1 / 20

By : Shrinivas G. Deshpande Advisor: Dr. Chung E. Wang Second Reader: Prof. Richard Smith

VOYAGER: Yet Another Secure Web Browser to Demonstrate Secure Socket Layer Working and Implementation . By : Shrinivas G. Deshpande Advisor: Dr. Chung E. Wang Second Reader: Prof. Richard Smith. Scope of the Project. Study of Secure Socket Layer(SSL) Protocol SSL Handshake Protocol

gustav
Télécharger la présentation

By : Shrinivas G. Deshpande Advisor: Dr. Chung E. Wang Second Reader: Prof. Richard Smith

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. VOYAGER: Yet Another Secure Web Browser to Demonstrate Secure Socket Layer Working and Implementation By: Shrinivas G. Deshpande Advisor: Dr. Chung E. Wang Second Reader: Prof. Richard Smith

  2. Scope of the Project • Study of Secure Socket Layer(SSL) Protocol • SSL Handshake Protocol • SSL Record Protocol • Demonstrate how SSL can be used to make clients secure against a secure server • Keys and Digital Certificates • Role of Gateways in SSL communication Voyager: Yet Another Secure Web Browser

  3. Requirement Specification • Introduction to SSL • What is SSL and how SSL works • Client and Server Authentication • SSL Handshake Protocol • SSL Record Protocol • Difference between http and https • Demonstrated by developing a Browser that understands http and https. • Certificates and Digital Signatures • Role of Gateways in SSL communication Voyager: Yet Another Secure Web Browser

  4. http Stateless protocol Non secure connection Non Secure Sockets https Session based protocol Secure connection Secure Sockets 1. Difference between http and https Voyager: Yet Another Secure Web Browser

  5. 2.Introduction to SSL • SSL- Developed by Netscape Communication • SSL – accepted universally on the World Wide Web for AUTHENTICATED and ENCRYPTED communication between clients and servers • IETF standard called Transport Layer Security is based on SSL • SSL protocol runs above TCP/IP and below higher level protocols such as HTTP • Uses TCP/IP to authenticate itself to an SSL enabled client Voyager: Yet Another Secure Web Browser

  6. What does SSL actually do? • Fragments messages to be transmitted into manageable blocks • Compresses the data • Encrypts and transmits the data • Received data is decrypted • Verified, decompressed • Reassembled and transmitted to higher layers Voyager: Yet Another Secure Web Browser

  7. SSL in TCP/IP Protocol Stack Voyager: Yet Another Secure Web Browser

  8. SSL Record Layer • Receives uninterrupted data from upper layers • Fragmentation / Reassemble data • Compresses/Decompress data • Encrypt/Decrypt and verification of data Voyager: Yet Another Secure Web Browser

  9. SSL Handshake Protocol • Maintains information about the current state and next state called the pending state • Once the handshake is complete, the two parties have shared secrets used to encrypt records and compute keyed messages authentication codes on their contents. • Maintains the handshake state information of the client and server and ensures that the protocol state machines of client and server work consistently Voyager: Yet Another Secure Web Browser

  10. SSL Record Protocol • Receives uninterrupted data from upper layers • Fragmentation / Reassemble data • Compresses/Decompress data • Encrypt/Decrypt and verification of data Voyager: Yet Another Secure Web Browser

  11. Design:Secure Library Class Diagram Voyager: Yet Another Secure Web Browser

  12. http connection sequence diagram Voyager: Yet Another Secure Web Browser

  13. https connection sequence diagram Voyager: Yet Another Secure Web Browser

  14. How/Why Gateways use SSL • SSL designed to provide security between client and server and avoid man-in-the-middle attack • SSL considers a proxy server as a middleman • Gateways act as clients and authenticate servers. Client authentication is not possible. • Gateway/proxy can internally authenticate client within the firewall • Packet Filtering by allowing specific ports for specific traffic. 443 in case of SSL • SSL can works with gateways that support SOCKS. SOCKS is a networking proxy protocol that enables hosts on one side of a SOCKS server to gain full access to hosts on the other side of the SOCKS server without requiring direct IP-reach ability. SOCKS is often used as a network firewall, redirecting connection requests from hosts on opposite sides of a SOCKS server. The SOCKS server authenticates and authorizes requests, establishes a proxy connection, and relays data between hosts. Voyager: Yet Another Secure Web Browser

  15. Gateways and SSL • Proxy Server should support SOCKS to support SSL • With SOCKS, DNS is the responsibility of the client • SSL tunneling, DNS is the responsibility of the proxy • Proxy Server can spoof mock on behalf of internal client. Makes connection faster Voyager: Yet Another Secure Web Browser

  16. Implementation Details • Client/Server setup for development • Voyager Front-end: Developed Using Java Swing. JRE:1.3.1_02 • Secure Library: Developed using Java and JSSE. • Testing: Running Apache Tomcat as a Secure Web Server on Local System on port #: 8443 • JSSE is Java implementation of SSL developed by SUN • Key/certificate generation • Key/certificate generation using Keytool • RSA algorithm used for key generation • X.509v3 certificates generated • Import/Export certificate to make certificate available for authentication Voyager: Yet Another Secure Web Browser

  17. Voyager Snapshots Voyager: Yet Another Secure Web Browser

  18. Securely Accessing Tomcat Apache Default page though Voyager Voyager: Yet Another Secure Web Browser

  19. Accessing Golden-1 web site through Voyager Voyager: Yet Another Secure Web Browser

  20. Conclusion • Opportunity to learn about network security • How SSL works/implemented • Setting up client servers for secure communications • Thanks to Dr. Wang and Prof. Dick Smith Voyager: Yet Another Secure Web Browser

More Related