonate one of the communicating parties (Alice or Bob) to intercept messages.

    • Example interaction:

      1. Alice requests Bob's public key.

      2. Bob responds with his public key, but an attacker could intercept and send their public key instead.

      3. Alice encrypts her message with the attacker's public key, allowing the attacker to read and potentially alter the message before forwarding it to Bob.

    • Public keys must be sent openly, but protecting them from interception and modification is crucial for maintaining confidentiality.

Page 4: The MITM Attack Explained

  • The Threat of Active Attackers:

    • Active attackers can intercept and alter communication by masquerading as the legitimate party.

    • Such attackers might send a fraudulent public key to the sender and receive data that is meant for the intended recipient, enabling them to decrypt messages, read, or modify them.

  • Need for Integrity:

    • It is vital to protect public keys from unauthorized changes instead of focusing solely on their confidentiality to avert such attacks.

Page 5: Establishing Trust for Public Keys

  • Role of Trusted Third Parties:

    • Establishing trust in public key communications often involves trusted third parties called Certificate Authorities (CAs). CAs certify the legitimacy of individuals' or organizations' public keys.

    • Example of a CA: Verisign, which is recognized for its extensive experience and trust within the PKI system.

  • Endorsement by CAs:

    • By signing a public key with their private key, CAs reinforce the trustworthiness of that key, allowing others to rely on it for secure communications.

Page 6: Understanding Certificates

  • Purpose of a Certificate:

    • A certificate serves as a trustworthy declaration that affirms the identity of an entity and binds this identity to its public key. Certificates prevent impersonation attacks and assure users of the entity's authenticity.

    • Simplified certificate process: Alice requests Bob's public key and receives a certificate containing Bob's public key, which has been signed by the CA's private key. Alice uses this certified key for subsequent encrypted communications with Bob.

Page 7: Hierarchical Trust Model in Certificates

  • Scalability through Delegation:

    • Due to scalability challenges, a single CA cannot sign every public key. Instead, a hierarchical model is used, where multiple CAs subordinate to a root CA can sign the keys of lower-level CAs and entities.

    • Example: A certificate chain extends from a top-level root CA down to various intermediate CAs and ultimately to individual end-user certificates.

Page 8: Verification Process of Certificates

  • How Alice Verifies Bob's Certificate:

    • To verify Bob's certificate, Alice must retrieve CA1's public key from CA1's certificate. This trust flows upwards through a chain of signatures starting from CA1 to CA2 and ultimately to the trusted root CA.

Page 9: Certificate Revocation

  • Certificate Lifecycle Management:

    • Certificates are subject to expiration and may need to be revoked if the underlying key is compromised. This process is essential to maintaining security, especially when new key pairs are generated.

Page 10: Security Services via Public Key Cryptography

  • Core Security Features:

    • Confidentiality: Only the private key holder has exclusive access to readable encrypted data.

    • Authentication: Ensures that only valid private key owners can produce authentic signatures that verify the origin of messages.

    • Integrity: Guarantees that any alterations to signed data can be detected, reinforcing the validity of the message.

    • Non-Repudiation: Provides undeniable proof regarding message origin, binding the private key owner to the communication.

Page 11: Introduction to Transport Layer Security (TLS)

  • Overview of TLS:

    • TLS is a widely used internet security protocol designed to provide secure data transmission over a computer network, protecting against eavesdropping and tampering.

Page 12: SSL and TLS Fundamentals

  • Evolution of Security Protocols:

    • SSL (Secure Sockets Layer): The original security protocol that had many vulnerabilities.

    • TLS (Transport Layer Security): Developed as a more secure version of SSL and is the current standard for securing TCP applications.

    • Features of TLS:

      • Ensures data encryption, integrity, and server authentication, typically indicated by HTTPS in web browsers alongside a lock icon.

Page 13: Placement of SSL/TLS Security Mechanisms

  • Network Layer Security:

    • TLS operates between the transport layer and application layer of the TCP/IP protocol suite, enhancing security by encapsulating data packets with additional layers of encryption.

Page 14: General Working of TLS

  • Communication Process in TLS:

    • A browser (client) initiates a secure connection with a server over TCP. During the handshake phase, public keys and certificates are exchanged, which is crucial for establishing a secure session.

Page 15: TCP Connection Establishment

  • TCP Handshake:

    • TLS communication begins only after a TCP connection is established through the standard three-way handshake process, which prepares for the secure exchange of data.

Page 16: Client Hello Message

  • Initial Key Exchange Methods:

    • In this stage, the client presents a list of supported cryptographic algorithms and sends a random number (nonce). The server then responds with selected algorithms and its nonce, preventing replay attacks and ensuring the integrity of the negotiation process.

Page 17: Server Certificate Sending

  • Validating Server Identity:

    • The server presents its certificate during the response phase, which must be verified by the client using the CA’s signature to authenticate the server’s identity and ensure that it matches the expected public key.

Page 18: Client Key Exchange Process

  • Sharing of Secrets:

    • The client securely shares a premaster secret with the server, encrypted using the server's public key. Only the server, possessing the corresponding private key, can decrypt and utilize this premaster secret to establish symmetric session keys.

Page 19: Generating Session Keys

  • Establishment of a Secure Session:

    • A key derivation function takes the premaster secret and creates session keys for symmetric encryption, optimizing for speed without compromising security.

Page 20: Protections Offered by TLS

  • Security Guarantees:

    • TLS ensures end-to-end encryption to safeguard against external threats such as packet sniffing and connection hijacking, maintaining data confidentiality and integrity throughout transmission.

Page 21: Remaining Vulnerabilities

  • Limitations of TLS:

    • While TLS fortifies against numerous threats, it doesn't address application-layer vulnerabilities (e.g., SQL injection) and remains susceptible to attacks such as denial of service and packet injection, which could potentially compromise the connection.

Page 22: Understanding SSLstrip Attacks

  • HTTP Downgrade Vulnerability:

    • Attackers can manipulate user traffic and redirect it to unencrypted HTTP connections, leading users to believe they are communicating securely when, in fact, they are not.

Page 23: Mechanism of SSLstrip Attacks

  • Technique of Attack:

    • A MITM attacker interposes themselves between the user and the server, establishing a secure connection with the server while presenting unencrypted traffic to the user, breaching security without detection.

Page 24: Illustration of SSLstrip Attack

  • Attack Flow Representation:

    • A visual representation demonstrating the attacker's role in hijacking secure communications, showing the interception of requests and responses.

Page 25: SSLstrip Attack Example

  • User Perception During Attack:

    • The attacker subtly alters URL requests, which can lead to users entering sensitive credentials in an insecure environment, thereby compromising their data.