Chapter 6: Transport-Level Security

Question 1

What are some Web Security Threats and how can they be countered?

Answer 1

Integrity:
- Modification of data/memory/messages in transit
- Trojan horse browser
Countermeasures = crypto checksums

Confidentiality:
- Eavesdropping
- Theft of info from client/server
- Network configuration info
- Info about client-server connections
Countermeasures = encryption, web proxies

DoS:
Countermeasures = difficult to prevent

Authentication:
Countermeasures = crypto techniques

Question 2

What is TLS?

Answer 2

Transport Layer Security, evolved from SSL.

A general-purpose service implemented as a set of protocols that rely on TCP.

Security mechanisms based on (or on top of) the transport layer, providing secure services to the application layer.

Question 3

What does the TLS architecture look like?

Answer 3

Designed to make use of TCP to provide a reliable end-to-end secure service.

It consists of two layers of protocols.

The Record protocol provides basic security services to various higher-layer protocols.

On the “top” layer there is 5 different protocols.

HTTP provides transfer services for Web client/server interaction

Heartbeat protocol

The Handshake, Change Cipher Spec and Alert Protocol are TLS specific protocols used in the management of TLS exchange.

Question 4

Describe the TLS concepts TLS connection and TLS session

Answer 4

Connection: A transport (OSI definition) that provides a suitable type of service. For TLS that is peer-to-peer relationships. They are transient and every connection is associated with one session

Session: an association between a client and a server. Created by the handshake protocol. They define a set of cryptographic security parameters, which can be shared among multiple connections.

Question 5

What three services does the record protocol provide?

Answer 5

Confidentiality: the handshake protocol defines a shared secret key that is used for conventional encryption of TLS payloads.

Message Integrity: the handshake protocol also defines a shared secret key that is used to form MACs.

Message authentication: The handshake protocol allows both peers to authenticate their identity

Question 6

In simple terms, how does the record protocol operate?

Answer 6

1. Fragmentation of messages
2. (optional) compression, must be lossless, may not increase length by more than 1024 bytes
3. compute MAC on the compressed data
4. Encrypt the message and the MAC, may not increase length by more than 1024 bytes
5. Prepend a header

Question 7

Describe the Change Cipher Spec Protocol

Answer 7

Consist of a single message (1 byte with the value 1).

Purpose: To cause the pending state to be copied into the current state, this updates the cipher suite to be used on this connection.

Question 8

Describe the alert protocol

Answer 8

Used to convey TLS-related alerts to the peer-entity.

The alerts are (optionally) compressed and (not optionally) encrypted.

Contains a value warning on the severity of the message, (warning, or fatal).

Fatal connections are terminated immediately.

Question 9

Describe the TLS handshake protocol

Answer 9

It allows the server and client to:
1. authenticate each other
2. agree on an encryption, MAC algorithm and cryptographic keys

Used before any application data is transmitted.

Consists of a series of messages exchanged by client and server in four phases:

Phase 1:
- Hello
Phase 2:
- Server sends certificates, key exchange, requests certificate.
Phase 3:
Client sends certificate, key exchange, and may send certificate verification
Phase 4:
- change cipher suite and finish

Question 10

What key exchange methods does the handshake protocol support?

Answer 10

RSA
Fixed DH
Ephemeral DH
Anonymous DH

Question 11

What are the different phases of the handshake protocol?

Answer 11

Phase 1: Establish security capabilities: initiates a logical connection and established the security capabilities that will be associated with it. Initiated by client with a hello message.

Phase 2: Server authentication and key exchange: server sends its certificate if it needs to be authenticated. If necessary a key exchange message is sent. A certificate request can be sent to the client.

Phase 3: Client authentication and key exchange: verification of servers certificate (if required). If requested, client sends certificate to server.

Phase 4: completes setting up a secure connection. Change cipher spec message. Verification of successful process.

Question 12

What is master secret creation?

Answer 12

It creates a shared master secret by means of the key exchange.

It is a one-time 48-byte value generated for this session by means of secure key exchange.

Question 13

Shortly describe TLS pseudorandom function

Answer 13

It is referred to as PRF.

The input to the PRF is a secret value, an identifying label and a seed.

It is based on a data expansion function that makes use of the HMAC algorithm.

It uses two hash algorithms, this should ensure the security of it as long as one of the algorithms remain secure.

Question 14

What is the heartbeat protocol?

Answer 14

Established during phase 1 of the handshake protocol.

Consists of two messages: heartbeat_request/response

Serves two purposes:

1. Assures the sender that the recipient is still alive.
2. Generates activity across the connection during idle periods, which avoids closure by firewalls that do not allow idle connections.

Question 15

What is HTTPS?

Answer 15

HTTP over SSL. The combo of HTTP and SSL to implement secure communication between a Web browser and a Web server.

Question 16

When HTTPS is used, which elements of the communication are encrypted?

Answer 16

• URL of the requested document
• Contents of document
• Contents of browser forms (filled in by user)
• Cookies sent from browser to server and vice versa
• Contents of HTTP header

Question 17

What is SSH?

Answer 17

Secure Shell is a protocol for secure network communications.

Designed to be simple and inexpensive to implement.

Provides general server/client capabilities and can be used for such network functions as file transfer and e-mails.

Its the primary choice for remote logon and X tunnelling, and is rapidly becoming one of the most pervasive applications for encryption technology outside embedded systems.

Question 18

How is SSH organised?

Answer 18

With 3 protocols, that typically run on top of TCP.

1. SSH Transport Layer Protocol: provides server authentication, data confidentiality, and data integrity with forward secrecy. (optionally) compression.
2. SSH User authentication protocol: authenticates client-side user to the server.
3. SSH Connection protocol: multiplexes multiple logical communications channels over a single, underlying SSH connection.

Question 19

What is forward secrecy?

Answer 19

It means that if a key is compromised during one session, the knowledge does not affect the security of earlier sessions.

Question 20

Briefly describe how the transport layer protocol works

Answer 20

1. Host keys: Server authentication. The server host key is used during key exchange to authenticate the identity of the host. The client must have knowledge about the server’s public host key for this to work either via (1) local database or (2) a trusted CA, that keeps track of host name-to-key associations.
2. Packet exchange: the client establishes a TCP connection to the server. Done via the TCP protocol. When the connection is established the client/server can exchange data (packets) with each other. The packets are protected by encryption and MAC.
3. Key generation: the keys used for encryption and MAC are generated from the shared secret key, hash value from the key exchange and the session identifier.

Question 21

Which steps does the transport layer protocol packet exchange consist of?

Answer 21

1. Identification string exchange
2. Algorithm negotiation
3. Key exchange: the two sides share a master key and the server has been authenticated via signing using the private key.
4. Service request

Question 22

What is the user authentication protocol?

Answer 22

It provides the means by which the client is authenticated to the server.

Question 23

What is the connection protocol?

Answer 23

It runs on top of the SSH transport layer protocol and assumes that a secure authentication connection is in use. The secure authentication connection, (aka tunnel) is used by the connection protocol to multiplex a number of logical channels

Question 24

What is channel mechanism?

Answer 24

A logical communication such as:

• a remote execution of a program
• X11 –> GUI for networked computers

Question 25

What 4 types of channels does SSH recognise?

Answer 25

1. Session: The remote execution of a program.
2. x11: X window system, a computer software and network protocol that provides a GUI for networked computers.
3. Forwarded-tcpip: remote port forwarding
4. Direct-tcpip: local port forwarding

Question 26

What is port forwarding?

Answer 26

It provides the ability to convert any insecure TCP connection into a secure SSH connection.

Question 27

What is the difference between local and remote port forwarding?

Answer 27

Local: the client sets up a “hijacker” process that intercepts selected application level traffic and redirects it from an unsecured TCP connection to a secure SSH connection.

Remote: the client acts on the servers behalf. The client receives traffic with a given destination port, places the traffic in the correct port and sends it to the destination the user chooses.

Question 28

Why use transport layer security, why not other methods?

Answer 28

Applications require security on top of reliable and ordered data transmission.

Application layer = not convenient, high cost

IPSec = has too much overhead.

Question 29

What is the format of the record protocol?

Answer 29

• Content Type (8 bits): The higher-layer protocol used to process the enclosed fragment.
• Major Version (8 bits): Indicates major version of TLS in use.
• Minor Version (8 bits): Indicates minor version in use.
• Compressed Length (16 bits): The length in bytes of the plaintext fragment

Question 30

What is the difference between SSL and TLS?

Answer 30

SSL and TSL provide security between web browsers and web servers.

Main difference: in SSL the Message digest is used to create a master secret and It provides authentication and confidentiality.
In TLS, a Pseudo-random function is used to create a master secret.

SSL is an older technology, and TSL is the updated more secure version

Question 31

What parameters define a session state?

Answer 31

Session ID
Peer certificate
Compression method
Cipher spec
Master secret: 48-byte
Is resumable

Question 32

What parameters define a connection state?

Answer 32

Server & client random: byte sequence chosen by server and client for each connection

Server/Client write MAC secret: secret key used in MAC operations on data sent by server/client

Server/client write key: the key used for encryption by the server/client and used for decryption by the server/client

IV

Sequence numbers

Question 33

How does connection initiation work in HTTPS?

Answer 33

The agent acting as the http client also acts as the TLS client

1. Client initiates a connection to the server –> sends a TLS hello to begin TLS handshake.
2. When handshake = finished –> client can initiate first request
3. All data is to be sent as TLS application data

Question 34

What are the 3 levels of connections in HTTPS?

Answer 34

1. HTTP connection: http client requests a connection to an http server
2. TSL/SSL session/connection: a session is established between a TLS client and server
3. TCP connection: a TLS request to establish a connection begins with the establishment of a TCP connection between the TCP entity on the client and server side

Question 35

What does the transport layer protocol offer for security?

Answer 35

Server authentication Data confidentiality
Integrity

Question 36

What methods does the user authentication protocol use for authentication?

Answer 36

Public key

Password

Host based: