Sign in
Forgot password?
live chat off

Transport Layer Security (TLS)

← Information Technology FactsMy Generation and the Internet →
Live Chat

Buy custom Transport Layer Security (TLS) essay

Introduction

Present day Web browsers as well as server applications are increasingly relying on secure TLS and SSL communications to protect sensitive data transmitted via the internet. However, there is a general lack of adequate literature on how federal users as well as system administrators can adequately protect the sensitive but unclassified data belonging to the federal government against the numerous and serious threats posed by the World Wide Web. This includes, message forgery, data tampering and eavesdropping. Transport layer security provides a mechanism to facilitate the protection of sensitive data electronically decimated across the internet. Essentially, TLS is a protocol utilized to provide confidentiality, authentication as well as data integrity between two communication applications. The protocol is based its precursor, the third version of the Secure Sockets Layer (SSL 3.0) protocol.

The Internet Engineering Task Force considers it an upgrade to the SSL 3.0. Transport Layer Security (TLS 1.0) is an internet request for comments.  Security services provided for documents specifications over the internet utilize a similar protocol. Although the SSL 3.0 protocol provides the basis for TLS 1.0 development, there are dramatic differences between the two, to the extent that they cannot interoperate. This excerpt offers information regarding the selection as well as implementation of the TLS protocol geared towards providing a more consistent use of the protocol’s confidentiality, authentication and integrity mechanism to protect information transmitted across the internet. 

Transport Layer Security

The implementation of Communication security takes place at the transport layer within the seven-layer communications stack of the OSI and not within the actual application itself. Protection of the unclassified but sensitive information transmitted by the government is possible at the transport layer if users or servers utilizing transport layer security observe appropriate protocol options during the transmission of information. Of course, security is not confined to a single property that can be handled using a single protocol. Security is comprised of a complex set of properties that are related which taken together provide the user with the information assurance characteristics required as well as the necessary information protection services. Security requirements can be derived by doing a risk assessment to attacks or the threat of an attack against a system by an adversary. These breaches normally take advantage of the implementation vulnerabilities that characterize many system components such as application software systems, computer operation systems, as well as the networks that interconnect computers.

The best defense for computer systems for attacks that are telecommunication based is to deploy securities services that are implemented with mechanisms that are specified under standards that are vetted thoroughly in a public domain as well as rigorously tested by relevant stakeholders such as vendors, laboratories as well as the end users of the commercially available off-the-shelf end product. The service used needs to be more consistent in the use of the protocol’s confidentiality, authentication and integrity mechanism to protect information transmitted across the internet.  The confidentiality component ensures that data transmitted is kept secret effectively preventing eavesdropping. The integrity component ensures data integrity and detection of data alterations to prevent modification, addition o deletion of data that is undetected.  The authentication component ensures that the sender or receiver is the intended party and as such prevents forgery.

Security in layered communications architecture

Layering of communication protocols for computers into a stack that is defined by OSI Seven-Layer Model enables developers to design new communication systems that make use of protocols that are already defined. They also allow specific communication requirements to be assigned to each layer of the stack. Each layer within the transmitting system communicates with a corresponding layer located on the receiving system/systems. Theoretically, each layer within the communication stack has a functionality that is independent of other layers. As such, security services and their implementation within each stack are specific to the individual layer targeted. There is still debate regarding the exact placement of security services and mechanism as this is not defined under the OSI Seven-Layer Model. This is compounded further by the continued evolvement of new standards to meet the communication needs of stakeholders: users, Wide and local area networking vendors, World Wide Web application designers and internet service providers.

A client-server model requires data privacy, integrity as well as authenticated message delivery. This is because the client browser accesses multiple applications in web servers.  The system used comprises an inter-network “fabric” of network routers, telephone wires, firewalls as well as other components that are hardly under the control of the end users’ software or the application software used by the servers. As such, there is a need to place a client/server protocol that overrides the inter-network fabric for effectiveness. This ensures that the security services utilized in protecting data being transmitted is jointly controlled by the server and the client and not by the “fabric”. Typical internet architecture protocols present in this fabric comprise the Transmission Control and Internet Protocol stack as well as the protocols that fall below the IP in the stack which include Local Area network protocols, directly connected modems, satellite links, fiber optic links or other link protocols. The TCP/IP stack transmits data packets through a complex arrangement of global, metropolitan, wide or local connection sets of intra- or inter- networking technology.

In a client-server model architecture, the dotted line emphasizes that the TLS entities does not in any way provide security services for the protocol entities’ interactions located lower in the stack. Essentially, it provides all the necessary security services to prevent eavesdropping, tampering and forgery of messages but relies on the communication functionality of lower layer protocols represented by the dotted arrows to provide the end-to-end delivery of data in a reliable manner. Security services can also be placed on other parts of this architectural model other than the Transport Layer. Placing the security service on lower stacks in the model is actually advantageous since the layer entities on the higher stacks utilize the same functionality. However, such a practice would call for sharing security responsibility amongst administrative organizations (internet, local or wide network service providers). It is a common belief that placing the security service in the transport layer as part of, or closer to, the server’s application and the client’s browser is actually more appropriate for applications that are web-based rather than placing or relying on security services at the lower levels.

Security in the transport layer

The Secure Sockets Layer (SSL) protocol was designed by the Netscape Corporation to meet the security needs of server applications and client browsers. The initial version was never released with the second one being released in 1994 but containing well-known vulnerabilities security wise. SSL 3.0 released in 1994, addressed these vulnerabilities. Simultaneously, Microsoft corporation released the Private Communications Technology (PCT) protocol followed by the Secure Transport Layer Protocol (STLP) which as a higher performance protocol. However, both these protocol did not command a market share to rival the one held by SSL 2.0 and SSL 3.0. The internet Engineering Task Force in an attempt to resolve the security protocol and engineering incompatibility issues between the various protocols develop TLS 1.0 (transport Laser Security Protocol) and codified it as RFC2246.  This protocol is largely based on the SSL 3.0 protocol and although the differences are not major, they are enough to prevent the interoperation between the two protocols. However, there is a mechanism that can be incorporated in TLS 1.0 to allow its implementation to use SSL 3.0 with certain entities. However, for protection of federal information, there is a need to ensure that TLS is properly configured to eliminate the need to negotiate for and use of SSL 3.0. This is particularly important as SSL 3.0 is not approved for protection of such information.

Both the TLS 1.0 and the SSL 3.0 protocols use cryptographic mechanisms to implement the security services aimed at establishing as well as maintaining secure TCP/IP connections. Cryptography (encryption) allows for the implementation of data confidentiality which prevents eavesdropping while generating a message authentication code which has a secure hash function that prevents any undetected message tampering. Authenticating the clients and servers using public key cryptography-based digital signatures prevents any message forgery. In each case, the cryptographic mechanism requires a shared secret or key so as to prevent eavesdropping, tampering and forgery. The generation as well as sharing of these secrets relies on a pseudo-random number generator as well as a key establishment algorithm.

Mechanism

SSL 3.0

TLS 1.0

FIPS Reference

Key establishment

RSA

DH-RSA

DH-DSS

DHE-RSA

DHE-DSSS

DH-Anon

Fortezza-KEA

RSA

DH-RSA

DH-DSS

DHE-RSA

DHE-DSSS

DH-Anon

 

Confidentiality

IDEA-CBC

RC4-128

3DES-EDE-CBC

Fortezza-CBE

IDEA-CBC

RC4-128

3DES-EDE-CBC

Kerberos

AES

 

 

FIPS 46-3, FIPS 81

 

FIPS 197

Signature

RSA

DSA

RSA

DSA

EC

FIPS 186-2

FIPS 186-2

FIPS 186-2

hash

MD5

SHA-1

MD5

SHA-1

 

FIPS 180-2, FIPS 198

Table 1: TLS security parts mapped to federal standards

Both TLS 1.0 and SSL 3.0 utilize a “cipher suite” to package the key establishment, signature, confidentiality and hash algorithm.  It is worth noting not all the combinations denoted above work together with both protocol implementations utilizing ciphers suites that are carefully created and then registered by the IETF and Netscape Corporation for the TLS 1.0 and the SSL respectively. Either standard protocol may utilize a single or multiple registered cipher suites in their implementation. To establish a common cipher suite between the server and the client a “handshake negotiation” mechanism is built-into the protocol.

Key establishments

RSA- a random session key (symmetric key)/ pre-master secret is generated by the sender and is then encrypted under the recipient’s public key. DH (Diffie Hellman) - both the sender and receiver have key pairs. The agreed-upon session key is computed when the sender combines the private key with the public key of the receiver while the receiver combines his private key with the public key of the sender. DH communications are of three types: static/fixed, anonymous and Ephemeral. Static/fixed DH key exchange utilized by server certificates contains the DH public parameters that are signed by the certificate authority. The client provides a DH public key parameter in a key exchange message or in a certificate whenever client authentication is required. The result is a fixed secret key that is shared between two peers which is based on the DH calculation using public keys that are fixed. The Ephemeral DH technique is used to create temporary or one time secret keys.

The process involves the exchange of DH public keys that are signed using the private RSA or DSS key belonging to the sender. The receiver then uses the corresponding public key so as to verify the signature. The public keys are authenticated using certificates. This method is considered the most secure DH option as it results in temporary keys that are authenticated. In the anonymous DH method, the base DH algorithm is utilized with no requirement for authentication. Each of the side sends their public DH parameter to the other with no need for further authentication. This leaves the approach vulnerable to an attack from an intermediary with the attacker conducting anonymous DH exchanges with the parties involved. Fortezza-KEA- KEA is a key agreement algorithms utilized in the Department of Defense-supported Fortezza cards. It was originally classified.  Although it is utilized by SSL 3.0 it is not part of the TLS 1.0 protocol.

The protocols and rules that are established in the generation, establishment and handling of the various keys through ought their lifecycle have a direct effect on the security level achieved. Security and reliability achieved is dependent on the key generation process strength as well as the protection that is afforded to those keys. Secret keys as well as the private key used with a public key in a pair, needs to be protected from modification, disclosure, substitution as well as unauthorized deletion.  Certain aspects of the lifecycle of the key can be addressed by selecting the appropriate cipher suites which determines the key establishment algorithm or by the selection of modules which are selected for instance the primitives for key storage, generation and destruction.

Key generation is usually achieved using pseudo-random number generators. The protocol handshake sequence for the client key exchange generates random bits of a shared secret known as the pre-master secret. Key establishments are the result of the client-key-exchange message that is utilized in the handshake sequence generates the sacred pre-master secret.  The shared secret is then expanded using a key derivation function in the server and client which establishes individual cryptographic keys to be utilized in various encryptions, authentication as well as secure hash functions. Storage of the keys and the shared secrets that are used to in the keys generation is a transport layer security implementation issue.  The implementation process is dependent on the operating system’s ability to protect the sensitive storage area.

The Crypto-period for both the certificate keys and the session keys does fall under the transport layer security issue. As long as the session lasts, then the session keys established can last a lifetime. Keys utilized in the x.509 certificate (optional) used to identify servers and clients are assigned a crypto period determined by policy under the issuing authority certificate. Session keys recovery does not fall under the transport layer security area. This is because the session keys utilized under the transport layer security protocol are ephemeral: each session is established with a new key.  Destruction of the variables involved which includes the session keys utilized occurs when the session concludes. The operating system is relied upon by the protocol implementation to ensure that the storage areas containing sensitive information are not reused.

Confidentiality

To provide confidentiality, transport layer security utilizes several symmetric encryption algorithms. IDEA is a block ciphers operating on a 64-bit plaintext blocks. The key itself is 128 bits long. For both encryption and decryption, the same algorithm is utilized. RC4 is comprised of a stream of ciphers that utilizes keys of variable lengths (8-2048) bits long. It is however not FIPS-approved. DES (Data Encryption Standard) is the most commonly uses symmetric block cipher. It utilizes a 56-bit key and 64-bit blocks. The triple DES (3DES) has super encryption capabilities by running data three times through the DES algorithm using different keys.  It is FIPS-approved.  The Advanced Encryption Standard is FIPS-approved that is mainly used by organizations in the U.S. government to protect unclassified, sensitive information. It makes use of a 256-bit and 128-bit keys with the cipher suited being restricted to the two so as to reduce the cipher suites over proliferation. It uses 128-bits long blocks with its algorithm being developed to replace the DES and 3DES. Though not FIPS-approved the RC4 is the most commonly utilized confidentiality algorithm for both TLS and SSL.

Signature

Various cipher suites utilize various digital signature algorithms. The sender computes a message digest of the message’s hash and encrypts it using a private key to sign the message using a private key. In the verification of the RSA signed message, the message digest is decrypted using the sender’s public key and then compared to the original message’s hash computed locally. Validation of the signature is made where the locally calculated hash and the decrypted hash march. This process requires both decryption and encryption. DSA algorithm signing on the other hand involved the computation of a signature using SHA-1 hash algorithm and the private key of the signatory. Verification of the signature involves using the signatory’s signature, message hash and the public key. A yes or no response is then returned after verification as opposed to a decrypted hash (RSA signature). No decryption or encryption is performed.

Hash

Cryptographic hash algorithms are usually one way with no messages having a hash that is the same value. Inputting messages of any length into an algorithm outputs a message digest whose length varies depending on the algorithm used. 160 bits, 256 bits, 384 bits and 512 bits are the specified government environment lengths.  Any change to a message usually translates into a very different message digest which will result in a verification failure if the hash algorithm is used together with a keyed-hash authentication algorithm or a digital signature algorithm. Hash algorithms used in cipher suites include SHA-1(used to compute data file and message that is represented in a condensed form) and MD5 (outputs 128-bit message digest for message inputs of any length). The MD5 is more commonly used although it is not FIPS-approved.

MAC

Authentication of messages and checking their integrity is achieved by constructing message authentication code (small additional data sent along with the message). Use of MAC requires both recipient and sender to have a shared secret key unknown to anyone else. MAC is a function of the key and the message. The recipient on receiving the message computes a new MAC using the message, the secret key and the same function utilized by the sender. Both MAC matching translates to validating the message’s integrity and the identity of the sender. Cryptographic hash functions are commonly used as the MAC’s creation functions with the generated authentication codes being referred to as HMACs. This are the most commonly used for common security mechanisms including TLS and SSL. MD5 and SHA-1 or combinations of both are the specified hash algorithms for use under TLS to produce HMAC.

Conclusion

With increased use of the internet to transmit confidential as well as sensitive information increasing, there has also emerged the increased risk of theft, alteration as well as sabotage of such information by attackers. This has seen the increasing need for having transmission procedures and routes that are secure from such attacks. Transport Layer Security provides an effective option for securing such information. This excerpt offers information regarding the selection as well as implementation of the TLS protocol geared towards providing a more consistent use of the protocol’s confidentiality, authentication and integrity mechanism to protect information transmitted across the internet.

Buy custom Transport Layer Security (TLS) essay

Order Now
How will my paper lookRead More

Related essays

  1. My Generation and the Internet
  2. People and Technology
  3. Information Technology Facts
  4. Computer Networks

EssaysService.com © 2017. All rights reserved.

contacts
live chat