Chapter 9

Internet Security Protocols

and Standards
 Internet Security

 Many Internet protocols were designed assuming trustworthy

links, networks and devices
 No security mechanisms built in to: IP, TCP, UDP, HTTP, SMTP,
FTP etc.
 As network/devices became less trustworthy, extensions were
developed to add security to the existing protocols and
applications: IPSEC, SSL/TLS, S/MIME
 Securing communications across the Internet can be performed
at the different layers
 Application, Transport, Network, link
Web Security
Internet Topology and Stack
Example
 Application Level Security:
Application-Specific
 Red line shows that if the security mechanisms are implemented in the applications, the user
generates some data, the application encrypts the data and then sends the encrypted data to
transport layer.
 TCP will send all that to IP. The IP datagram is then sent to a datalink layer which attaches its
own header and sends it across the WIFI link. This is the structure of the packet if we are using
application layer security.
 Application Level Security

 Application (protocol) implements its own security

mechanisms
 SSH, Email (S/MIME) etc.

 Advantages
 Host-to-host encryption

 Disadvantages
 Each application must implement common security
mechanisms
 Transport Level Security: TLS/SSL
 Instead of developers implementing security protocols, applications can make use of
transport-level security, typically utilizing the TLS (Transport Layer Security) protocol
(formerly known as SSL or Secure Socket Layer).
 This differs from the previous example as it aims for end-to-end encryption between
applications, shifting the encryption process from within the application to the transport
layer.
 Transport Level Security

 Application uses OS provided library for security

 TLS/SSL for TCP based applications, e.g. HTTPS, FTPS,
SMTP

 Advantages
 Host to host encryption
 Simpler applications; no need to implement complex security
mechanisms

 Disadvantages
 Only applies for specific transport protocols
 Applications must be implemented to use OS API
 Network Level Security: IPsec
End-to-End
 This approach involves securing data at the network layer, where IP datagrams are encrypted
and transmitted over the network, eliminating the need for application-level security measures.
 By using IPsec, the entire packet is encrypted, providing confidentiality and hiding port
numbers from potential attackers.
 Network Level Security

 Computer configured to apply security mechanisms to IP

packets
 IPsec

 Advantages
 Support all applications and transport protocols
 Can be host-to-host encryption

 Disadvantages
 Requires support and configuration in OS
Network Level Security: IPsec
Router-to-Router
 Network Level Security:
Tunneling
 Tunneling: to establish a secure, encrypted connection
between two networks or devices over an untrusted
network, such as the internet

 Creates a Virtual Private Network

 Support and configuration of security mechanisms can be

provided on routers, rather than hosts

 Does not provide end to end encryption

 Link Level Security: WPA
 WPA, or Wi-Fi Protected Access, is a security protocol that primarily operates at the link
level or data link layer of the OSI model.
 It is designed to enhance the security of wireless networks, particularly Wi-Fi, by providing
authentication and encryption mechanisms to protect data as it travels between wireless
devices and access points.
 Link Level Security

 Examples
 WEP/WPA in wireless LANs, Bluetooth, ZigBee encryption
etc.

 Advantages
 Applies to all data sent across link, independent of
application, transport, network protocols

 Disadvantages
 Encryption only across the link
 Requires configuration at both end-points
 Security Options in TCP/IP

 IPsec: Security for IP datagrams; general solution for all

Internet traffic; implemented in OS.

 SSL/TLS: Security for TCP segments; general solution for all

TCP-based applications; implemented in libraries/applications.

 Application-specific: Security for application messages; specific

to each applications; implemented in singe application.
 Web Browsing with HTTP

 HTTP is a request/response protocol for web browsing

 HTTP is stateless; no dependence between a request and a

previous request

 User agent (client) sends HTTP Request message

 Server responds with HTTP Response message

 Default Server port number:80

 Dynamic Content with Server-
Side Processing
 The client will send a request in the form of PhP request to retrieve the index.html.
The server knows that it has to execute that PHP command against the PHP engine
installed on the web server and retrieve the data from the database after
authentication.
 The PHP engine then sends the response back to the webserver and the webserver
will send the response back to the web browser using HTTP.
 What are the security issues?

 When we send data between browser and server we often

want that data to be confidential.

 The request and the response may contain data which we

don’t want others to see.

 As the data is sent across the internet, so anyone between

the path of a web browser and server can see the data.

 How to make sure browser is communicating with the

intended server.
 Solutions

 Data transmitted between browser and server is confidential:

encryption with HTTPS
 Browser sure it is communicating with the intended server:
digital certificates
 Server sure it is communicating with the intended user:
password authentication
 Actions performed by the server are appropriate:
authentication, access control
 Actions of the user (of the browser) are kept private:
anonymity services
 HTTPS
(HTTP over SSL)
 combination of HTTP and SSL to implement secure
communication between a Web browser and a Web server
 built into all modern Web browsers
 Some search engines do not support HTTPS
 URL addresses begin with https://
 Webserver listens on port number 443

 Server is authenticated using certificate (SSL)

 Client is authenticated using password (HTTP)

 agent acting as the HTTP client also acts as the TLS client
 Secure Sockets Layer (SSL)
 one of the most widely
used security services two
implementation
 general-purpose service choices:
implemented as a set of
protocols that rely on TCP provided as part
of the underlying
 subsequently became protocol suite
Internet standard
RFC2246: Transport Layer embedded in
Security (TLS) specific
packages
 SSL/TLS Evolution

SSL
1.0

 TLS evolved from Secure Socket Layers (SSL) which was developed by
Netscape Communications Corporation in 1994 to secure web sessions.
 SSL 1.0 was never released, whilst SSL 2.0 was quickly replaced by SSL 3.0 on
which TLS is based because SSL 3.0 was considered insecure.
 TLS was first specified in RFC 2246 in 1999 as an applications-independent
protocol.
 TLS: Protocol to achieve secure
communication
 TLS provides secure communication channel with 3 properties:
 Confidentiality
 Integrity
 Authentification

 Combining various security mechanisms :

 Asymmetric cryptography : authentication (RSA)
 Certificate: to validate public key of the server
 Symmetric cryptography : Confidentiality of data transmission
 Hach function : integrity of data

 Two important components

 TLS Handshake Secure
 Data transmission

Most popular transport layer security protocol

 SSL/TLS Handshake Protocol

 most complex part of SSL

 is used before any application data are transmitted
 allows server and client to:

negotiate negotiate
authenticate encryption cryptographic
each other and MAC keys to be
algorithms used

 comprises a series of messages exchanged by client and

server
 exchange has four phases These cryptographic parameters
need to be agreed upon by the client
and server
 SSL Handshake
Protocol
• Phase 1 is used to initiate a logical
connection and to establish the security
capabilities that will be associated with it.
• In phase 2 the server passes a certificate
to the client, possibly additional key
information, and a request for a certificate
from the client.
• In phase 3, upon receipt of the
server_done message, the client should
verify that the server provided a valid
certificate if required and check that the
server_hello parameters are acceptable.
• Phase 4 completes the setting up of a
secure connection. The client then
immediately sends the finished message
under the new algorithms, keys, and
secrets. The finished message verifies that
the key exchange and authentication
processes were successful.
 SSL/TLS Handshake Protocol

Client Hello
 Version: The highest TLS version understood by the client.
 Random: A client-generated random structure, consisting of a 32-bit
timestamp and 28 bytes generated by a secure random number generator.
These values are used during key exchange to prevent replay attacks.
 Session ID: A variable-length session identifier. A nonzero value
indicates that the client wishes to update the parameters of an existing
connection or create a new connection on this session. A zero value
indicates that the client wishes to establish a new connection on a new
session.
 CipherSuite: A list that contains the combinations of cryptographic
algorithms supported by the client, in decreasing order of preference.
 Compression method: This is a list of the compression methods the
client supports.
 SSL/TLS Handshake Protocol

Server Hello
The server_hello message contains the
 Version same parameters as the client_hello
 Random Number message.
 Session ID
 Provided to the client
 Cipher suite
 Usually picks client’s best preference – No obligation
 Compression method
 Connections and Sessions

 SSL connection corresponds with TCP connection

 Client and Server may have multiple connections

 SSL session is associated between client and server

 Session is created using handshake protocol
 Multiple connections can be associated with one session
 Security parameters for session cab be shared for connections

 State information is stored after handshake protocol

 Session: ID, certificate, compression, cipher spec
 Connection: random values, encrypt keys, MAC secrets, sequence
numbers
 Secure Email
 Email messages originally only text with pre-defined readers (To, From, Subject,
CC, …)

 Multipurpose Internet Mail Extensions (MIME) allows for different message and
header formats: different character sets, attachments, new headers

 Secure email requirements:

 Authentication: receiver can confirm the actual sender and that content is not modified
 Confidentiality: only sender/receiver can read the content

 Two ways to implement secure email:

 S/MIME
 OpenPGP

 Both use similar approach: sender signs message with the private key, encrypts
message with symmetric key encryption using a secret key, and encrypts the
secret using the recipients public key
 MIME and S/MIME
MIME S/MIME
 extension to the old RFC 822  Secure/Multipurpose Internet
specification of an Internet Mail Extension
mail format  security enhancement to the
 RFC 822 defines a simple MIME Internet e-mail format
heading with To, From,  based on technology from RSA
Subject Data Security
 assumes ASCII text format
 provides the ability to sign
 provides a number of new and/or encrypt e-mail
header fields that define messages
information about the body of
the message
Typical S/MIME Process
 S/MIME Functions

signed and
enveloped clear-signed
signed data enveloped
data data
data

encrypted cleartext nesting of

encoded
content message + signed
message +
and encoded and
signed
associated signed encrypted
digest
keys digest entities
S/MIME Cryptographic Algorithms

 default algorithms used for signing messages are either an

RSA and SHA-1

 RSA public-key encryption algorithm can be used with

SHA-1 or the MD5 message digest algorithm for forming
signatures

 radix-64 or base64 mapping is used to map the signature

and message into printable ASCII characters
 IP Security (IPsec)
 general IP Provides:
security
mechanisms
 provides the authentication confidentiality key
capability to • assures that a • enables management
received packet was, communicating
secure in fact, transmitted nodes to encrypt
• concerned with the
secure exchange of
communications by the party
identified as the
messages to prevent
eavesdropping by
keys
across a LAN, source in the packet third parties
• provided by the
Internet exchange
across private header and that the
packet has not been
standard IKEv2
and public altered in transit
WANs, and
across the
Internet
IPsec Uses
 Benefits of IPsec

 when implemented in a firewall or router, it provides

strong security to all traffic crossing the perimeter
 IPsec implemented in a firewall makes it is resistant to
bypass
 below transport layer, hence transparent to applications

 can be transparent to end users

 can provide security for individual users

 The Scope of IPsec
provides two main
functions:
• a combined
authentication/encrypt VPNs want
ion function called both
Encapsulating Security
Payload (ESP) authentication
• key exchange function and encryption

also an authentication-only specification

function, implemented is quite
using an Authentication complex
Header (AH) • numerous RFC’s
2401/4302/4303/
4306
 Transport and Tunnel Modes

 transport mode protection  tunnel mode provides protection

extends to the payload of an IP to the entire IP packet
packet  the entire original packet travels
 typically used for end-to-end through a tunnel from one point
communication between two of an IP network to another
hosts  used when one or both ends of a
 ESP in transport mode encrypts security association are a
and optionally authenticates the security gateway such as a
IP payload but not the IP header firewall or router that
implements IPsec
 with tunnel mode a number of
hosts on networks behind
firewalls may engage in secure
communications without
implementing IPsec
 Summary

 secure E-Mail and S/MIME  HTTPS

 Secure Sockets Layer (SSL)  connection initiation
and Transport Layer Security  connection closure
(TLS)  IPv4 and IPv6 security
 SSL architecture  IP security overview
 SSL record protocol  scope of IPsec
 change cipher spec protocol  security associations
 alert protocol  encapsulating security payload
 handshake protocol  transport and tunnel modes