Server-side
Web Programming
Lecture 17:
SSL and HTTPS for Secure
Communication
Security Problems
Major concerns:
• Encryption of sensitive data sent between client and server
• Authentication of server
– How does client know who they are dealing with?
Alice thinks she is at Bob’s site, but
Darth is spoofing it
•
Bob’s web
site
Information integrity
– How do we know third party has not altered data en route?
Address information
Change so item shipped to Darth
Bob’s web
site
Security Protocols
Encryption algorithms
•
Symmetric key: DES, AES, RC4, etc.
– Fast
– Requires both parties to know same secret key
• Impossible in paractice
•
Public key: RSA, etc.
– Sender uses public key of recipient to encrypt data
– Recipient uses their private key to decrypt
• Darth cannot recreate private key from public key
– Slow
• Not practical to encrypt/decrypt large blocks of data
Security Protocols
1.
2.
Use public key encryption to securely send symmetric key
Use a much faster symmetric key algorithm (like DES) to
securely transmit the rest of the message
Ks
P
E
E
E(KS, KPU)
E(P, KS)
D
D
Ks
P
Security Protocols
Information Integrity
•
•
•
•
Hashing function H(M) creates “fingerprint” of message M
Hashing applied to message by sender and recipient
Darth cannot create own fingerprint of altered message without key
If no match, message has been tampered with
H(M)
M
H
H(M)
M + H(M)
M
H
compare
H(M)
Certificates
•
Authentication: public key certificates created by certification authority
– Trusted third party (Verisign, Geotrust, Equifax, etc.)
– Well known public key
•
Certificate contains user’s name, signed with CA’s private key
– No one else can create the certificate without the private key
Certificates
•
Browser can validate certificate using CA’s public key
–
–
–
–
Use indicated hash algorithm to create digest from all fields in certificate
Use CA’s public key to decrypt signature and get enclosed digest
If the two match, certificate is valid and has not been tampered with
Can then check user’s name to make sure matches
Certificates
•
Public keys stored in browser
SSL Protocol
•
Secure Socket Layer protocol for web communication
– Latest upgrade: Transport Layer Security (TLS)
– Same structure as SSL, somewhat more secure
SSL Protocol
Phase 1: Information exchange
• Problem: Large number of encryption algorithms in use
– How do client and server agree on which to use?
•
Client passes preferred algorithms to server
• Public key encryption algorithms
• Private key encryption algorithms
• Hash algorithms
•
Server replies with algorithms that will be used
SSL Protocol
Phase 2: Server Identification and Key Exchange
• Server passes their certificates to client
– Client uses issuer public key to verify identity
– May pass many certificates (one for each known issuer key)
– Also passes public key
SSL Protocol
Phase 3: Client Identification and Key Exchange
• Server may request certificate from client in some cases
– Online banking, etc.
•
Client sends certificate and public key
– If certificate not requested, browser generates new public key
Obtaining Certificates
•
Must obtain from known public key authority
– Not free!
– Expense depends on strength
• 56 bits: inexpensive, but crackable
• 128 bits: expensive but secure
•
Can create “temporary” key for testing
– Keytool utility in Java
– See page 520 in text
Creating Certificates
Password must be “changeit” for Tomcat
Will automatically generate keys
using RSA
Https Protocol
•
When started, requests secure session from server
– Uses separate port in Tomcat
•
Invokes SSL protocol
Https Protocol
•
Need to edit server.xml file in conf directory to enable https: on
some port
Https Protocol
•
Note that will get warning since
certificate not real!
•
If accept, get “secure” session
Https Protocol
•
Https protocol is expensive
– Should not do unless necessary
•
Once done with secure transactions, should go back to using nonsecure channel
– Return to non-secure port