SlideShare ist ein Scribd-Unternehmen logo

SSL basics and SSL packet analysis using wireshark

Als PPT, PDF herunterladen
Al Imran, CISA
Al Imran, CISA

1. Definition of SSL 2. component of SSL 3. Secure connection establishment process 4. Real SSL packet capture and analysis using Wireshark 5. Digital Certificate, digital signature, digital envelop

Technologie
1 von 31
SSL BASICS AND SSL PACKET ANALYSIS USING WIRESHARK Presented by Md. Al Imran M.Sc in MISS CEH, ISO 27001 LA
YOU WILL LEARN  Definition of SSL  Components of SSL  How SSL works  Packet capturing and analysis using Wireshark  Concepts about Digital Signature, PKI, Digital Envelope, Digital Certificate PreparedbyMd.AlImran 2
WHAT IS SSL  Secure communication protocol  Between client(browser) and server  Securing any transmission over TCP  HTTPS is an application of SSL  We can tell it HTTP over SSL PreparedbyMd.AlImran 3
SSL PROVIDES  Confidentiality  Authenticity  Integrity  Non repudiation PreparedbyMd.AlImran 4
COMPONENTS OF SSL  4 components/protocol layer  Record layer  Change cipherspec protocol  Alert protocol  Handshake protocol PreparedbyMd.AlImran 5
RECORD LAYER PreparedbyMd.AlImran 6
RECORD LAYER (CONTD..)  Collects all messages from Alert, ChangeCipherSpec, Handshake and application protocol messages  Format them, formatting provides  a header of each message  Add Message Authentication Code(MAC) at the end  Five bytes header  Protocol message follow the header no longer that 16384 bytes PreparedbyMd.AlImran 7
RECORD LAYER (CONTD..)  Header contains  Protocol definition(1 byte): indicated which higher layer protocol is contained  Version(2 byte): SSL protocol version  Length(2 byte): length of higher layer protocol message PreparedbyMd.AlImran 8
CHANGECIPHERSPEC PROTOCOL  Composed of only one message(1 byte)  Indicates the beginning of secure communication PreparedbyMd.AlImran 9
ALERT PROTOCOL  Sends errors, problems, warning about the connection between client and server  Layer is formed with two fields  Severity level: 1 means warning, 2 means fatal error  Alert description:  Close notify, no certificate, bad certificate, BadRecordMAC, handshake failure etc PreparedbyMd.AlImran 10
HANDSHAKE PROTOCOL  Establish a handshake which begins secure communication between client and server  The following steps shows how handshake is established PreparedbyMd.AlImran 11
HANDSHAKE PROTOCOL (CONTD..) PreparedbyMd.AlImran 12
HANDSHAKE PROTOCOL (CONTD..)  ClientHello  5 components of the message  Version: which SSL version client supports  Random number: 32 byte for cryptographic calculation, with (4 byte)time & date at the last  Session ID: empty  Cipher suites: exact algorithm(DES, AES, 3DES,RC4,MD5,SHA-1), key size  Compression method: compression before encryption PreparedbyMd.AlImran 13
HANDSHAKE PROTOCOL (CONTD..)  ServerHello  Server takes the decision  Version: determines SSL version to be used  Random number: 32 byte for cryptographic calculation, with (4 byte)time & date at the last, avoid replay attack  Session ID: specific session ID  Cipher suites: selects exact, key size to be used  Compression method: select exact compression method PreparedbyMd.AlImran 14
HANDSHAKE PROTOCOL (CONTD..)  ServerkeyExchange  Sends public key information(Digital Certificate) of itself according to selected ciphersuite  ServerHelloDone  Has finished negotiation message.  Very important for client to move next state PreparedbyMd.AlImran 15
HANDSHAKE PROTOCOL (CONTD..)  ClientkeyExchange  Client sends his key information.  Premaster-secret encrypted using servers public key which is called “Digital Envelope”  Server and client generate master-secret and session key based on premaster-secret  Prevent Man-in-the-Middle attack  Server decrypt it using his private key that ensures server authentication PreparedbyMd.AlImran 16
HANDSHAKE PROTOCOL (CONTD..)  ChangeCipherSpec  Both client and server sends this message  Begin using agreed upon security services  Finished  Both client and server sends this final message  Both ends verify negotiation is successful  Encrypted and hashed message(ensures intigrity)  Ensures 3 points  Key information  Contents of all previous SSL handshake messages exchanged by the systems  A special value indicating whether the sender is a client or server PreparedbyMd.AlImran 17
CLIENT HELLO PreparedbyMd.AlImran 18
SERVER HELLO PreparedbyMd.AlImran 19
SERVER KEY EXCHANGE PreparedbyMd.AlImran 20
SERVER HELLO DONE PreparedbyMd.AlImran 21
CLIENT KEY EXCHANGE PreparedbyMd.AlImran 22
DIGITAL CERTIFICATE  It’s a component of PKI  Why PKI?  Electronic passport  Allows client to exchange information securely over the Internet using PKI  Contains public key and identity of the public key holder  Contains serial no., valid duration, version, algorithm, digital signature of the CA to verify that certificate is real  Provides sender authentication  Issued by trusted CA PreparedbyMd.AlImran 23
DIGITAL CERTIFICATE PreparedbyMd.AlImran 24
DIGITAL CERTIFICATE PreparedbyMd.AlImran 25
SSL CERTIFICATE OF AMAZON.COM 26 PreparedbyMd.AlImran
DIGITAL SIGNATURE  Digitally signed document  Process of ensuring sender authentication, message integrity and non-repudiation PreparedbyMd.AlImran 27
DIGITAL SIGNATURE PreparedbyMd.AlImran 28
DIGITAL ENVELOPE  Secure data container  Message is encrypted using a secret key(symmetric encryption)  Secret key is encrypted using recipients public key(public key encryption) PreparedbyMd.AlImran 29
DIGITAL ENVELOPE PreparedbyMd.AlImran 30
REFERENCES  http://www.sans.org/reading-room/whitepapers/protocols/ss  http://imcs.dvfu.ru/lib.int/docs/Web/SSL%20&%20TLS%20E  http://www.technologydwell.com/2012/05/securesockets-laye  https://www.youtube.com/watch?v=qps5dsNSIbc  Gmail.com  https://ibblportal.islamibankbd.com/indexLogin.d o PreparedbyMd.AlImran 31

Empfohlen

Wireshark
Wireshark Wireshark
Wireshark antivirusspam
 
Understanding NMAP
Understanding NMAPUnderstanding NMAP
Understanding NMAPPhannarith Ou, G-CISO
 
Wireless Cracking using Kali
Wireless Cracking using KaliWireless Cracking using Kali
Wireless Cracking using Kalin|u - The Open Security Community
 
NMAP
NMAPNMAP
NMAPPrateekAryan1
 
Metasploit framwork
Metasploit framworkMetasploit framwork
Metasploit framworkDeepanshu Gajbhiye
 
Wpa vs Wpa2
Wpa vs Wpa2Wpa vs Wpa2
Wpa vs Wpa2Nzava Luwawa
 
Network Security_3rd Module_Dr. Shivashankar
Network Security_3rd Module_Dr. ShivashankarNetwork Security_3rd Module_Dr. Shivashankar
Network Security_3rd Module_Dr. ShivashankarDr. Shivashankar
 
Wireshark Traffic Analysis
Wireshark Traffic AnalysisWireshark Traffic Analysis
Wireshark Traffic AnalysisDavid Sweigert
 

Empfohlen

Wireshark
Wireshark Wireshark
Wireshark antivirusspam
 
Understanding NMAP
Understanding NMAPUnderstanding NMAP
Understanding NMAPPhannarith Ou, G-CISO
 
Wireless Cracking using Kali
Wireless Cracking using KaliWireless Cracking using Kali
Wireless Cracking using Kalin|u - The Open Security Community
 
NMAP
NMAPNMAP
NMAPPrateekAryan1
 
Metasploit framwork
Metasploit framworkMetasploit framwork
Metasploit framworkDeepanshu Gajbhiye
 
Wpa vs Wpa2
Wpa vs Wpa2Wpa vs Wpa2
Wpa vs Wpa2Nzava Luwawa
 
Network Security_3rd Module_Dr. Shivashankar
Network Security_3rd Module_Dr. ShivashankarNetwork Security_3rd Module_Dr. Shivashankar
Network Security_3rd Module_Dr. ShivashankarDr. Shivashankar
 
Wireshark Traffic Analysis
Wireshark Traffic AnalysisWireshark Traffic Analysis
Wireshark Traffic AnalysisDavid Sweigert
 
Kerberos
KerberosKerberos
KerberosSutanu Paul
 
IPSec and VPN
IPSec and VPNIPSec and VPN
IPSec and VPNAbdullaziz Tagawy
 
Ch 11: Hacking Wireless Networks
Ch 11: Hacking Wireless NetworksCh 11: Hacking Wireless Networks
Ch 11: Hacking Wireless NetworksSam Bowne
 
Kali Linux
Kali LinuxKali Linux
Kali LinuxShubham Agrawal
 
Introduction to Snort
Introduction to SnortIntroduction to Snort
Introduction to SnortHossein Yavari
 
Kali Linux
Kali LinuxKali Linux
Kali LinuxChanchal Dabriya
 
Netcat
NetcatNetcat
Netcatpenetration Tester
 
Aircrack
AircrackAircrack
AircrackMuhammadHanzalah6
 
Fhrp notes
Fhrp notesFhrp notes
Fhrp notesKrunal Shah
 
Metasploit framework in Network Security
Metasploit framework in Network SecurityMetasploit framework in Network Security
Metasploit framework in Network SecurityAshok Reddy Medikonda
 
Metasploitable
MetasploitableMetasploitable
MetasploitableSri Manakula Vinayagar Engineering College
 
N map presentation
N map presentationN map presentation
N map presentationulirraptor
 
Hash Function
Hash FunctionHash Function
Hash FunctionSiddharth Srivastava
 
projet sur le vpn presentation
projet sur le vpn presentationprojet sur le vpn presentation
projet sur le vpn presentationManuel Cédric EBODE MBALLA
 
Nmap basics
Nmap basicsNmap basics
Nmap basicsn|u - The Open Security Community
 
Metasploit
MetasploitMetasploit
Metasploithenelpj
 
Mitigating Layer2 Attacks
Mitigating Layer2 AttacksMitigating Layer2 Attacks
Mitigating Layer2 Attacksdkaya
 
MPLS Concepts and Fundamentals
MPLS Concepts and FundamentalsMPLS Concepts and Fundamentals
MPLS Concepts and FundamentalsShawn Zandi
 
Fortinet UTM - les Fonctionnalités avancéese
Fortinet UTM - les Fonctionnalités avancéeseFortinet UTM - les Fonctionnalités avancéese
Fortinet UTM - les Fonctionnalités avancéeseAlphorm
 
Recon with Nmap
Recon with Nmap Recon with Nmap
Recon with Nmap OWASP Delhi
 
Internet security protocol
Internet security protocolInternet security protocol
Internet security protocolMousmi Pawar
 
Web Security
Web SecurityWeb Security
Web SecurityRam Dutt Shukla
 

Weitere ähnliche Inhalte

Was ist angesagt?

Ch 11: Hacking Wireless Networks
Ch 11: Hacking Wireless NetworksCh 11: Hacking Wireless Networks
Ch 11: Hacking Wireless NetworksSam Bowne
 
Metasploit framework in Network Security
Metasploit framework in Network SecurityMetasploit framework in Network Security
Metasploit framework in Network SecurityAshok Reddy Medikonda
 
N map presentation
N map presentationN map presentation
N map presentationulirraptor
 
Metasploit
MetasploitMetasploit
Metasploithenelpj
 
Mitigating Layer2 Attacks
Mitigating Layer2 AttacksMitigating Layer2 Attacks
Mitigating Layer2 Attacksdkaya
 
MPLS Concepts and Fundamentals
MPLS Concepts and FundamentalsMPLS Concepts and Fundamentals
MPLS Concepts and FundamentalsShawn Zandi
 
Fortinet UTM - les Fonctionnalités avancéese
Fortinet UTM - les Fonctionnalités avancéeseFortinet UTM - les Fonctionnalités avancéese
Fortinet UTM - les Fonctionnalités avancéeseAlphorm
 
Recon with Nmap
Recon with Nmap Recon with Nmap
Recon with Nmap OWASP Delhi
 

Was ist angesagt? (20)

Kerberos
KerberosKerberos
Kerberos
 
IPSec and VPN
IPSec and VPNIPSec and VPN
IPSec and VPN
 
Ch 11: Hacking Wireless Networks
Ch 11: Hacking Wireless NetworksCh 11: Hacking Wireless Networks
Ch 11: Hacking Wireless Networks
 
Kali Linux
Kali LinuxKali Linux
Kali Linux
 
Introduction to Snort
Introduction to SnortIntroduction to Snort
Introduction to Snort
 
Kali Linux
Kali LinuxKali Linux
Kali Linux
 
Netcat
NetcatNetcat
Netcat
 
Aircrack
AircrackAircrack
Aircrack
 
Fhrp notes
Fhrp notesFhrp notes
Fhrp notes
 
Metasploit framework in Network Security
Metasploit framework in Network SecurityMetasploit framework in Network Security
Metasploit framework in Network Security
 
Metasploitable
MetasploitableMetasploitable
Metasploitable
 
N map presentation
N map presentationN map presentation
N map presentation
 
Hash Function
Hash FunctionHash Function
Hash Function
 
projet sur le vpn presentation
projet sur le vpn presentationprojet sur le vpn presentation
projet sur le vpn presentation
 
Nmap basics
Nmap basicsNmap basics
Nmap basics
 
Metasploit
MetasploitMetasploit
Metasploit
 
Mitigating Layer2 Attacks
Mitigating Layer2 AttacksMitigating Layer2 Attacks
Mitigating Layer2 Attacks
 
MPLS Concepts and Fundamentals
MPLS Concepts and FundamentalsMPLS Concepts and Fundamentals
MPLS Concepts and Fundamentals
 
Fortinet UTM - les Fonctionnalités avancéese
Fortinet UTM - les Fonctionnalités avancéeseFortinet UTM - les Fonctionnalités avancéese
Fortinet UTM - les Fonctionnalités avancéese
 
Recon with Nmap
Recon with Nmap Recon with Nmap
Recon with Nmap
 

Ähnlich wie SSL basics and SSL packet analysis using wireshark

Internet security protocol
Internet security protocolInternet security protocol
Internet security protocolMousmi Pawar
 
Secure socket layer
Secure socket layerSecure socket layer
Secure socket layerEmprovise
 
SECURE SOCKET LAYER ( WEB SECURITY )
SECURE SOCKET LAYER ( WEB SECURITY )SECURE SOCKET LAYER ( WEB SECURITY )
SECURE SOCKET LAYER ( WEB SECURITY )Monodip Singha Roy
 
PPT ON WEB SECURITY BY MONODIP SINGHA ROY
PPT ON WEB SECURITY BY MONODIP SINGHA ROYPPT ON WEB SECURITY BY MONODIP SINGHA ROY
PPT ON WEB SECURITY BY MONODIP SINGHA ROYMonodip Singha Roy
 
Introduction to Secure Sockets Layer
Introduction to Secure Sockets LayerIntroduction to Secure Sockets Layer
Introduction to Secure Sockets LayerNascenia IT
 
Network and internet security
Network and internet security Network and internet security
Network and internet security SabthamiS1
 
Improving the Secure Socket Layer by Modifying the RSA Algorithm
Improving the Secure Socket Layer by Modifying the RSA AlgorithmImproving the Secure Socket Layer by Modifying the RSA Algorithm
Improving the Secure Socket Layer by Modifying the RSA AlgorithmIJCSEA Journal
 
WEB SECURITY CRYPTOGRAPHY PPTeriu8t erhiut.ppt
WEB SECURITY CRYPTOGRAPHY PPTeriu8t erhiut.pptWEB SECURITY CRYPTOGRAPHY PPTeriu8t erhiut.ppt
WEB SECURITY CRYPTOGRAPHY PPTeriu8t erhiut.pptSonukumarRawat
 
Ssl (Secure Socket Layer)
Ssl (Secure Socket Layer)Ssl (Secure Socket Layer)
Ssl (Secure Socket Layer)Sandeep Gupta
 
1643129870-internet-security.pptx
1643129870-internet-security.pptx1643129870-internet-security.pptx
1643129870-internet-security.pptxMARIA401634
 
Transport layer security.ppt
Transport layer security.pptTransport layer security.ppt
Transport layer security.pptImXaib
 

Ähnlich wie SSL basics and SSL packet analysis using wireshark (20)

Internet security protocol
Internet security protocolInternet security protocol
Internet security protocol
 
Web Security
Web SecurityWeb Security
Web Security
 
Lec 3.pptx
Lec 3.pptxLec 3.pptx
Lec 3.pptx
 
Secure socket layer
Secure socket layerSecure socket layer
Secure socket layer
 
ssl
sslssl
ssl
 
SECURE SOCKET LAYER ( WEB SECURITY )
SECURE SOCKET LAYER ( WEB SECURITY )SECURE SOCKET LAYER ( WEB SECURITY )
SECURE SOCKET LAYER ( WEB SECURITY )
 
PPT ON WEB SECURITY BY MONODIP SINGHA ROY
PPT ON WEB SECURITY BY MONODIP SINGHA ROYPPT ON WEB SECURITY BY MONODIP SINGHA ROY
PPT ON WEB SECURITY BY MONODIP SINGHA ROY
 
Introduction to Secure Sockets Layer
Introduction to Secure Sockets LayerIntroduction to Secure Sockets Layer
Introduction to Secure Sockets Layer
 
SSL-image
SSL-imageSSL-image
SSL-image
 
ch17.ppt
ch17.pptch17.ppt
ch17.ppt
 
Wireshark lab ssl v7 solution
Wireshark lab ssl v7 solutionWireshark lab ssl v7 solution
Wireshark lab ssl v7 solution
 
Network and internet security
Network and internet security Network and internet security
Network and internet security
 
SIP over TLS
SIP over TLSSIP over TLS
SIP over TLS
 
Improving the Secure Socket Layer by Modifying the RSA Algorithm
Improving the Secure Socket Layer by Modifying the RSA AlgorithmImproving the Secure Socket Layer by Modifying the RSA Algorithm
Improving the Secure Socket Layer by Modifying the RSA Algorithm
 
WEB SECURITY CRYPTOGRAPHY PPTeriu8t erhiut.ppt
WEB SECURITY CRYPTOGRAPHY PPTeriu8t erhiut.pptWEB SECURITY CRYPTOGRAPHY PPTeriu8t erhiut.ppt
WEB SECURITY CRYPTOGRAPHY PPTeriu8t erhiut.ppt
 
Secure Socket Layer.pptx
Secure Socket Layer.pptxSecure Socket Layer.pptx
Secure Socket Layer.pptx
 
Ssl (Secure Socket Layer)
Ssl (Secure Socket Layer)Ssl (Secure Socket Layer)
Ssl (Secure Socket Layer)
 
1643129870-internet-security.pptx
1643129870-internet-security.pptx1643129870-internet-security.pptx
1643129870-internet-security.pptx
 
Sequere socket Layer
Sequere socket LayerSequere socket Layer
Sequere socket Layer
 
Transport layer security.ppt
Transport layer security.pptTransport layer security.ppt
Transport layer security.ppt
 

Mehr von Al Imran, CISA

Cisa Certification Overview
Cisa Certification OverviewCisa Certification Overview
Cisa Certification OverviewAl Imran, CISA
 
Developing portale tool for digital forensic
Developing portale tool for digital forensicDeveloping portale tool for digital forensic
Developing portale tool for digital forensicAl Imran, CISA
 
Digital Forensics: The next 10 years
Digital Forensics: The next 10 yearsDigital Forensics: The next 10 years
Digital Forensics: The next 10 yearsAl Imran, CISA
 
Study On Energy Efficient Centralized Routing Protocol For Wireless Sensor N...
Study On Energy Efficient Centralized Routing Protocol For Wireless Sensor N...Study On Energy Efficient Centralized Routing Protocol For Wireless Sensor N...
Study On Energy Efficient Centralized Routing Protocol For Wireless Sensor N...Al Imran, CISA
 

Mehr von Al Imran, CISA (6)

Cisa Certification Overview
Cisa Certification OverviewCisa Certification Overview
Cisa Certification Overview
 
Developing portale tool for digital forensic
Developing portale tool for digital forensicDeveloping portale tool for digital forensic
Developing portale tool for digital forensic
 
Digital Forensics: The next 10 years
Digital Forensics: The next 10 yearsDigital Forensics: The next 10 years
Digital Forensics: The next 10 years
 
Ramadan health tips
Ramadan health tipsRamadan health tips
Ramadan health tips
 
Study On Energy Efficient Centralized Routing Protocol For Wireless Sensor N...
Study On Energy Efficient Centralized Routing Protocol For Wireless Sensor N...Study On Energy Efficient Centralized Routing Protocol For Wireless Sensor N...
Study On Energy Efficient Centralized Routing Protocol For Wireless Sensor N...
 
Bangla OCR
Bangla OCRBangla OCR
Bangla OCR
 

Kürzlich hochgeladen

Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
Vector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector DatabasesVector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector DatabasesZilliz
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
Training state-of-the-art general text embedding
Training state-of-the-art general text embeddingTraining state-of-the-art general text embedding
Training state-of-the-art general text embeddingZilliz
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostZilliz
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024The Digital Insurer
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Enterprise Knowledge
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Manik S Magar
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr LapshynFwdays
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxNavinnSomaal
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfRankYa
 

Kürzlich hochgeladen (20)

Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
Vector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector DatabasesVector Databases 101 - An introduction to the world of Vector Databases
Vector Databases 101 - An introduction to the world of Vector Databases
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
Training state-of-the-art general text embedding
Training state-of-the-art general text embeddingTraining state-of-the-art general text embedding
Training state-of-the-art general text embedding
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdf
 

SSL basics and SSL packet analysis using wireshark

  • 1. SSL BASICS AND SSL PACKET ANALYSIS USING WIRESHARK Presented by Md. Al Imran M.Sc in MISS CEH, ISO 27001 LA
  • 2. YOU WILL LEARN  Definition of SSL  Components of SSL  How SSL works  Packet capturing and analysis using Wireshark  Concepts about Digital Signature, PKI, Digital Envelope, Digital Certificate PreparedbyMd.AlImran 2
  • 3. WHAT IS SSL  Secure communication protocol  Between client(browser) and server  Securing any transmission over TCP  HTTPS is an application of SSL  We can tell it HTTP over SSL PreparedbyMd.AlImran 3
  • 4. SSL PROVIDES  Confidentiality  Authenticity  Integrity  Non repudiation PreparedbyMd.AlImran 4
  • 5. COMPONENTS OF SSL  4 components/protocol layer  Record layer  Change cipherspec protocol  Alert protocol  Handshake protocol PreparedbyMd.AlImran 5
  • 7. RECORD LAYER (CONTD..)  Collects all messages from Alert, ChangeCipherSpec, Handshake and application protocol messages  Format them, formatting provides  a header of each message  Add Message Authentication Code(MAC) at the end  Five bytes header  Protocol message follow the header no longer that 16384 bytes PreparedbyMd.AlImran 7
  • 8. RECORD LAYER (CONTD..)  Header contains  Protocol definition(1 byte): indicated which higher layer protocol is contained  Version(2 byte): SSL protocol version  Length(2 byte): length of higher layer protocol message PreparedbyMd.AlImran 8
  • 9. CHANGECIPHERSPEC PROTOCOL  Composed of only one message(1 byte)  Indicates the beginning of secure communication PreparedbyMd.AlImran 9
  • 10. ALERT PROTOCOL  Sends errors, problems, warning about the connection between client and server  Layer is formed with two fields  Severity level: 1 means warning, 2 means fatal error  Alert description:  Close notify, no certificate, bad certificate, BadRecordMAC, handshake failure etc PreparedbyMd.AlImran 10
  • 11. HANDSHAKE PROTOCOL  Establish a handshake which begins secure communication between client and server  The following steps shows how handshake is established PreparedbyMd.AlImran 11
  • 13. HANDSHAKE PROTOCOL (CONTD..)  ClientHello  5 components of the message  Version: which SSL version client supports  Random number: 32 byte for cryptographic calculation, with (4 byte)time & date at the last  Session ID: empty  Cipher suites: exact algorithm(DES, AES, 3DES,RC4,MD5,SHA-1), key size  Compression method: compression before encryption PreparedbyMd.AlImran 13
  • 14. HANDSHAKE PROTOCOL (CONTD..)  ServerHello  Server takes the decision  Version: determines SSL version to be used  Random number: 32 byte for cryptographic calculation, with (4 byte)time & date at the last, avoid replay attack  Session ID: specific session ID  Cipher suites: selects exact, key size to be used  Compression method: select exact compression method PreparedbyMd.AlImran 14
  • 15. HANDSHAKE PROTOCOL (CONTD..)  ServerkeyExchange  Sends public key information(Digital Certificate) of itself according to selected ciphersuite  ServerHelloDone  Has finished negotiation message.  Very important for client to move next state PreparedbyMd.AlImran 15
  • 16. HANDSHAKE PROTOCOL (CONTD..)  ClientkeyExchange  Client sends his key information.  Premaster-secret encrypted using servers public key which is called “Digital Envelope”  Server and client generate master-secret and session key based on premaster-secret  Prevent Man-in-the-Middle attack  Server decrypt it using his private key that ensures server authentication PreparedbyMd.AlImran 16
  • 17. HANDSHAKE PROTOCOL (CONTD..)  ChangeCipherSpec  Both client and server sends this message  Begin using agreed upon security services  Finished  Both client and server sends this final message  Both ends verify negotiation is successful  Encrypted and hashed message(ensures intigrity)  Ensures 3 points  Key information  Contents of all previous SSL handshake messages exchanged by the systems  A special value indicating whether the sender is a client or server PreparedbyMd.AlImran 17
  • 23. DIGITAL CERTIFICATE  It’s a component of PKI  Why PKI?  Electronic passport  Allows client to exchange information securely over the Internet using PKI  Contains public key and identity of the public key holder  Contains serial no., valid duration, version, algorithm, digital signature of the CA to verify that certificate is real  Provides sender authentication  Issued by trusted CA PreparedbyMd.AlImran 23
  • 26. SSL CERTIFICATE OF AMAZON.COM 26 PreparedbyMd.AlImran
  • 27. DIGITAL SIGNATURE  Digitally signed document  Process of ensuring sender authentication, message integrity and non-repudiation PreparedbyMd.AlImran 27
  • 29. DIGITAL ENVELOPE  Secure data container  Message is encrypted using a secret key(symmetric encryption)  Secret key is encrypted using recipients public key(public key encryption) PreparedbyMd.AlImran 29
  • 31. REFERENCES  http://www.sans.org/reading-room/whitepapers/protocols/ss  http://imcs.dvfu.ru/lib.int/docs/Web/SSL%20&%20TLS%20E  http://www.technologydwell.com/2012/05/securesockets-laye  https://www.youtube.com/watch?v=qps5dsNSIbc  Gmail.com  https://ibblportal.islamibankbd.com/indexLogin.d o PreparedbyMd.AlImran 31