ETRI ETRI
ETRI
ETRI
WTLS PKI Client, WIM IS-95B VMS VLR HLR/AC WPKI Cyber society BTS BSC MSC IWF TCP/IP Email Server Weather Internet WAP Gateway WTLS PKI Client, WIM BSC VMS VLR HLR/AC Wireless Network MSC MC IWF WAP Gateway WTLS PKI Client, WIM Traffic Web server Wired Network WML server Web server ETRI
Internet WAE User Agent Encoded request/response Encoders and Decoders request/response Contents WSP WTP WTLS WDP Bearer WSP WTP WTLS WDP Bearer HTTP TCP/IP Bearer Client Gateway Origin Server SSL HTTP SSL TCP/IP Bearer ETRI
ETRI
ETRI
ETRI
ETRI
ETRI
ETRI
Feature Class 1 Class 2 Class 3 M M M O M M Class 1 Anonymous No Authentication?? O O M Shared-secret handshake O O O - O O Class 2 Server Authentication ONLY? M M M MAC M M M - O O ETRI X.509 X.509 certificate certificate WAP WAP certificate certificate ANSI ANSI X9.68 X9.68 URL URL certificate certificate Class 3 Client & Server Authentication
ETRI
SEC_SAP Security- Service Access Point SEC_Managem ent Entity Security Security Layer Protocol T_SAP Transport- Service Access Point ETRI
ETRI
ETRI
Create.req Client Provider Server Create.ind Create.res Exchange.re Create.cnf q Exchange.in d Exchange.re s Commit.req Commit.cnf Exchange.c nf Commit.ind Unitdata.req Unitdata.ind ETRI
Create.req Client Provider Server Create.ind Create.res Commit.req Create.cnf Commit.ind Unitdata.req Commit.cnf Unitdata.ind ETRI
ETRI
SEC_Create_Request.req / T_Unitdata.req(HelloRequest) SEC_Terminate.ind [Alert(c/f)] SEC_Terminate.req / T_Unitdata.req(Alert(c/f)) SEC_Exception.ind [Alert(no_renego)] SEC_Terminate.ind [Alert(c/f)] SEC_Terminate.req / T_Unitdata.req(Alert(c/f)) CREATED T_Unitdata.req(last buffer) [ClientHello ] : identical to previous -received record SEC_Terminate.req / T_Unitdata.req(Alert(c/f)) SEC_Create.ind [ClientHello ] SEC_Exception.req / T_Unitdata.req(Alert(w) SEC_Terminate.ind [Alert(c/f)] SEC_Create.res / Create buffer : ServerHello Certificate* CREATING SEC_Exchange.req / Append buffer : ServerKeyExchange* CertificateRequest* ServerHelloDone T_Unitdata.req(buffer) SEC_Create.ind [ClientHello ] : not identical to previous -received record SEC_Create.ind [ClientHello ] : not identical to previous - received record SEC_Terminate.req / T_Unitdata.req(Alert(c/f)) SEC_Exception.req / T_Unitdata.req(Alert(w)) SEC_Exception.req / T_Unitdata.req(Alert(w) ) SEC_Commit.req / Append buffer : ChangeCipherSpec Finished T_Unitdata.req(buffer) [Optimized / Abreviated Handshake] SEC_Terminate.req / T_Unitdata.req(Alert(c/f)) SEC_Exception.req / T_Unitdata.req(Alert(w)) T_Unitdata.req(last buffer) [ClientHello ] : identical to previous - received record COMMIT Receove C.C.S, Set R.C.S to P.S Set R.S.N to zero Receove C.C.S, Set R.C.S to P.S SEC_Commit.cnf [ChangeCipherSpec, Finished] SEC_Exception.ind [Full Handshake] [Alert(w)] Set R.S.N to zero SEC_Commit.cnf SEC_Unitdata..ind [ChangeCipherSpec, Finished,, user data] [optimized / abbreviated Handshake] SEC_Exception.ind [Alert(w)] SEC_Exception.req / T_Unitdata.req(Alert(w)) SEC_Exception.ind [Alert(w)] EXCHANGE SEC_Create..ind [ClientHello ] OPEN SEC_Exchange.cnf, SEC_Commit.ind [Certificate*,ClientKeyExchange* CertificateVerify*, ChangeCipherSpec, Finishec] Receive C.C.S, Set R.C.S to P.S Set R.S.N to zero Create a new buffer : [ChangeCipherSpec, Finished] Set W.C.S to P.S by sending C.C.S Set W.S.N to zero T_Unitdata.req(buffer) [ChangeCipherSpec, Finished] SEC_Unitdata.ind [received user data] SEC_Exception.ind [Alert(w)] SEC_Unitdata.req / T_Unitdata.req SEC_Create_Request.req / T-Unitdata.req(HelloRequest) T_Unitdata.req(Alert(dup_fin_recvd) [ChangeCipherSpec, Finished] T_Unitdata.req(Alert(dup_fin_recvd) :identical to previous Finished received [ChangeCipherSpec, Finished, User data] : identical to previous Finished received SEC_Terminate.req / T_Unitdata.req(Alert(c/f)) SEC_Terminate.ind [Alert(c/f)] OPENNING T_Unitdata.req(last buffer) [Certificate*, ClientKeyExchange* CertificateVerify*, ChangeCipherSpec, Finished] : a group of records identical to previousreceived one SEC_Exception.req / T_Unitdata.req(Alert(w)) SEC_Unitdata.ind [user data received] SEC_Exception.ind [Alert(w)] ETRI
SEC_Create_Request.ind : may initiate a handshake with SEC_Create.req or Alert(no_renego) or ignore the request SEC_Terminate.req / T_Unitdata.req(Alert(c/f)) SEC_Exception.req / T_Unitdata.req(Alert(w)) ETRI SEC_Terminate.ind [Alert(c/f)] SEC_Create.req / T_Unitdata.req(HelloHello ) :S.N is present during handshake SEC_Exchange.res / Create buffer : Certificate*, ServerKeyExchange* CertificateVerify* SEC_Commit.req / Append to the buffer : [ChangeCipherSpec Finished] Receives C.C.S Set W.C.S to P.S Set R.S.N to zero SEC_Commit.cnf SEC_Terminate.ind [Alert(c/f)] SEC_Terminate.req / T_Unitdata.req(Alert(c/f)) SEC_Terminate.req / T_Unitdata.req(Alert(c/f)) SEC_Exception.req / T_Unitdata.req(Alert(w)) Retrans. Counter Exceeded / SEC_Terminate.ind SEC_Create.cnf,SEC_Exchange.ind [ServerHello, Certificate*, ServerKeyExchange* CertificateRequest*, ServerHelloDone] COMMIT2 Retrans. Timer Expired / T_Unitdata.req(last buffer) : last buffer sent with no increment S.N : retrans. Timer cleared : retrans. Counter incremented SEC_Terminate.req / T_Unitdata.req(Alert(c/f)) Retrans.Counter Exceeded / SEC_Terminate.ind SEC_Create.cnf,SEC_Commit.ind : Set R.C.S to P.S by C.C.S Set R.S.N to zero [ServerHello, Certificate*, ChangeCipherSpec Finished] SEC_Terminate.req / T_Unitdata.req(Alert(c/f)) SEC_Exception.req / T_Unitdata.req(Alert(w)) SEC_Exceptio.ind [Alert(w)] Receives C.C.S Set R.C.S to P.S Process Finished Set R.S.N to zero SEC_Commit.cnf [ChangeCipherSpec Finished] SEC_Exception.req / T_Unitdata.req(Alert(w)) CREATING Retrans. Timer Expired / T_Unitdata.req(ClientHello) : last buffer sent with no increment S.N : retrans. Timer cleared : retrans. Counter incremented SEC_Exception.req / T_Unitdata.req(Alert(w)) Create a buffer : [ChangeCipherSpec, Finished] Set WCS to PS by CCS Process Finished under nns Set WSN to zero Set Finished prepending timer : delay sending C.C.S and Finished and prepend it to user data SEC_Terminate.req / T_Unitdata.req(Alert(c/f)) SEC_Exception.req / T_Unitdata.req(Alert(w)) Create a buffer : [ChangeCipherSpec, Finished] Set WCS to PS by CCS Process Finished under nns Set WSN to zero T_Unitdata(buffer) : send C.C.S and Finished immediately without userdata SEC_Exceptio.ind [Alert(w)] SEC_Terminate.ind [Alert(c/f)] SEC_Create.req / T_Unitdata.req (HelloHello ) SEC_Exception.req / T_Unitdata.req(Alert(w)) T_Unitdata.req / Prepend buffer to user data T_Unitdata.req SEC_Unitdata.ind [received user data] No action [Alert(dup_finished_recvd)] SEC_Unitdata.req / T_Unitdata.req SEC_Terminate.req / T_Unitdata.req(Alert(c/f)) SEC_Exception.req / T_Unitdata.req(Alert(w)) Finished prepending timer expired T_Unitdata(buffer) Prepend buffer to user data T_Unitdata.req Remove Finish prepending timer : Finish prepending timer is set SEC_Exceptio.ind [Alert(w)] SEC_Create_Request.ind : client may initiate a handshake with SEC_Create.req, alert(no_renego), or ignore the request [HelloRequest] SEC_Unitdata.ind [received user data] SEC_Create_Request.ind : client may initiate a handshake with SEC_Create.req, alert(no_renego), or ignore the request [HelloRequest]
ETRI
ETRI
ETRI
ETRI
1byte 1byte 4bytes Calculated from the last record (ie, WTLSCipherText) ETRI
1 hello hello,, 2 premaster premastersecret secret 4 premaster premaster secret secret master master secret secret 3 5 6 ETRI
Secure session 1. Pending State HSP 1. Handshake Protocol 1. Pending State HSP Connection state ID, MAC, 2. Change Cipher Spec Protocol ID, MAC, 2. Current State 2. Current State 3. Alert Protocol HSP MAC Secure connection 4. Record Protocol HSP MAC ETRI
Client Client Hello Use New Cipher Spec Certificate* ClientKeyExchange* CertificateVerify* [ChangeCipherSpec] Finished Application Data Server Server Hello Certificate* ServerKeyExchange* CertificateRequest* ServerHelloDone [ChangeCipherSpec] Finished Application Data [ ] not including handshake messages(excepted at hash) * optional or situation-dependent messages ETRI
Client Server Client Hello Server Hello [ChangeCipherSpec] Finished [ChangeCipherSpec] Finished Application Data Application Data ETRI
ETRI
Client Client Hello [ChangeCipherSpec] Finished Server Server Hello Certificate [ChangeCipherSpec] Finished Application Data Application Data ETRI
ETRI
Sender Receiver Handshake Change Cipher Spec Alert App. Handshake Change Cipher Spec Alert App. WTLSPlaintext No Fragmentation No Reassembly WTLSPlaintext Compression decompression WTLSCompressed WTLSCompressed Security Parameters MAC Calculation WTLSCompressed.fragment MAC WTLSCompressed.fragment MAC Verification MAC Encryption decryption WTLSCiphertext.fragment WTLSCiphertext.fragment ETRI
Record PDU(Protocol Data Unit) 1byte 2bytes 2bytes [len]bytes Type [Seq] [len] Fragment maximum size : 2 16-1 1bit 1bit 1bit 1bit 4bits contents WTLSPlaintext indicator Record length indicator Reserved field Cipher Spec indicator Sequence number ChangeCipherSpec(1) ChangeCipherSpec(1) Alert(2) Alert(2) Handshake(3) Handshake(3) Application(4) Application(4) WTLSCompressed WTLSCiphertext Compression (not supports in current version) MAC & Encryption ETRI
ETRI
ETRI
ETRI
Gateway WTLS SSL/TLS ETRI
ETRI
ETRI
ETRI
ETRI