Transcript Plaintext
Secure HTTP
Herng-Yow Chen
1
Outline
When digest authentication is not strong
enough?
How a more complicated technology
secures HTTP transactions from
eavesdropping and tampering?
Using digital cryptography.
2
HTTPS
https scheme
security icon
3
HTTPS (cont.)
HTTP
HTTP
Application layer
Application layer
SSL or TLS
Security layer
TCP
Transport layer
TCP
Transport layer
IP
Network layer
IP
Network layer
Network interfaces
Data link layer
Network interfaces Data link layer
(a) HTTP
(b) HTTPS
4
Digital cryptography
Ciphers
Keys
Symmetric-key cryptosystems
Asymmetric-key cryptosystems
Public-key cryptography
Digital signatures
Digital certificates
5
Plaintext and Ciphertext
Plaintext
Ciphertext
Meet me at the
pier at midnight
Phhw ph dw wkh
slhu dw plgqljkw
Encoder
Plaintext
Meet me at the
pier at midnight
Decoder
6
Rotate-by-3 cipher example
Cipher
ABCDEFGHIJKLMNOPQRSTUVWXYZ
ABCDEFGHI JKLMNOPQRSTUVWXYZABC
Plaintext
MEET ME AT THE AT PIRE AT MIDNIGHT
Ciphertext PHHW PH DW WKH DW SLHU DW PLGQLJKW
7
Keyed Ciphers (rotate-by-n), using
different keys
(a)
Plaintext Meet me at the
pier at midnight
Ciphertext
Key=1
nffu nf bu uif
qjfs bu njeojhiu
Rotate(n) encoder
(b)
Plaintext Meet me at the
pier at midnight
Ciphertext
Key=2
oggv og cv vjg
rkgt cv okfpkijv
Rotate(n) encoder
(c)
Plaintext Meet me at the
pier at midnight
Ciphertext
Key=3
Rotate(n) encoder
phhw ph dw
wkh slhu dw
plgqlijkw
8
Digital Ciphers
9
Plaintext is encoded with
encoding key e
C = E (P, e)
Plaintext P
Key=e
Ciphertext C
Encoder E
10
Symmetric-Key Cryptography
If d = e
P = D (C, d)
Ciphertext C
Key=d
Plaintext P
Decoder D
Popular symmetric-key cryptography algorithm are
DES, Triple-DES, RC2, and RC4.
11
Key Length and Enumeration
Attacks
Attack cost
40-bit
key
56-bit key
64-bit key
80-bit key
128-bit key
$100,000
2 secs
35 hours
1 years
70,000
years
1019 years
$1,000,000
200
msecs
3.5 hours
37 days
7,000 years
1018 years
$10,000,000
20
msecs
21 mins
4 days
700 years
1017 years
$100,000,000
2msecs
2 mins
9 hours
70 years
1016 years
13 secs
1 hours
7 years
1015 years
$1,000,000,000 200
usecs
12
Public-Key Cryptography
Using different keys for encoding and decoding
client
Plaintext
Public
key=es
Encrypted
ciphertext
Private
key=ds
Internet
Plaintext
server
13
Public-Key cryptography assigns a single,
public encoding key to each host
A
A
kAX
B
kBX
ex
kDX
D
B
ex
kCX
C
(a) Symmetric-key cryptography
ex
D
ex
C
(b) Public-key cryptography
14
Signatures Are Cryptographic
Checksums
Plaintext
message
A
Message
digest
D
Private
key=dA
Signature
Message
digest
E
B
Same?
Message
digest
Public
key=eA
15
The Guts of a Certificate
16
X.509 v3 Certificates
17
Verifying that a signature is real
B
E
Signing authority’s
public key
Message
digest
Message
digest
Same?
18
HTTPS Overview
HTTP
HTTP
Application layer
Application layer
SSL or TLS
Security layer
TCP
Transport layer
TCP
Transport layer
IP
Network layer
IP
Network layer
Network interfaces
Data link layer
Network interfaces Data link layer
(a) HTTP
(b) HTTPS
19
HTTPS Schemes
(a) HTTP request
HTTP
Server
client
(b) HTTPS request
HTTPS
Secure Server
client
(C) HTTPS over HTTP tunnel
HTTPS
client
HTTP tunnel
Proxy
Secure Server
20
Secure Transport Setup
21
Secure Transport Setup (cont.)
(a) Unencrypted HTTP transaction
(b) Enencrypted HTTPS transaction
22
SSL Handshake (simplified)
23
Server Certificates
HTTPS certificates are X.509 certificates with site information
Internet
client
Server
Certificate
Server
Certificate serial number
35:DE:F4:CF
Certificate expiration date
Wed, Sep 17, 2003
Site’s organization name
Joe’s Hardware Online
Site’s DNS hostname
www.joes-hardware.com
Site’s public key
Certificate issuer name
RSA Data Security
Certificate issuer signature
Jone doe
24
Virtual Hosting and Certificates
Certificate name mismatches bring up certificate error dialog boxes
25
Virtual Hosting and Certificates
(cont.)
26
Tunneling Secure Traffic Through
Proxies
Corporate firewall proxy
Public Internet
client
client
Firewall
proxy
Security
perimeter
27
Tunneling Secure Traffic Through
Proxies (cont.)
Proxy cannot proxy an encrypted request
proxy.ncnu.edu.tw
client.ncnu.edu.tw
www.cajun-gifts.com
bdfwr73ytr6ouydoiw687eqidfjwvd76weti76fig287hdi9
8r82yr87pfdy72y87193836PDUyqe719eyty3gee98y8787
28
Reference
HTTP Security
Web Security, Privacy & Commerce
Simson Garfinkel, O’reilly & Associates, Inc. This is one of the best,
most readable introductions to web security and the use of SSL/TLS and
digital certificates.
http://www.ietf.org/rfc/rfc2818.txt
RFC 2818, “HTTP Over TLS,” specifies how to implement secure HTTP
over Transport Layer Security (TLS), the modern successor to SSL.
http://www.ietf.org/rfc/rfc2246.txt
RFC 2817, “Upgrading to TLS Within HTTP/1.1,” explains hoe to use the
Upgrade mechanism in HTTP/1.1 to initiate TLS over an existing TCP
connection. This allows unsecured and secured HTTP traffic to share the
same well-known port (in this case, http: at 80 rather than https: at
443). It also enables virtual hosting, so a single HTTP+TLS server can
disambiguate traffic intended for several hostnames at a single IP
address.
29
Reference (cont.)
SSL and TLS
http://ww.ietf.org/rfc/rfc2246.txt
RFC 2246, “The TLS Protocol Version 1.0,” specifies Version 1.0 of the TLS
protocol (the successor to SSL). TLS provides communications privacy over the
Internet. The protocol allows client/server applications to communicate in a way
that is designed to prevent eavesdropping, tampering, and message forgery.
http://developer.netscape.com/docs/manuals/security
/sslin/contents.htm
“Introduction to SSL” introduces the Secure Sockets Layer (SSL) protocol.
Originally developed by Netscape, SSL has been universally accepted on the
World Wide Web for authenticated and encrypted communication between
clients and servers.
http://www.netscape.com/eng/ssl3/draft302.txt
“The SSL Protocol Version 3.0” is Netscape’s 1996 specification for SSL.
30
Reference (cont.)
http://developer.netscape.com/tech/security/s
sl/howitworks.html
“How SSL Works” is Netscape’s introduction to key
cryptography.
http://www.openssl.org
The OpenSSL Project is a collaborative effort to
develop a robust, commercial-grade, full-featured,
and open source toolkit implementing the Secure
Sockets Layer (SSL v2/v3) and Transport Layer
Security (TLS v1) protocols, as well as a full-strength,
general-purpose cryptography library.
31