inf 123 sw arch, dist sys & interop lecture 17
DESCRIPTION
INF 123 SW Arch, dist sys & interop Lecture 17. Prof. Crista Lopes. Objectives. Trust on the Internet Certificates & certificate authorities Public Key Cryptography SSL. Basic Threat: Domain Name Hijacking. - PowerPoint PPT PresentationTRANSCRIPT
INF 123 SW ARCH, DIST SYS & INTEROP
LECTURE 17Prof. Crista Lopes
Objectives Trust on the Internet
Certificates & certificate authorities Public Key Cryptography SSL
Basic Threat: Domain Name Hijacking
Computers use a variety of methods to accomplish domain name resolution (name IP address) Local computer: hosts file DNS
Trojans may compromise hosts file, LAN router, or even entire ISP’s DNS resolution Leafs are more vulnerable -- demo
Very serious threat to the integrity of the Internet
Problem Formulation How can we trust that a domain name is
under control of its legitimate owner in the presence of such attacks?
Trusted Third Party
Certificate Authorities
Trusted Third Party A wants to talk to B, but is not sure B is
B
A B
Trusted Third Party, aka Certificate Authority
In broad strokes:
A B
CA1
3
2
4
5
6
Trusted Third Party1. B requests a digital certificate from CA2. CA verifies B in real life3. CA gives certificate to B
some time later…4. A contacts B5. B sends its digital certificate to A6. A verifies it with CA7. Finally, A is assured that B is B
Digital Certificate (non-electronic version: driver’s license) Binds an identity to a public key Electronic document signed by an authority Contains:
Owner’s public key Owner’s name Expiration date Serial number Name of the issuer Digital signature of the issuer
Trusted Certificate Authorities http://www.mozilla.org/projects/security/
certs/included/
Digital certificates from these CAs are expen$ive
Public Key Cryptography
Public Key Cryptography Asymmetric key algorithms
mathematically related key pair: one secret private key and another key that can be made public
Avoids secure initial exchange of key
Symmetric vs. Asymmetric
Symmetric
Asymmetric
ofreceiver
ofreceiver
Asymmetric Keys Data encrypted with a public key can
only be decrypted with the corresponding private key use this to ensure that only the recipient
can decrypt the message Data encrypted with a private key can
only be decrypted with the corresponding public key use this to ensure authenticity of sender
(assuming the sender’s public key can be trusted – hence CAs)
Digital Signatures
Password- vs. Certificate-based Authentication
Password
Certificate
Recap: SSL/TLS Extra pieces of transport-layer protocol
for negotiating cyphers and ensuring authentication of the server
Bottom line: Payload data is encrypted before sending,
decrypted upon reception
Recap: HTTPS = HTTP + SSL/TLS
POST /wifi/login HTTP/1.1Hostname: …Content-Type: …Content-Length: …
METHOD=login&firstname=foo&lastname=bar&password=hereismypassword
Unintelligible gibberish
Recap: HTTPS = HTTP + SSL/TLS https:// instead of http://
Uses port 443 by default instead of port 80
How SSL works http://video.google.com/videoplay?docid
=7130470471741831613
To Learn More on Cryptography CS 167
Final Remark about CAs Anyone can create certificates
you can too Tools choose which certificate authorities
to trust they may or may not trust yours
Alternative: Web of Trust Decentralized trust model
as opposed to CAs/PKI which are centralized Phil Zimmerman:
“As time goes on, you will accumulate keys from other people that you may want to designate as trusted introducers. Everyone else will each choose their own trusted introducers. And everyone will gradually accumulate and distribute with their key a collection of certifying signatures from other people, with the expectation that anyone receiving it will trust at least one or two of the signatures. This will cause the emergence of a decentralized fault-tolerant web of confidence for all public keys.”