Answer Happy

Objective To observe SSL/TLS (Secure Sockets Layer / TransportLayer Security) in action. SSL/TLS is used to secure TCPconnections, and it is widely used as part of the secure web: HTTPSis SSL over HTTP. The principal motivation for HTTPS isauthentication of the accessed website and protection of theprivacy and integrity of the exchanged data. It protects againstman-in-the-middle attacks. The bidirectional encryption ofcommunications between a client and server protects againsteavesdropping and tampering of the communication. In practice, thisprovides a reasonable assurance that one is communicating withoutinterference by attackers with the website that one intended tocommunicate with, as opposed to an impostor. Historically, HTTPSconnections were primarily used for payment transactions on theWorld Wide Web, e-mail and for sensitive transactions in corporateinformation systems. Since 2018 HTTPS is more used on websites thanthe original non-secure HTTP; protecting page authenticity on alltypes of websites, securing accounts and keeping usercommunications, identity and web browsing private. Step 1: Open aTrace 1. Open the Wireshark tracehttps://kevincurran.org/com320/labs/wireshark/trace-ssl.pcap Youshould see the following trace. Figure 1: Trace of “HTTPS” trafficStep 2: Inspect the Trace Now we are ready to look at the detailsof some “SSL” messages. 2. To begin, enter and apply a displayfilter of “ssl”. (see below) This filter will help to simplify thedisplay by showing only SSL and TLS messages. It will exclude otherTCP segments that are part of the trace, such as Acks andconnection open/close. Figure 2: Trace of “SSL” traffic showing thedetails of the SSL header 3. Select a TLS message somewhere in themiddle of your trace for which the Info reads “Application Data”& expand its Secure Sockets Layer block (by using the “+”expander or icon). For instance, packet #12. List the fields andtheir values that are under secure socket layer. Describe what eachfields mean. Step 3: The SSL Handshake An important part of SSL isthe initial handshake that establishes a secure connection. Thehandshake proceeds in several phases. There are slight differencesfor different versions of TLS and depending on the encryptionscheme that is in use. The usual outline for a brand-new connectionis: a. Client (the browser) and Server (the web server) both sendtheir Hellos b. Server sends its certificate to Client toauthenticate (and optionally asks for Client Certificate) c. Clientsends keying information and signals a switch to encrypted data. d.Server signals a switch to encrypted data. e. Both Client andServer send encrypted data. f. An Alert is used to tell the otherparty that the connection is closing. Hello Messages Next, we willfind and inspect the details of the Client Hello and Server Hellomessages, including expanding the Handshake protocol block withinthe TLS Record. For these initial messages, an encryption scheme isnot yet established so the contents of the record are visible tous. They contain details of the secure connection setup in aHandshake protocol format. Select packet #4, which is a TLS ClientHello message. We can see several important fields here worthmentioning. First, the time and random bytes are included. Thiswill be used later in the protocol to generate our symmetricencryption key. The client can send an optional session ID toquickly resume a previous TLS connection and skip portions of theTLS handshake. Arguably the most important part of the ClientHellomessage is the list of cipher suites, which dictate the keyexchange algorithm, bulk encryption algorithm (with key length),MAC, and a pseudo random function. The list should be ordered byclient preference. The collection of these choices is a “ciphersuite”, and the server is responsible for choosing a secure one itsupports or return an error if it doesn’t support any. The finalfield specified compression methods. However, secure clients willadvertise that they do not support compression (by passing “null”as the only algorithm) to avoid the CRIME attack. Finally, theClientHello can have several different extensions. A common one isserver -name, which specifies the host- name the connection ismeant for, so webservers hosting multiple sites can present thecorrect certificate. What is cipher suites length, compressionmethod length, server name? 4. Select packet #6, which is a TLSServer Hello message The session ID sent by the server is 32 byteslong. This identifier allows later resumption of the session withan abbreviated handshake when both the client and server indicatethe same value. In our case, the client likely sent no session IDas there was nothing to resume. What is the Cipher method? What isthe compression method and why? Certificate Messages 5. Next, findand inspect the details of the Certificate message includingexpanding the Handshake protocol block within the TLS Record(packet #7). As with the Hello, the contents of the Certificatemessage are visible because an encryption scheme is not yetestablished. It should come after the Hello messages. Note it isthe server that sends a certificate to the client, since it is thebrowser that wants to verify the identity of the server. It is alsopossible for the server to request certificates from the client,but this behavior is not normally used by web applications. ACertificate message will contain one or more certificates, asneeded for one party to verify the identity of the other party fromits roots of trust certificates. You can inspect those certificatesin your browser. What is the certificate type and length? ClientKey Exchange and Change Cipher Messages 6. Find and inspect thedetails of the Client Key Exchange and Change Cipher messages.(packet #9 ) The key exchange message is sent to pass keyinginformation so that both sides will have the same secret sessionkey. The change cipher message signals a switch to a new encryptionscheme to the other party. This means that it is the lastunencrypted message sent by the party. Note how the Client KeyExchange has a Content Type of 22. Describe what does type 22 mean?Alert Message 7. Finally, find and inspect the details of an alertmessage at the end of the trace (packet #42). The Alert message issent to signal a condition, such as notification that one party isclosing the connection. You should find an Alert after theApplication Data messages that make up the secure web fetch. Note,the Content-Type value is 21 for Alert. This is a new protocol,different from the Handshake, Change Cipher Spec and ApplicationData values that we have already seen. The alert is encrypted; wecannot see its contents. Wireshark also describes the message as an“Encrypted Alert”. Presumably is it a “close_notify” alert tosignal that the connection is ending. What is alert type andlength?