際際滷

際際滷Share a Scribd company logo

15 intro to ssl certificate & pki concept

Mostafa El Lathy
Mostafa El Lathy

https://www.facebook.com/MostafaElLathyIT mostafa.it@hotmail.com https://www.youtube.com/channel/UCAEiVvBP3DbIKUcoZBcaHvQ

1 of 18
Downloaded 126 times
Intro to SSL Certificate & PKI Concept 1. HTTP Authentication 2. What is SSL/TLS Certificate 3. HTTP Vs. HTTPS? 4. SSL Vs. TLS . Whats the difference? 5. Introduction to Cryptography 6. Types of Encryption Algorithms 7. How SSL Works (SSL HandShake) 8. Public Key infrastructure (PKI) 9. What is Digital Certificate? 10. Palo alto Features using certificates
HTTP Authentication These are the steps in this authentication process: 1. When the server requests authentication from the client, the client displays a dialog box requesting the username and password for that server. 2. The client sends the name and password across the network, either in plain text or over an encrypted SSL connection. 3. The server looks up the name and password in its local password database and, if they match, accepts them. 4. The server determines whether the identified user is permitted to access the requested resource and, if so, allows the client to access it.
What is SSL/TLS Certificate and why use it? SSL - Secure Sockets Layer TLS - Transport Layer Security Provides communication security over the Internet Authentication Encryption Designed to prevent: Eavesdropping Man-in-the-middle attack Tampering Message forgery CIA (Confidentiality , Integrity , authenticity ) Dr. Taher El Gamal father of SSL
HTTPS Provides Trusted end-to-end communication HTTP Vs. HTTPS
SSL Versions SSL V1.0 never released SSL V2.0 in 1995 - obsoleted in 2011 SSL V3.0 in 1996 - obsoleted in 2014 SSL V3.1 in 1999 (TLS 1.0 ) TLS Versions TLS 1.0 in 1999 (SSL V3.1) TLS 1.1 in 2006 (SSL V3.2 ) TLS 1.2 in 2008 (SSL V3.3 ) TLS 1.3 Draft SSL Vs. TLS and Whats the difference? SSL is less secure than TLS Internet Engineering Task Force
Introduction to Cryptography Symmetric-Key Encryption Pre-Shared key (PSK) Asymmetric-Key Encryption Public Key Infrastructure (PKI)
Introduction to Cryptography Readable Unreadable
Types of Encryption Algorithms 1. Symmetric-Key Encryption Pre-shared key (PSK) Untrusted Channel DES ( Digital Encryption Standard) AES ( Advanced Encryption Standard) 2. Asymmetric-Key Encryption public key cryptography RSA (Rivest Shamir Adleman)
1. Symmetric-Key Encryption Strengths of Symmetric Key Cryptography Weaknesses of Symmetric Key Cryptography
How Asymmetric-Key Works 1st Floor 20th Floor Public Key Private Key
How SSL Works (SSL HandShake)
Public Key infrastructure (PKI) A public key infrastructure (PKI) is a system for the creation, storage, and distribution of SSL digital certificates which are used to verify that a particular public key belongs to a certain entity. Solves the problem of secure identification of public keys uses digital certificates to verify public key owners External PKI ( Symantec , GoDaddy, DigiCert) Internal PKI ( Microsoft Active Directory Certificate Services - ADCS)
How does Public Key infrastructure (PKI) work ? PKI Components 1. Certificate authority (CA) 2. Registration Authority (RA) 3. Certificate Revocation List (CRL) Certificate Signing Request (CSR)
Advanced Public Key infrastructure (PKI) CA Types 1. Root CA CA at the root of a PKI hierarchy. Issues only CA certificates. 2. Intermediate CA (subordinate CA ) CA below the root CA but not a signing CA. Issues only CA certificates. 3. Signing CA CA at the bottom of a PKI hierarchy. Issues only user certificates.
What is Digital Certificate?
How SSL Works (SSL HandShake) with PKI
Palo alto Features using certificates SSL/TLS Decryption Management (MGT) Interface user authentication Global Protect Portal authentication Gateway authentication Mobile security manager authentication Captive Portal user authentication IPsec VPN IKE authentication High availability authentication Secure syslog authentication
15 intro to ssl certificate & pki concept

More Related Content

15 intro to ssl certificate & pki concept

  • 1. Intro to SSL Certificate & PKI Concept 1. HTTP Authentication 2. What is SSL/TLS Certificate 3. HTTP Vs. HTTPS? 4. SSL Vs. TLS . Whats the difference? 5. Introduction to Cryptography 6. Types of Encryption Algorithms 7. How SSL Works (SSL HandShake) 8. Public Key infrastructure (PKI) 9. What is Digital Certificate? 10. Palo alto Features using certificates
  • 2. HTTP Authentication These are the steps in this authentication process: 1. When the server requests authentication from the client, the client displays a dialog box requesting the username and password for that server. 2. The client sends the name and password across the network, either in plain text or over an encrypted SSL connection. 3. The server looks up the name and password in its local password database and, if they match, accepts them. 4. The server determines whether the identified user is permitted to access the requested resource and, if so, allows the client to access it.
  • 3. What is SSL/TLS Certificate and why use it? SSL - Secure Sockets Layer TLS - Transport Layer Security Provides communication security over the Internet Authentication Encryption Designed to prevent: Eavesdropping Man-in-the-middle attack Tampering Message forgery CIA (Confidentiality , Integrity , authenticity ) Dr. Taher El Gamal father of SSL
  • 4. HTTPS Provides Trusted end-to-end communication HTTP Vs. HTTPS
  • 5. SSL Versions SSL V1.0 never released SSL V2.0 in 1995 - obsoleted in 2011 SSL V3.0 in 1996 - obsoleted in 2014 SSL V3.1 in 1999 (TLS 1.0 ) TLS Versions TLS 1.0 in 1999 (SSL V3.1) TLS 1.1 in 2006 (SSL V3.2 ) TLS 1.2 in 2008 (SSL V3.3 ) TLS 1.3 Draft SSL Vs. TLS and Whats the difference? SSL is less secure than TLS Internet Engineering Task Force
  • 6. Introduction to Cryptography Symmetric-Key Encryption Pre-Shared key (PSK) Asymmetric-Key Encryption Public Key Infrastructure (PKI)
  • 8. Types of Encryption Algorithms 1. Symmetric-Key Encryption Pre-shared key (PSK) Untrusted Channel DES ( Digital Encryption Standard) AES ( Advanced Encryption Standard) 2. Asymmetric-Key Encryption public key cryptography RSA (Rivest Shamir Adleman)
  • 9. 1. Symmetric-Key Encryption Strengths of Symmetric Key Cryptography Weaknesses of Symmetric Key Cryptography
  • 10. How Asymmetric-Key Works 1st Floor 20th Floor Public Key Private Key
  • 11. How SSL Works (SSL HandShake)
  • 12. Public Key infrastructure (PKI) A public key infrastructure (PKI) is a system for the creation, storage, and distribution of SSL digital certificates which are used to verify that a particular public key belongs to a certain entity. Solves the problem of secure identification of public keys uses digital certificates to verify public key owners External PKI ( Symantec , GoDaddy, DigiCert) Internal PKI ( Microsoft Active Directory Certificate Services - ADCS)
  • 13. How does Public Key infrastructure (PKI) work ? PKI Components 1. Certificate authority (CA) 2. Registration Authority (RA) 3. Certificate Revocation List (CRL) Certificate Signing Request (CSR)
  • 14. Advanced Public Key infrastructure (PKI) CA Types 1. Root CA CA at the root of a PKI hierarchy. Issues only CA certificates. 2. Intermediate CA (subordinate CA ) CA below the root CA but not a signing CA. Issues only CA certificates. 3. Signing CA CA at the bottom of a PKI hierarchy. Issues only user certificates.
  • 15. What is Digital Certificate?
  • 16. How SSL Works (SSL HandShake) with PKI
  • 17. Palo alto Features using certificates SSL/TLS Decryption Management (MGT) Interface user authentication Global Protect Portal authentication Gateway authentication Mobile security manager authentication Captive Portal user authentication IPsec VPN IKE authentication High availability authentication Secure syslog authentication