Transcript Secure Transactions

Secure Transactions
Chapter 17
The user's machine
• No control over security of user's machine
– Might be in very insecure: library, school, &c.
• Users disable some features: cookies,
Java, JavaScript
• Might not have 128-bit encryption
– Until recently 128-bit encryption could not be
legally exported from U.S.
• Might not be dealilng with a browser
• Store as little information as possible on
user's machine (for a variety of reasons)
The Internet
The Internet is inherently insecure
Your options:
• Transmit info anyhow
• Digitally sign to avoid tampering
• Encrypt to keep private and avoid
tampering
• Find another way to distribute
information
The Internet
"It is difficult to be certain
whether the person you are
dealing with is who he claims
to be."
Repudiation: can you prove to a
court that someone took part in a
transaction?
The Internet
Ways to address privacy and
repudiation issues:
• Secure Sockets Layer (SSL)
– "is readily available and widely used"
• Secure HyperText Transfer Protocol
(S-HTTP)
– "has not really taken off"
Your system
• Keep up to date on warnings and
patches for third-party software
• What do your scripts do (or not do)?
–
–
–
–
Use SSL to protect privacy
Use registered digital certificate
Check user-entered data carefully
Store information securely
Using SSL
• Originally designed by Netscape
• Now is "unofficial standard" for
secure communication between
browsers and servers
• Standardized in TLS
– Transport Layer Security
– Based on SSL
– Not yet widely supported
Network protocol stack
HTTP
FTP
SMTP
TCP/UDP
IP
Various
...
Application layer
Network layer
Transport layer
Host to Network layer
The SSL layer
HTTP
SSL
SSL
SSL
HandChange Alert
shake
Protocol Cipher Protocol
...
SSL Record Protocol
TCP/UDP
IP
Various
Application layer
SSL layer
Network layer
Transport layer
Host to Network layer
• The SSL layer is transparent:
– Same interface as the underlying transport layer
• Deals with handshaking, encryption, and
decryption
SSL handshake
Browser connects, asks for certificate
Browser
Server
SSL handshake
Browser connects, asks for certificate
Server sends certificate
Certificate
Server distinguished name
Browser
CA's
public key
Server
public key
Issuer distinguished name
Period of validity
Other information
Issuer Signature
Server
private
public
SSL handshake
Browser connects, asks for certificate
Server sends certificate
Browser sends list of cyphers
Browser
RC4 with 40-bit key
DES with 40-bit key
DES with 56-bit key
Server
SSL handshake
Browser connects, asks for certificate
Server sends certificate
Browser sends list of cyphers
Server selects strongest common cypher
Browser
RC4 with 40-bit key
Server
from browser:
server supports:
RC4 with 40-bit key
DES with 40-bit key
DES with 56-bit key
RC4 with 40-bit key
RC2 with 40-bit key
3DES with 168-bit key
Idea (128 bit key)
SSL handshake
Browser connects, asks for certificate
Server sends certificate
Browser sends list of cyphers
Server selects strongest common cypher
Browser
Browser sends encrypted random number
4238195996
Server
private
public
SSL handshake
Browser connects, asks for certificate
Server sends certificate
Browser sends list of cyphers
Server selects strongest common cypher
Browser
Browser sends encrypted random number
Server
Server sends plain text random number
8435043532
Why is this sent
in plain text?
SSL handshake
Browser connects, asks for certificate
Server sends certificate
Browser sends list of cyphers
Server selects strongest common cypher
Browser
Browser sends encrypted random number
Server
Server sends plain text random number
Hash random #s to get session key
session
session
Sending data
<html><head><title>My Page</title>...
Packetize
<html><hea
y Page</ti
d><title>M
Break up the data into manageable packets.
Sending data
<html><head><title>My Page</title>...
Packetize
<html><hea
y Page</ti
d><title>M
Compress
Each packet is (optionally) compressed.
Sending data
<html><head><title>My Page</title>...
Packetize
<html><hea
y Page</ti
d><title>M
Compress
Calculate MAC
Use hash to calculate Message
Authentication Code for each packet.
Sending data
<html><head><title>My Page</title>...
Packetize
<html><hea
y Page</ti
d><title>M
Compress
Calculate MAC
Encrypt
The MAC and compressed data are combined
and encrypted using the session key.
session
Sending data
<html><head><title>My Page</title>...
Packetize
<html><hea
y Page</ti
d><title>M
Compress
Calculate MAC
Encrypt
Combine with header and send
TCP
header
Screening user input
• Use addslashes() before putting data in
database. Use stripslashes() when
retrieving data.
• Magic quotes
– Add and strip slashes automatically
Screening user input
• escapeshellcmd()
– used to pass data to system(), exec() or
execute with backticks
Avoid executing shell commands wherever
possible, especially with user input.
• strip_tags() remove HTML tags
• htmlspecialchars() escape HTML chars
– e.g., change < to &lt;
Providing secure storage
"The most dangerous type of data
we store is executable content."
• Don't allow write access to scripts
and directories in document tree.
Intruder could write malicious script and execute
it by loading through the web server.
• Scripts that are supposed to write
files should write outside web tree.
Providing secure storage
• Encrypting data probably won't
help unless key and decrypting
software are on a different machine.
• Intruder who can get to encrypted
file can probably also get to key
and decrypting software if they are
on the same machine.
Protect passwords in scripts
• Scripts with .php will always be
interpreted.
• Scripts with other extensions (like .inc)
could be served as is.
• Limited protection from other users on
same server
– Don't use same password for login and
database. Back up database.
– Set group to apache (must be root) and
don't allow public read.
– CGI is more secure in this respect.
Why are you storing credit
card numbers?
• One time transactions:
Send card number to transaction
processor and don't store
• Periodic charges:
– Don't store on web server
– Check up-to-date security info
– Be paranoid