1 secure http herng-yow chen. 2 outline when digest authentication is not strong enough? how a more...
TRANSCRIPT
1
Secure HTTP
Herng-Yow Chen
2
Outline
When digest authentication is not strong enough?
How a more complicated technology secures HTTP transactions from eavesdropping and tampering?
Using digital cryptography.
3
HTTPS
https scheme
security icon
4
HTTPS (cont.)
Network interfacesNetwork interfaces
I PI P
T C PT C P
H T T PH T T P Application layer
Transport layer
Network layer
Data link layer
(a) HTTP
H T T PH T T P Application layer
Security layerSSL or TLSSSL or TLS
T C PT C P Transport layer
I PI P Network layer
Network interfacesNetwork interfacesData link layer
(b) HTTPS
5
Digital cryptography
Ciphers Keys Symmetric-key cryptosystems Asymmetric-key cryptosystems Public-key cryptography Digital signatures Digital certificates
6
Plaintext and Ciphertext
Meet me at the pier at midnight
Plaintext
Encoder
Phhw ph dw wkh slhu dw plgqljkw
Decoder
Ciphertext
Meet me at the pier at midnight
Plaintext
7
Rotate-by-3 cipher example
Cipher ABCDEFGHIJKLMNOPQRSTUVWXYZ
ABCDEFGHI JKLMNOPQRSTUVWXYZABC
Plaintext MEET ME AT THE AT PIRE AT MIDNIGHT
Ciphertext
PHHW PH DW WKH DW SLHU DW PLGQLJKW
8
Keyed Ciphers (rotate-by-n), using different keys
Meet me at the pier at midnight
Plaintext
nffu nf bu uif qjfs bu njeojhiu
Ciphertext
(a)
Key=1
Meet me at the pier at midnight
Plaintext
oggv og cv vjg rkgt cv okfpkijv
Ciphertext
(b)
Key=2
Rotate(n) encoder
Rotate(n) encoder
Meet me at the pier at midnight
Plaintext
phhw ph dw wkh slhu dw plgqlijkw
Ciphertext
(c)
Key=3
Rotate(n) encoder
9
Digital Ciphers
10
Plaintext is encoded with encoding key e
Ciphertext CKey=e
Encoder E
Plaintext PC = E (P, e)
11
Symmetric-Key Cryptography
Plaintext P
Key=d
Decoder D
Ciphertext CP = D (C, d)
If d = e
Popular symmetric-key cryptography algorithm are DES, Triple-DES, RC2, and RC4.
12
Key Length and Enumeration Attacks
Attack cost 40-bit key
56-bit key
64-bit key
80-bit key
128-bit key
$100,000 2 secs 35 hours 1 years 70,000 years
1019 years
$1,000,000 200 msecs
3.5 hours 37 days 7,000 years
1018 years
$10,000,000 20 msecs
21 mins 4 days 700 years 1017 years
$100,000,000 2msecs 2 mins 9 hours 70 years 1016 years
$1,000,000,000
200 usecs
13 secs 1 hours 7 years 1015 years
13
Public-Key Cryptography
Public
key=es
Private key=ds
server
Plaintext
Internet
Encrypted ciphertext
client
Plaintext
Using different keys for encoding and decoding
14
Public-Key cryptography assigns a single, public encoding key to each host
A
B D
C
kBX
kAX
kCX
kDX
(a) Symmetric-key cryptography
A
B D
C
ex
(b) Public-key cryptography
ex
ex
ex
15
Signatures Are Cryptographic Checksums
Plaintextmessage
Signature
A
Messagedigest
Privatekey=dA
D
B
Public key=eA
E Same?
Messagedigest
Messagedigest
16
The Guts of a Certificate
17
X.509 v3 Certificates
18
Verifying that a signature is real
Signing authority’s public key
E Same?
B
Messagedigest
Messagedigest
19
HTTPS Overview
Network interfacesNetwork interfaces
I PI P
T C PT C P
H T T PH T T P Application layer
Transport layer
Network layer
Data link layer
(a) HTTP
H T T PH T T P Application layer
Security layerSSL or TLSSSL or TLS
T C PT C P Transport layer
I PI P Network layer
Network interfacesNetwork interfacesData link layer
(b) HTTPS
20
HTTPS Schemes
client Server
(a) HTTP request 80
HTTP
client Secure Server
(b) HTTPS request 443
HTTPS
clientSecure Server
(C) HTTPS over HTTP tunnel 443
HTTPS
Proxy
8080
HTTP tunnel
21
Secure Transport Setup
22
Secure Transport Setup (cont.)
(a) Unencrypted HTTP transaction (b) Enencrypted HTTPS transaction
23
SSL Handshake (simplified)
24
Server Certificates
client Server
InternetServer Certificate
Certificate serial number 35:DE:F4:CF
Certificate expiration date
Wed, Sep 17, 2003
Site’s organization name Joe’s Hardware Online
Site’s DNS hostname www.joes-hardware.com
Site’s public key
Certificate issuer name RSA Data Security
Certificate issuer signature
Jone doe
HTTPS certificates are X.509 certificates with site information
25
Virtual Hosting and CertificatesCertificate name mismatches bring up certificate error dialog boxes
26
Virtual Hosting and Certificates (cont.)
27
Tunneling Secure Traffic Through Proxies
client
client
Public Internet
Firewallproxy
Securityperimeter
Corporate firewall proxy
28
Tunneling Secure Traffic Through Proxies (cont.)
www.cajun-gifts.comproxy.ncnu.edu.tw
client.ncnu.edu.twbdfwr73ytr6ouydoiw687eqidfjwvd76weti76fig287hdi98r82yr87pfdy72y87193836PDUyqe719eyty3gee98y8787
Proxy cannot proxy an encrypted request
29
Reference
HTTP Security Web Security, Privacy & Commerce Simson Garfinkel, O’reilly & Associates, Inc. This is one of the best,
most readable introductions to web security and the use of SSL/TLS and digital certificates.
http://www.ietf.org/rfc/rfc2818.txt RFC 2818, “HTTP Over TLS,” specifies how to implement secure HT
TP over Transport Layer Security (TLS), the modern successor to SSL.
http://www.ietf.org/rfc/rfc2246.txt RFC 2817, “Upgrading to TLS Within HTTP/1.1,” explains hoe to use
the Upgrade mechanism in HTTP/1.1 to initiate TLS over an existing TCP connection. This allows unsecured and secured HTTP traffic to share the same well-known port (in this case, http: at 80 rather than https: at 443). It also enables virtual hosting, so a single HTTP+TLS server can disambiguate traffic intended for several hostnames at a single IP address.
30
Reference (cont.)
SSL and TLS http://ww.ietf.org/rfc/rfc2246.txt RFC 2246, “The TLS Protocol Version 1.0,” specifies Version 1.0 of the
TLS protocol (the successor to SSL). TLS provides communications privacy over the Internet. The protocol allows client/server applications to communicate in a way that is designed to prevent eavesdropping, tampering, and message forgery.
http://developer.netscape.com/docs/manuals/security/sslin/contents.htm
“Introduction to SSL” introduces the Secure Sockets Layer (SSL) protocol. Originally developed by Netscape, SSL has been universally accepted on the World Wide Web for authenticated and encrypted communication between clients and servers.
http://www.netscape.com/eng/ssl3/draft302.txt “The SSL Protocol Version 3.0” is Netscape’s 1996 specification for SSL.
31
Reference (cont.)
http://developer.netscape.com/tech/security/ssl/howitworks.html
“How SSL Works” is Netscape’s introduction to key cryptography.
http://www.openssl.org The OpenSSL Project is a collaborative effort to develop a robust, commercial-grade, full-featured, and open source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols, as well as a full-strength, general-purpose cryptography library.