csci 6962: server-side design and programming ssl and https for secure communication

27
CSCI 6962: Server-side Design and Programming SSL and HTTPS for Secure Communication

Upload: everett-west

Post on 24-Dec-2015

226 views

Category:

Documents


1 download

TRANSCRIPT

CSCI 6962: Server-side Design and Programming

SSL and HTTPS for Secure Communication

Outline

• Encryption concepts• Certificates and certificate authorities• The SSL protocol• The https protocol• Creating self-signed certificates• Obtaining certificates from a certificate authority

Web Security Concerns

Major concerns:• Encryption of sensitive data sent between client and server• Authentication of server

– How does client know who they are dealing with?

• Information integrity– How do we know third party has not altered data en route?

Change so item shipped to Darth

Address information

Bob’s web site

Alice thinks she is at Bob’s site, but Darth is spoofing it

Bob’s web site

Encryption

• Symmetric key encryption: DES, AES, etc.– Fast – Requires both parties to know same secret key

• Public key encryption: RSA, Elliptic Curve, etc.– Sender uses public key of recipient to encrypt data– Recipient uses their private key to decrypt

• Impossible to recreate private key from public key– Can be used to uniquely sign a document

• Encrypt with private key, decrypt with public key– Slow (impractical to encrypt/decrypt large blocks of data)

Encryption

1. Use public key encryption to securely send symmetric key2. Use a much faster symmetric key algorithm (like AES) to

securely transmit the rest of the message

EKs DE(KS, KPU)

P

Ks

E DP E(P, KS)

Hashing

Information Integrity• Hashing function H(M, key) creates “fingerprint” of message M• Hashing applied to message by sender and recipient• If no match, message has been tampered with• Darth cannot create own fingerprint of altered message without

key

HM

H

M + H(M, key)

H(M, key)

M

H(M, key)

H(M, key)

compare

Certificates• Public key certificates created by certification authority

– Trusted third party (Verisign, Geotrust, Equifax, etc.)– Known public key

• Certificate contains user’s info, signed with (one of) CA’s private key– No one else can create the certificate without the private key

X.509 Protocol

Certificates• Browser can validate certificate using CA’s public key

– Use indicated hash algorithm to create digest from all fields in certificate– Use CA’s public key to decrypt signature and get enclosed digest– If the two match, certificate is valid and has not been tampered with

Certificates

• Web sites that deal in ecommerce must have certificates for authentication– Installed at server in keystore– Transmitted to client for authentication– Validated using CA’s public key

Client machine

Browser

CA public key

Request for secure session

Server machine

Web Container(JSP, ASP)

Certificatesigned by CA

CA

Keystore

Certificates

• Public keys stored in browser– Can request

from other CAs via public key infrastructure as needed

Secure Socket Layer Protocol• Secure Socket Layer protocol for web communication

– Latest upgrade: Transport Layer Security (TLS)– Same structure as SSL, somewhat more secure

SSL Protocol: Phase 1

• Client passes preferred algorithms to server via https request

• Public key encryption algorithms• Private key encryption algorithms• Hash algorithms• Compression algorithms• Also random number for key generation

• Server replies with algorithms that will be used• Also passes own random number

SSL Protocol: Phase 2

Phase 2: Server Identification and Key Exchange• Server passes their certificates to client

– Client uses issuer public key to verify identity– Client retrieves server public key from certificate– Server may pass chain of certificates for authentication

• Certificates that validate other certificates

SSL Protocol: Phase 3Phase 3: Client Identification and Key Exchange• Client sends certificate or public key if requested by server

SSL Key Generation• Client generates “pre-master key”• Sends to client encrypted with server public key• Client and server use to generate master key used to create

cipher keys– Also use client, server random numbers exchanged in phase 1– SHA-1 and MD5 hashing used to create “pseudorandom” mappings

Phase 4: Final Handshake

Client and server verify protocols and keys

• Sender signs/encrypts “finished” message

• Receiver decrypts/verifies message to confirm keys

SSL Data Transmission• Message broken into blocks

• Block compressed

• Compressed block hashed with authentication key to get MAC (message integrity)

• Compressed block + MAC encrypted with cipher key

• Encrypted block + record protocol header with version/length information sent

Https Protocol• When started, requests secure session from server• Invokes SSL/TLS protocol • Uses separate port in most servers (8181 in Glassfish)

– Must use absolute URL to invoke

• By default future requests will use https: protocol

– Https protocol is expensive– Once done with secure transactions, should go back to using non-

secure channel

Https Protocol

Absolute Redirection in JSF

• Must use code in bean to redirect to absolute address– Call from action attribute

– Use redirect from external context of current instance

Obtaining Certificates

• Must obtain from known public key authority– Not free! (best are thousands of dollars)– Expense depends on strength

• 56 bits: inexpensive, but crackable• 128 bits: expensive but more secure• 256 bits: maximum security

• Can create “temporary” (self-signed) key for testing– Keytool utility in Java – IIS Management Console for ASP (page 615)

Self-signed Certificates in Tomcat

Password must be “changeit” for TomcatWill automatically generate keys using RSA

Obtaining Certificate In Tomcat

• Create a certificate signing request (CSR) for key you have createdkeytool -certreq -alias <your key> -keyalg RSA -keystore <your_keystore_filename>

– Will get certreq.csr file

• Submit to CA (see CA web site for details)• Get signed certificate in return

Obtaining Certificate in Tomcat

• Download and install certificate from CA• Replaces your original self-signed one

keytool -import -alias <your key> -keystore <your keystore filename> -trustcacerts -file <file from CA>

Self-signed Certificates in IIS • Run IIS Management Console

– Included in Windows 7– May need to enable from Programs and Features– Open server certificates

Self-signed Certificates in IIS • Choose “Create Self-signed Certificate”• Enter a name

Obtaining Certificates in IIS

• Can request and install from IIS Management Console