beautypg.com

Zilog EZ80F91AZA User Manual

Page 13

background image

UM020107-1211

Introduction

ZTP Network Security SSL Plug-In

User Manual

7

the client and server both encrypt the digest and send it to the other side for verification. If
this verification step fails, the session is not established. Therefore, if an attacker modifies
one of the SSLv3 or TLSv1 handshake messages, the SSL session will not be established.

SSLv3 and TLSv1 also expand the set of public key algorithms used to establish an SSL
session; both allow the use of the DSA and DH algorithms. SSLv3 also supports the
Fortezza key exchange algorithm, although this particular algorithm was later dropped
from the TLSv1 protocol; it is not supported by the ZTP Network Security SSL Plug-In.

SSLv3 and TLSv1 use MD5 and SHA1 for computing message authentication codes.
Therefore, security flaws in either of these algorithms cannot be exploited to gain access
to the secure data. Also, these protocols use different keys in the computation of message
authentication codes and data encryption. In contrast, SSLv2 uses the same key to com-
pute the message authentication code and encrypt the data. Therefore, it is easier for an
attacker to gain access to secure data using SSLv2 because a successful attack on either a
cipher or a digest algorithm will compromise this secure data.

The main difference between SSLv3 and TLSv1is that TLSv1 uses a complex pseudoran-
dom function generator based on keyed MD5 and SHA1 digests (

HMAC_MD5

and

HMAC_SHA1

) when selecting random values required by the TLSv1 handshake protocol.

The PRF function must digest thousands of bytes of data to produce a few dozen output
bytes. This amount of processing can have the effect of scrambling the data into excellent
pseudorandom values, yet it does so at the expense of additional computations and slower
overall operation.

In general, the SSLv2 protocol is less secure than the SSLv3 or TLSv1 protocols. How-
ever, the additional computations performed in SSLv3 and TLSv1 protocols to secure the
session causes the session establishment times of these protocols to be longer than for
SSLv2. In addition, because of the complexity of the TLS pseudorandom function genera-
tor, it takes longer to establish TLSv1 sessions than it does to establish SSLv3 sessions.

This manual is related to the following products: