INTRODUCTION

TRANSPORT LAYER SECURITY

Presented by Abhiram Sahu

Contents

 TLS stands for Transport Layer Security.

It is a protocol that establishes a secure connection between the visitors

web browser and your website so that all communications transmitted through this link are encrypted . TLS ensures that no third party may tamper with any message. It is the successor to the Secure Sockets Layer (SSL). It provide security for applications such as email, Instant Messaging, Web browsing, VoIP (Voice over Internet Protocol).

 Transport Layer Security is used within organizations that use payment

processes, store sensitive data such as medical information, or collect confidential information from the users on the network. It can also be used by other businesses that want to secure network connections between the client and the server. Transport Layer Security involves the use of an encryption system which

utilizes a digital certificate which is formulated to identify the network owner.

TLS is the successor to Secure Sockets Layer (SSL). SSL and TLS are frameworks that include cryptographic protocols They are intended to provide secure communications on the Internet.

Different Types of Transport Layer Security

Web Server Transport Layer Security: This type of encryption protects the data when the client connects to the Internet to send data through a Web browser or website.
Email Server Transport Layer Security: To secure communications between the email client and the server, a digital certificate is installed on the email server to provide encrypted communications when sending and receiving confidential information via email. Virtual Private Network Security: TLS works to secure a virtual private network by installing a digital certificate on the VPN that provides an encrypted connection between the remote user and the network that they are accessing. Database and Directory Security: Organizations deploy Transport Layer Security to encrypt server queries for databases and directories that contain sensitive data and information.
7

The TLS protocol is consists of two layers TLS Record Protocol The TLS Record Protocol provides connection security with some encryption method such as the Data Encryption Standard (DES).

TLS Handshake Protocol The TLS Handshake Protocol allows the server and client to authenticate each

other and to negotiate an encryption algorithm and cryptographic keys before

data is exchanged.

TLS 1.0 TLS 1.0 was first published by IETF 1999 as an upgrade of SSL Version 3.0. This protocol is based on SSL v3.0 and PCT both Netscape's and

Microsoft's approaches.
TLS 1.1 TLS 1.1 was defined in RFC 4346 in April 2006. It is an update version of TLS version 1.0. Added protection against Cipher block chaining (CBC). Change in handling of padding errors.
9

TLS 1.2

TLS 1.2 was defined in RFC 5246 in August 2008. It is based on the earlier TLS 1.1 specification. The MD5-SHA-1 combination in the pseudorandom function (PRF) was

replaced with SHA-256, with an option to use cipher-suite specified PRFs.

Expansion of support for authenticated encryption ciphers

 Certificate is out of date, invalid, or has an error, phishing. Certification authority that issued it cannot be verified. The certificate has normal validation, no personal information. The certificate uses extended validation.

Red

Yellow

White

Green

11

Strong authentication Message privacy, and integrity TLS can help to secure transmitted data using encryption. TLS also authenticates servers.

It also provides data integrity through an integrity check value.

12

TLS security protocol protect against masquerade attacks

Every e-mail sent and received is encrypted

Replay attacks.

Ease of deployment

Ease of use
13

E-mail encryption is transparent TLS is globally accepted

Industry Standard
E-mail can be easily inspected for viruses Reduced cost No overhead for end-users. Rapid deployment
14

 This is the most significant limitation to implementing TLS. The performance varies, depending on how often connections are established and how long they last. TLS uses the greatest resources while it is setting up connections.

A TLS environment is complex and requires maintenance; the system administrator must configure the system and manage certificates.

15

 Now a days it is open source and used by almost every web developer for secure data transmission . There are so many banking company are there, they allowed user to transfer data over internet . its very important to make the data secure . So TLS is very important for secure connection in the information age.
16

Stephen A. Thomas (2000). SSL and TLS essentials securing the Web. New York: Wiley. ISBN 0-471-38354-6. Bard, Gregory (2006). "A Challenging But Feasible Blockwise-Adaptive ChosenPlaintext Attack On Ssl". International Association for Cryptologic Research (136).

Retrieved 2007-04-20.
URL http://en.wikipedia.org/wiki/Transport_Layer_Security http://www.mozilla.org/projects/security/pki/nss/ssl/fips-ssl-ciphersuites.html http://www.csrc.nist.gov/archive/pki-twg/y2002/presentations/twg-02-15.pdf http://msdn.microsoft.com/en-us/library/windows/desktop/aa380516(v=vs.85).aspx http://www.ibm.com/developerworks/webservices/library/ws-ssl-security/index.html

http://datatracker.ietf.org/wg/tls/charter/

19