Challenges About me About you

Challenges

About me?

About you?

Agenda

Agenda

Symetric Encryption

Asymetric Encryption

Hashing / Message Digest

Message Signing

Digital Certificates

Certificate Authorities

Agenda

SSL History

Place in TCP/IP stack

SSL Record Layer

SSL Content Types

Agenda

Lab setup

Choosing the right settings

Analysing the SSL record layer (1)

Analysing the SSL record layer (2)

Analysing the SSL record layer (3)

Analysing the SSL handshake

Normal RSA handshake

… in Wireshark

Client. Hello

Server. Hello

Certificate (1)

Certificate (2)

Certificate (3)

Certificate (4)

Server. Hello. Done

Client. Key. Exchange

Change. Cipher. Spec (C)

Finished (C)

Change. Cipher. Spec (S)

Finished (S)

Ephemeral RSA (or DH) handshake

… in Wireshark

Server. Key. Exchange

Client Authentication

… in Wireshark

Certificate. Request

Certificate (C)

Certificate. Verify

Caching SSL sessions

Handshake of a Reused Session

SSL session reuse (new, reused and expired)

No SSL session caching

Analysing SSL alerts

Decrypting SSL traffic

Providing the server private key (1)

Providing the server private key (2)

Converting keys

Decryption in Action

Decrypting IMAPS

Decrypting &quot;STARTTLS&quot; (1)

Decrypting &quot;STARTTLS&quot; (2)

Decrypting &quot;STARTTLS&quot; (3)

Decrypt-problem I (1)

Decrypt-problem I (2)

Decrypt-problem II (1)

Decrypt-problem II (2)

Decrypt-problem II (3)

Agenda

Analysing SSL with Tshark (1)

Analysing SSL with Tshark (2)

Agenda

Common SSL problems I (1)

Common SSL problems I (2)

Common SSL problems II

Common SSL problems III (1)

Common SSL problems III (2)

Common SSL problems IV

Common SSL problems V (1)

Common SSL problems V (2)

Common SSL problems VI

Common SSL problems VII

Common SSL problems VIII

Common SSL problems IX

Agenda

Further Reading about SSL

Links

Questions &amp; Discussion

Thank You!