This episode explores transport-level security, focusing on securing network and Internet communications, particularly for the Web. It begins by outlining significant Web security considerations, including unique threats such as the two-way nature of the Internet enabling attacks on servers, reputational risks for businesses, the inherent complexity of Web software leading to vulnerabilities, the potential for Web servers to be used as launchpads into internal networks, and the prevalence of security-unaware users. These threats are categorized as passive (eavesdropping, restricted data access) or active (impersonation, data alteration), and by location: server, browser, or network traffic.
The episode then details key methodologies for achieving Web security at the transport layer. Three main approaches are discussed: IP Security (IPsec) at the network level, offering transparency and generality; application-specific security tailored to individual applications; and the primary focus, Secure Socket Layer (SSL) and Transport Layer Security (TLS) at the transport level, positioned just above TCP. SSL, originated by Netscape, evolved into TLS, the Internet standard. SSL/TLS provides essential services: confidentiality through symmetric encryption and message integrity using Message Authentication Codes (MACs). These protocols enable two TCP users to dynamically determine and negotiate the security mechanisms they will employ.
Important insights highlight that SSL is not a single protocol but a layered architecture. It consists of the SSL Record Protocol, providing basic security services, and three higher-layer protocols: the Handshake Protocol for establishing security parameters, authenticating peers, and exchanging keys; the Change Cipher Spec Protocol for signaling a transition to new cryptographic settings; and the Alert Protocol for conveying warnings or fatal errors. A crucial distinction is made between an SSL session, which is a long-lived association defining cryptographic parameters, and an SSL connection, a transient peer-to-peer relationship. Sessions allow for parameter reuse, avoiding expensive renegotiation for subsequent connections.
Practical applications covered include HTTPS (HTTP over SSL), which combines the Web transfer protocol with SSL to enable secure communication between a Web browser and a Web server for secure browsing and e-commerce. Another critical application is Secure Shell (SSH), which provides secure remote logon and various other secure client/server facilities. SSH itself comprises three layers: a Transport Layer Protocol for server authentication, confidentiality, and integrity; a User Authentication Protocol to authenticate the client; and a Connection Protocol for multiplexing encrypted tunnels into logical channels.
Technical details delve into SSL/TLS architecture and operation. The SSL Record Protocol handles data fragmentation, compression, MAC calculation, and encryption. The Handshake Protocol involves four phases: establishing security capabilities, server authentication and key exchange, client authentication and key exchange, and a finalization phase. Cryptographic computations within SSL/TLS involve deriving a master secret from a pre-master secret, which then generates session keys for encryption and MAC operations. TLS introduces refinements over SSLv3 in areas such as version numbering, MAC generation, pseudorandom functions, alert codes, and cipher suite management, ensuring backward compatibility while enhancing security.
