csci 6962: server-side design and programming ssl and https for secure communication
TRANSCRIPT
Outline
• Encryption concepts• Certificates and certificate authorities• The SSL protocol• The https protocol• Creating self-signed certificates• Obtaining certificates from a certificate authority
Web Security Concerns
Major concerns:• Encryption of sensitive data sent between client and server• Authentication of server
– How does client know who they are dealing with?
• Information integrity– How do we know third party has not altered data en route?
Change so item shipped to Darth
Address information
Bob’s web site
Alice thinks she is at Bob’s site, but Darth is spoofing it
Bob’s web site
Encryption
• Symmetric key encryption: DES, AES, etc.– Fast – Requires both parties to know same secret key
• Public key encryption: RSA, Elliptic Curve, etc.– Sender uses public key of recipient to encrypt data– Recipient uses their private key to decrypt
• Impossible to recreate private key from public key– Can be used to uniquely sign a document
• Encrypt with private key, decrypt with public key– Slow (impractical to encrypt/decrypt large blocks of data)
Encryption
1. Use public key encryption to securely send symmetric key2. Use a much faster symmetric key algorithm (like AES) to
securely transmit the rest of the message
EKs DE(KS, KPU)
P
Ks
E DP E(P, KS)
Hashing
Information Integrity• Hashing function H(M, key) creates “fingerprint” of message M• Hashing applied to message by sender and recipient• If no match, message has been tampered with• Darth cannot create own fingerprint of altered message without
key
HM
H
M + H(M, key)
H(M, key)
M
H(M, key)
H(M, key)
compare
Certificates• Public key certificates created by certification authority
– Trusted third party (Verisign, Geotrust, Equifax, etc.)– Known public key
• Certificate contains user’s info, signed with (one of) CA’s private key– No one else can create the certificate without the private key
X.509 Protocol
Certificates• Browser can validate certificate using CA’s public key
– Use indicated hash algorithm to create digest from all fields in certificate– Use CA’s public key to decrypt signature and get enclosed digest– If the two match, certificate is valid and has not been tampered with
Certificates
• Web sites that deal in ecommerce must have certificates for authentication– Installed at server in keystore– Transmitted to client for authentication– Validated using CA’s public key
Client machine
Browser
CA public key
Request for secure session
Server machine
Web Container(JSP, ASP)
Certificatesigned by CA
CA
Keystore
Certificates
• Public keys stored in browser– Can request
from other CAs via public key infrastructure as needed
Secure Socket Layer Protocol• Secure Socket Layer protocol for web communication
– Latest upgrade: Transport Layer Security (TLS)– Same structure as SSL, somewhat more secure
SSL Protocol: Phase 1
• Client passes preferred algorithms to server via https request
• Public key encryption algorithms• Private key encryption algorithms• Hash algorithms• Compression algorithms• Also random number for key generation
• Server replies with algorithms that will be used• Also passes own random number
SSL Protocol: Phase 2
Phase 2: Server Identification and Key Exchange• Server passes their certificates to client
– Client uses issuer public key to verify identity– Client retrieves server public key from certificate– Server may pass chain of certificates for authentication
• Certificates that validate other certificates
SSL Protocol: Phase 3Phase 3: Client Identification and Key Exchange• Client sends certificate or public key if requested by server
SSL Key Generation• Client generates “pre-master key”• Sends to client encrypted with server public key• Client and server use to generate master key used to create
cipher keys– Also use client, server random numbers exchanged in phase 1– SHA-1 and MD5 hashing used to create “pseudorandom” mappings
Phase 4: Final Handshake
Client and server verify protocols and keys
• Sender signs/encrypts “finished” message
• Receiver decrypts/verifies message to confirm keys
SSL Data Transmission• Message broken into blocks
• Block compressed
• Compressed block hashed with authentication key to get MAC (message integrity)
• Compressed block + MAC encrypted with cipher key
• Encrypted block + record protocol header with version/length information sent
Https Protocol• When started, requests secure session from server• Invokes SSL/TLS protocol • Uses separate port in most servers (8181 in Glassfish)
– Must use absolute URL to invoke
• By default future requests will use https: protocol
– Https protocol is expensive– Once done with secure transactions, should go back to using non-
secure channel
Https Protocol
Absolute Redirection in JSF
• Must use code in bean to redirect to absolute address– Call from action attribute
– Use redirect from external context of current instance
Obtaining Certificates
• Must obtain from known public key authority– Not free! (best are thousands of dollars)– Expense depends on strength
• 56 bits: inexpensive, but crackable• 128 bits: expensive but more secure• 256 bits: maximum security
• Can create “temporary” (self-signed) key for testing– Keytool utility in Java – IIS Management Console for ASP (page 615)
Self-signed Certificates in Tomcat
Password must be “changeit” for TomcatWill automatically generate keys using RSA
Obtaining Certificate In Tomcat
• Create a certificate signing request (CSR) for key you have createdkeytool -certreq -alias <your key> -keyalg RSA -keystore <your_keystore_filename>
– Will get certreq.csr file
• Submit to CA (see CA web site for details)• Get signed certificate in return
Obtaining Certificate in Tomcat
• Download and install certificate from CA• Replaces your original self-signed one
keytool -import -alias <your key> -keystore <your keystore filename> -trustcacerts -file <file from CA>
Self-signed Certificates in IIS • Run IIS Management Console
– Included in Windows 7– May need to enable from Programs and Features– Open server certificates