Certificates CS 142 Lecture Notes: Network Security Slide 1 - - PowerPoint PPT Presentation

certificates
SMART_READER_LITE
LIVE PREVIEW

Certificates CS 142 Lecture Notes: Network Security Slide 1 - - PowerPoint PPT Presentation

Feb 22, 2024 327 likes •394 views

Certificates CS 142 Lecture Notes: Network Security Slide 1 SSL/TLS Overview Browser Server client-hello server-hello + {server-cert}SK CA Key exchange (several options) Random client-key-exchange: {K}PK server key K K {HTTP data}K Most

slide-1
SLIDE 1

CS 142 Lecture Notes: Network Security Slide 1

Certificates

slide-2
SLIDE 2

CS 142 Lecture Notes: Network Security Slide 2

SSL/TLS Overview

Browser Server client-hello server-hello + {server-cert}SKCA Key exchange (several options) Random key K client-key-exchange: {K}PKserver {HTTP data}K K

Most common: only the server is authenticated

slide-3
SLIDE 3

CS 142 Lecture Notes: Network Security Slide 3

SSL Stripping

Browser Server

HTTP request HTTP request HTTP response Modified response HTTP request HTTPS request HTTPS response HTTP response

Active Attacker Replace https:// with http:// Attacker opens HTTPS session, forwards requests and responses Attacker observes private info

slide-4
SLIDE 4

CS 142 Lecture Notes: Network Security Slide 4

HTTPS Indicators

HTTP HTTPS Firefox 10 IE 8 Chrome 17

slide-5
SLIDE 5

CS 142 Lecture Notes: Network Security Slide 5

Mixed Content Indicators

Silly dialogs

Firefox 10: no SSL indicator Chrome 17: caution sign IE 8: warning dialog, no SSL lock

slide-6
SLIDE 6

CS 142 Lecture Notes: Network Security Slide 6