SSL usually uses Diffie-Hellman (a secure key exchange method used on unsecure networks) to exchange the keys. The handshake procedure itself uses three SSL protocol processes: the SSL Handshake Protocol for the overall process, the SSL Change Cipher Spec Protocol for Cipher Suite specification and negotiation, and the SSL Alert Protocol for error messages.
All three of these protocols use the SSL Record Protocol to encapsulate their messages, as well as the application data flowing on the session once established. The nice thing about the SSL Record Protocol is that it provides a way to renegotiate active session parameters or establish a new session using a secure path. Initial session handshakes without a functioning and secure SSL Record Protocol must use a NULL Cipher Suite (plain text), which is of course a risk.
Read moreNavigate DownView chapterPurchase book
Read full chapter
URL: //www.sciencedirect.com/science/article/pii/B9780128110270000278
Security component fundamentals for assessment
Leighton Johnson, in Security Controls Evaluation, Testing, and Assessment Handbook (Second Edition), 2020
SSL protocol basics
The security of the data sent over an SSL VPN relies on the security of the SSL protocol. The SSL protocol allows a client (such as a Web browser) and a server (such as an SSL VPN) to negotiate the type of security to be used during an SSL session. Thus, it is critical to make sure that the security agreed to by the remote user and the SSL gateway meets the security requirements of the organization using the SSL VPN.
There are three types of security that the client and server can negotiate: the version of SSL, the type of cryptography, and the authentication method.
Versions of SSL and TLS
The terms SSL and TLS are often used together to describe the same protocol. In fact, SSL refers to all versions of the SSL protocol as defined by the IETF, while TLS refers only to versions 3.1 and later of the SSL protocol. Two versions of TLS have been standardized: TLS 1.0 and TLS 1.1. TLS 1.0 is the same as SSL 3.1; there are no versions of SSL after 3.1. As of the writing of this guide, work is being done on TLS version 1.2.
TLS is approved for use in the protection of federal information; SSL versions other than 3.1 are not.
Cryptography used in SSL sessions
There are many types of cryptographic functions that are used in security protocols. The most widely known cryptographic features are confidentiality (secrecy of data), integrity (the ability to detect even minute changes in the data), and signature (the ability to trace the origin of the data). The combination of these features is an important aspect of the overall security of a communications stream. SSL uses four significant types of features: confidentiality, integrity, signature, and key establishment (the way that a key is agreed to by the two parties).
SSL uses cipher suites to define the set of cryptographic functions that a client and server use when communicating. This is unlike protocols such as IPSec and S/MIME where the two parties agree to individual cryptographic functions. That is, SSL exchanges say in effect, “Here is a set of functions to be used together, and here is another set I am willing to use.” IPSec and S/MIME (and many other protocols) instead say, “Here are the confidentiality functions I am willing to use, here are the integrity functions I am willing to use, and here are the signature algorithms I am willing to use”, and the other side creates a set from those choices.
Just as the SSL client and server need to be able to use the same version of SSL, they also need to be able to use the same cipher suite; otherwise, the two sides cannot communicate. The organization running the SSL VPN chooses which cipher suites meet its security goals and configures the SSL VPN gateway to use only those cipher suites.
Authentication used for identifying SSL servers
When a Web browser connects to an SSL server such as an SSL VPN gateway, the browser user needs some way to know that the browser is talking to a server the user trusts. SSL uses certificates that are signed by trusted entities to authenticate the server to the Web user. (SSL can also use certificates to authenticate users to servers, but this is rarely done.)
The server authentication occurs very early in the SSL process, immediately after the user sends its first message to the SSL server. In that first message, the Web browser specifies which type of certificate algorithms it can handle; the two common choices are RSA and DSS. In the second message, the SSL server responds with a certificate of one of the types that the browser said it understands. After receiving the certificate, the Web browser verifies that the identity in the certificate (that is, the domain name listed in the certificate) matches the domain name to which the Web browser attempted to connect.
Some SSL VPNs use certificates issued by the vendor of the SSL VPN, and those certificates do not link through a chain of trust to a root certificate that is normally trusted by most users. If that is the case, the user should add the SSL VPN's own certificate to the user's list of directly trusted certificates. It is important to note that users should not add the root certificate of the SSL VPN's manufacturer to the list of certification authorities that the user trusts, since the manufacturer's security policies and controls may differ from those of the organization. Other SSL VPNs produce self-signed certificates that do not chain to any trusted root certificate; as before, the user should add the SSL VPN's own certificate to the user's list of directly trusted certificates.
View chapterPurchase book
Read full chapter
URL: //www.sciencedirect.com/science/article/pii/B9780128184271000112
Cryptography
Jason Andress, in The Basics of Information Security (Second Edition), 2014
Asymmetric key algorithms
The RSA algorithm, named for its creators Ron Rivest, Adi Shamir, and Leonard Adleman, is an asymmetric algorithm used all over the world, including in the Secure Sockets Layer (SSL) protocol, which is used to secure many common transactions such as Web and e-mail traffic. RSA was created in 1977 and is still one of the most widely used algorithms in the world to this day.
Elliptic curve cryptography (ECC) is a class of cryptographic algorithms, although it is sometimes referred to as though it were an algorithm in and of itself. ECC is named for the type of mathematical problem on which its cryptographic functions are based. ECC has several advantages over other types of algorithms. It has a higher cryptographic strength with shorter keys than many other types of algorithms, meaning that we can use shorter keys with ECC while still maintaining a very secure form of encryption. It is also a very fast and efficient type of algorithm, allowing us to implement it on hardware with a more constrained set of resources, such as a cell phone or portable device, more easily. We can see ECC implemented in a variety of cryptographic algorithms, including Secure Hash Algorithm 2 (SHA-2) and Elliptic Curve Digital Signature Algorithm (ECDSA).
Several other asymmetric algorithms exist, including ElGamal, Diffie–Hellman, and Digital Signature Standard (DSS). We can also see a variety of protocols and applications that are based on asymmetric cryptography, including Pretty Good Privacy (PGP) for securing messages and files, SSL and Transport Layer Security (TLS) for several kinds of traffic including Web and e-mail, and some Voice over IP (VoIP) for voice conversations. Asymmetric cryptography has allowed many of the modern methods of secure communication to exist and will likely continue to be the basis of them for some time.
View chapterPurchase book
Read full chapter
URL: //www.sciencedirect.com/science/article/pii/B9780128007440000051
An Introduction To Cryptography
In Next Generation SSH2 Implementation, 2009
Secure Hash Algorithm
Secure Hash Algorithm (SHA-1) produces a 160-bit hash value from an arbitrary length string. Like MD5, it is also used widely in applications such as SSH, SSL, S-MIME (Secure / Multipurpose Internet Mail Extensions), and IPSec.
The main premise behind the security of SHA-1 is that it is computationally infeasible to find a message that corresponds to a given message digest, or to find two messages that produce the same message digest. However, there has been research that indicates that this premise is no longer valid. While there have been no successful attacks on SHA-1, more secure variations of SHA-1 are currently being tested to replace the current 160-bit version. These include SHA-256, SHA-384, and SHA-512, with the numbers reflecting the strength of the message digest created on application of the algorithm.
View chapterPurchase book
Read full chapter
URL: //www.sciencedirect.com/science/article/pii/B9781597492836000039
Encryption
Jeff Gilchrist, in Encyclopedia of Information Systems, 2003
I.A.3. RC4
RC4 is a stream cipher that supports variable key sizes and was developed in 1987 by Dr. Ron Rivest for RSA Data Security Inc. One of RC4's most popular uses is in the secure socket layer (SSL) protocol used in Web browsers to encrypt the web session between a browser and a Web server
The keystream of RC4 is independent of the plaintext. The design has an 8 × 8 substitution box (S-box), so 256 entries. These 256 entries are permutations and the permutation is a function of the key.The S-box entries are labeled S0, S1,…, S255 and the algorithm contains two counters, m and n. The S-box must first be initialized before encryption can start. This is done by filling it linearly so S0 = 0, S1 = 1,…, S255 = 255. A second 256-byte array must be created and filled with the encryption key, repeated if necessary to fill the entire array so K0, K1, …, K255.Finally the key material is used to randomize the S-boxes. The following pseudo-code describes the initialization:
Form=0to255S[m]=mn=0Form=0to255n=(n+S[m]+K[m])mod256ecchangeS[m]andS[n]
Now that the S-box has been initialized, the encryption process can begin. Using the RC4 algorithm, a random byte is generated from the S-boxes. This byte, R, is then XORed with a byte of plaintext to form ciphertext. The process is repeated until all of the plaintext has been encrypted. The decryption process is the same except R is XORed with a byte of ciphertext to reveal the plaintext. The following pseudo-code describes the encryption process:
m=(m+1)mod256n=(n+S[m])mod256exchangeS[m]andS[n]x=(S[m]+S[n])mod256R=S[x]Ciphertext=RXORPlaintext
The RC4 algorithm is simple enough to memorize and easy to implement.
View chapterPurchase book
Read full chapter
URL: //www.sciencedirect.com/science/article/pii/B012227240400054X
Security Component Fundamentals for Assessment
Leighton Johnson, in Security Controls Evaluation, Testing, and Assessment Handbook, 2016
SSL VPNs – SP 800-113
An SSL VPN consists of one or more VPN devices to which users connect using their web browsers. The traffic between the web browser and the SSL VPN device is encrypted with the SSL protocol or its successor, the TLS protocol. This type of VPN may be referred to as either an SSL VPN or a TLS VPN.
Secure Sockets Layer (SSL) virtual private networks (VPN) provide secure remote access to an organization’s resources. An SSL VPN consists of one or more VPN devices to which users connect using their Web browsers. The traffic between the Web browser and the SSL VPN device is encrypted with the SSL protocol or its successor, the Transport Layer Security (TLS) protocol. This type of VPN may be referred to as either an SSL VPN or a TLS VPN. This guide uses the term SSL VPN. SSL VPNs provide remote users with access to Web applications and client/server applications, and connectivity to internal networks. Despite the popularity of SSL VPNs, they are not intended to replace Internet Protocol Security (IPsec) VPNs.1 The two VPN technologies are complementary and address separate network architectures and business needs. SSL VPNs offer versatility and ease of use because they use the SSL protocol, which is included with all standard Web browsers, so the client usually does not require configuration by the user. SSL VPNs offer granular control for a range of users on a variety of computers, accessing resources from many locations.24
SSL portal VPNs
An SSL portal VPN allows a user to use a single standard SSL connection to a website to securely access multiple network services. The site accessed is typically called a portal because it has a single page that leads to many other resources. SSL portal VPNs act as transport-layer VPNs that work over a single network port, namely the TCP port for SSL-protected HTTP (443).
SSL tunnel VPNs
An SSL tunnel VPN allows a user to use a typical web browser to securely access multiple network services through a tunnel that is running under SSL. SSL tunnel VPNs require that the web browser be able to handle specific types of active content (e.g., Java, JavaScript, Flash, or ActiveX) and that the user be able to run them. (Most browsers that handle such applications and plug-ins also allow the user or administrator to block them from being executed.)
Administering SSL VPN
The administration of both SSL portal VPNs and SSL tunnel VPNs is similar. The gateway administrator needs to specify local policy in at least two broad areas:
•Access. All SSL VPNs allow the administrator to specify which users have access to the VPN services. User authentication might be done with a simple password through a Web form, or through more sophisticated authentication mechanisms.
•Capabilities. The administrator can specify the services to which each authorized user has access. For example, some users might have access to only certain Web pages, while others might have access to those Web pages plus other services.
Different SSL VPNs have very different administrative interfaces and very different capabilities for allowing access and specifying allowed actions for users. For example, many but not all SSL VPNs allow validation of users through the Remote Authentication Dial-In User Server (RADIUS) protocol. As another example, some SSL VPNs allow the administrator to create groups of users who have the same access methods and capabilities; this makes adding new users to the system easier than gateways that require the administrator to specify both of these for each new user.25
SSL VPN architecture
The five phases of the recommended approach are as follows:
1.Identify Requirements. Identify the requirements for remote access and determine how they can best be met.
2.Design the Solution. Make design decisions in five areas: access control, endpoint security, authentication methods, architecture, and cryptography policy.
3.Implement and Test a Prototype. Test a prototype of the designed solution in a laboratory, test, or production environment to identify any potential issues.
4.Deploy the Solution. Gradually deploy the SSL VPN solution throughout the enterprise, beginning with a pilot program.
5.Manage the Solution. Maintain the SSL VPN components and resolve operational issues. Repeat the planning and implementation process when significant changes need to be incorporated into the solution.26
Note: Many of the cryptographic algorithms used in some SSL cipher suites are not FIPS-approved, and therefore are not allowed for use in SSL VPNs that are to be used in applications that must conform to FIPS-140-2.
SSL VPN architecture
Typical SSL VPN users include people in remote offices, mobile users, business partners, and customers. Hardware clients include various types of devices, such as public kiosks, home personal computers (PC), PDAs, or smart phones, which may or may not be controlled or managed by the organization. The SSL VPN may also be accessed from any location including an airport, a coffee shop, or a hotel room, as long as the location has connectivity to the Internet and the user has a Web client that is capable of using the particular SSL VPN. All traffic is encrypted as it traverses public networks such as the Internet. The SSL VPN gateway is the end point for the secure connection and provides various services and features (most SSL VPN products are standalone hardware appliances, although there are some software-based solutions that are installed on user-supplied servers).27
SSL protocol basics
The security of the data sent over an SSL VPN relies on the security of the SSL protocol. The SSL protocol allows a client (such as a web browser) and a server (such as an SSL VPN) to negotiate the type of security to be used during an SSL session. Thus, it is critical to make sure that the security agreed to by the remote user and the SSL gateway meets the security requirements of the organization using the SSL VPN.
There are three types of security that the client and the server can negotiate: the version of SSL, the type of cryptography, and the authentication method.
•Versions of SSL and TLS: The terms SSL and TLS are often used together to describe the same protocol. In fact, SSL refers to all versions of the SSL protocol as defined by the Internet Engineering Task Force (IETF), while TLS refers only to versions 3.1 and later of the SSL protocol. Two versions of TLS have been standardized: TLS 1.0 and TLS 1.1. TLS 1.0 is the same as SSL 3.1; there are no versions of SSL after 3.1. As of the writing of this guide, work is being done on TLS version 1.2.
TLS is approved for use in the protection of federal information; SSL versions other than 3.1 are not.
•Cryptography used in SSL sessions: There are many types of cryptographic functions that are used in security protocols. The most widely known cryptographic features are confidentiality (secrecy of data), integrity (the ability to detect even minute changes in the data), and signature (the ability to trace the origin of the data). The combination of these features is an important aspect of the overall security of a communications stream. SSL uses four significant types of features: confidentiality, integrity, signature, and key establishment (the way that a key is agreed to by the two parties).
SSL uses cipher suites to define the set of cryptographic functions that a client and a server use when communicating. This is unlike protocols such as IPSec and Secure/Multipurpose Internet Mail Extensions (S/MIME) where the two parties agree to individual cryptographic functions. That is, SSL exchanges say in effect, “Here is a set of functions to be used together, and here is another set I am willing to use.” IPSec and S/MIME (and many other protocols) instead say, “Here are the confidentiality functions I am willing to use, here are the integrity functions I am willing to use, and here are the signature algorithms I am willing to use,” and the other side creates a set from those choices.
Just as the SSL client and server need to be able to use the same version of SSL, they also need to be able to use the same cipher suite; otherwise, the two sides cannot communicate. The organization running the SSL VPN chooses which cipher suites meet its security goals and configures the SSL VPN gateway to use only those cipher suites.
•Authentication used for identifying SSL servers: When a web browser connects to an SSL server such as an SSL VPN gateway, the browser user needs some way to know that the browser is talking to a server the user trusts. SSL uses certificates that are signed by trusted entities to authenticate the server to the web user. (SSL can also use certificates to authenticate users to servers, but this is rarely done.)
The server authentication occurs very early in the SSL process, immediately after the user sends its first message to the SSL server. In that first message, the web browser specifies which type of certificate algorithms it can handle; the two common choices are RSA and DSS. In the second message, the SSL server responds with a certificate of one of the types that the browser said it understands. After receiving the certificate, the web browser verifies that the identity in the certificate (i.e., the domain name listed in the certificate) matches the domain name to which the web browser attempted to connect.
Some SSL VPNs use certificates issued by the vendor of the SSL VPN, and those certificates do not link through a chain of trust to a root certificate that is normally trusted by most users. If that is the case, the user should add the SSL VPN’s own certificate to the user’s list of directly trusted certificates. It is important to note that users should not add the root certificate of the SSL VPN’s manufacturer to the list of certification authorities that the user trusts, since the manufacturer’s security policies and controls may differ from those of the organization. Other SSL VPNs produce self-signed certificates that do not chain to any trusted root certificate; as before, the user should add the SSL VPN’s own certificate to the user’s list of directly trusted certificates.
View chapterPurchase book
Read full chapter
URL: //www.sciencedirect.com/science/article/pii/B9780128023242000117
Verifying User and Host Identity
Keith Lewis, in Computer and Information Security Handbook (Third Edition), 2017
3 Synthetic or Real User Logging
It is a growing challenge to verify that a user on a computer is a “real person” during the login session and it requires checks, validations, and security techniques beyond using just SSL encryption. In addition to complex passwords and security questionnaires, devices such as a mobile phone will use two-factor technologies to provide additional authenticity to the verification process. Leveraging the advantages of two- or multiple-factor authentication methodologies provides a much stronger identification process during the user's computer session by remote isolation through a completely different technology approach. This makes it much more difficult for hackers to find and break into because the activity is separate from the main channel session of attack. These additional solutions might come in the form of:
•mobile phone applications or text response notifications
•universal serial bus sticks, bank cards, or time-based generated key display devices
•pin-required login application program interfaces
•image verification through Completely Automated Public Turing Test to Tell Computers and Humans Apart (CAPTCHA)
•biometric technology such as:
•voice recognition
•fingerprint scanning
•eye iris scanning
•facial recognition
•typing pattern matching
Completely Automated Public Turing Test to Tell Computers and Humans Apart
You may have seen CAPTCHA during a password or account creation process in which a randomly distorted image appears with numbers or letters, and the information page will ask you to identify the characters or numbers you see in the image. This process helps validate your identity with human observation and interaction. Most hackers deal with volume hacks and do not have time to perform physical image recognition required for the user account that uses and stores private or personal information such as your Social Security card, your mother's maiden name, or any unique and private-centric information [4].
View chapterPurchase book
Read full chapter
URL: //www.sciencedirect.com/science/article/pii/B9780128038437000041
Electronic Payment Systems
Jane K. Winn, in Encyclopedia of Information Systems, 2003
IV.D. Network Security Protocols
One of the reasons credit cards are widely used in Internet commerce is that most browsers are capable of creating a secure communication channel between the Internet merchant's Web server and the consumer's browser using the Secure Sockets Layer (SSL) protocol developed by Netscape. SSL uses digital signature technology to provide assurance to individuals visiting Web sites on the Internet that the sites are genuine and are not a mere hacker masquerading as someone else. The SSL service also provides assurance that transfers of information between the local computer (or “client”) and the server are confidential and are received intact. Web server applications that support electronic commerce come with software that manages the keys and the encryption processes in a way that is “transparent” to the visitor to the Web site.There is now an Internet Engineering Task Force (IETF) standard called Transport Layer Security (TLS) based on SSL.
One standard that was developed in the mid-1990s but failed to achieve any significant market share was the Secure Electronic Transaction (SET) protocol. This standard was established by Visa, Mastercard, IBM, and other industry associations and vendors to improve the security of credit card transactions over the Internet. SET was widely touted as superior to SSL in a variety of ways: it would prevent consumers from fraudulently disputing credit card charges by establishing a stronger connection between a consumer's online identity and a particular charge and it would permit a merchant to be paid even though the merchant would never learn a consumer's credit card number. It is unclear whether SET could ever have lived up to these promises. It was never given a chance because implementation of SET would have required a huge investment by banks and merchants in an untested, and ultimately unsuccessful technology. As with micropayments, an updated version of SET or a similar concept may enjoy more success in the future, especially in light of the great need for stronger online authentication systems for Internet commerce.
View chapterPurchase book
Read full chapter
URL: //www.sciencedirect.com/science/article/pii/B0122272404000538
MCSE 70-293: Planning, Implementing, and Maintaining an Internet Connectivity Strategy
Martin Grasdal, ... Dr.Thomas W. ShinderTechnical Editor, in MCSE (Exam 70-293) Study Guide, 2003
EAP-TLS
Transport Level Security (TLS) is an authentication protocol that uses public-key encryption. All messages between the client and server are securely encrypted. The encryption is similar to that used with the Internet Secure Sockets Layer (SSL) protocol. This is the highest level of security provided by Windows Server 2003’s authentication methods.