Secure HTTP

1. Secure HTTP Herng-Yow Chen

2. Outline When digest authentication is not strong enough? How a more complicated technology secures HTTP transactions from eavesdropping and tampering? Using digital cryptography.

3. HTTPS https scheme security icon

4. HTTPS (cont.) H T T P Application layer H T T P Application layer SSL or TLS Security layer Transport layer T C P T C P Transport layer Network layer I P I P Network layer Network interfaces Network interfaces Data link layer Data link layer (b) HTTPS (a) HTTP

5. Digital cryptography Ciphers Keys Symmetric-key cryptosystems Asymmetric-key cryptosystems Public-key cryptography Digital signatures Digital certificates

6. Plaintext and Ciphertext Plaintext Ciphertext Phhw ph dw wkh slhu dw plgqljkw Meet me at the pier at midnight Encoder Plaintext Meet me at the pier at midnight Decoder

7. Rotate-by-3 cipher example

8. Keyed Ciphers (rotate-by-n), using different keys Plaintext Meet me at the pier at midnight (a) Ciphertext Key=1 nffu nf bu uif qjfs bu njeojhiu Rotate(n) encoder Plaintext Meet me at the pier at midnight (b) Ciphertext Key=2 oggv og cv vjg rkgt cv okfpkijv Rotate(n) encoder Plaintext Meet me at the pier at midnight (c) Ciphertext Key=3 phhw ph dw wkh slhu dw plgqlijkw Rotate(n) encoder

9. Digital Ciphers

10. Plaintext is encoded with encoding key e Plaintext P C = E (P, e) Key=e Ciphertext C Encoder E

11. Symmetric-Key Cryptography If d = e Ciphertext C P = D (C, d) Key=d Plaintext P Decoder D Popular symmetric-key cryptography algorithm are DES, Triple-DES, RC2, and RC4.

12. Key Length and Enumeration Attacks

13. Public-Key Cryptography Using different keys for encoding and decoding client Plaintext Private key=ds Public key=es Encrypted ciphertext Internet Plaintext server

14. Public-Key cryptography assigns a single, public encoding key to each host A A kAX ex B D B D kBX kDX ex ex kCX ex C C (a) Symmetric-key cryptography (b) Public-key cryptography

15. Signatures Are Cryptographic Checksums Plaintext message B A Message digest Message digest Same? E D Signature Message digest Public key=eA Private key=dA

16. The Guts of a Certificate

17. X.509 v3 Certificates

18. Verifying that a signature is real B Message digest Message digest Same? E Signing authority’s public key

19. HTTPS Overview H T T P Application layer H T T P Application layer SSL or TLS Security layer Transport layer T C P T C P Transport layer Network layer I P I P Network layer Network interfaces Network interfaces Data link layer Data link layer (b) HTTPS (a) HTTP

20. HTTPS Schemes (a) HTTP request 80 HTTP Server client (b) HTTPS request 443 HTTPS Secure Server client (C) HTTPS over HTTP tunnel 443 8080 HTTPS client Secure Server HTTP tunnel Proxy

21. Secure Transport Setup

22. Secure Transport Setup (cont.) (a) Unencrypted HTTP transaction (b) Enencrypted HTTPS transaction

23. SSL Handshake (simplified)

24. Server Certificates HTTPS certificates are X.509 certificates with site information Internet client Server Certificate Server

25. Virtual Hosting and Certificates Certificate name mismatches bring up certificate error dialog boxes

26. Virtual Hosting and Certificates (cont.)

27. Tunneling Secure Traffic Through Proxies Corporate firewall proxy Public Internet client client Firewall proxy Security perimeter

28. Tunneling Secure Traffic Through Proxies (cont.) Proxy cannot proxy an encrypted request proxy.ncnu.edu.tw www.cajun-gifts.com client.ncnu.edu.tw bdfwr73ytr6ouydoiw687eqidfjwvd76weti76fig287hdi9 8r82yr87pfdy72y87193836PDUyqe719eyty3gee98y8787

29. Reference HTTP Security Web Security, Privacy & Commerce Simson Garfinkel, O’reilly & Associates, Inc. This is one of the best, most readable introductions to web security and the use of SSL/TLS and digital certificates. http://www.ietf.org/rfc/rfc2818.txt RFC 2818, “HTTP Over TLS,” specifies how to implement secure HTTP over Transport Layer Security (TLS), the modern successor to SSL. http://www.ietf.org/rfc/rfc2246.txt RFC 2817, “Upgrading to TLS Within HTTP/1.1,” explains hoe to use the Upgrade mechanism in HTTP/1.1 to initiate TLS over an existing TCP connection. This allows unsecured and secured HTTP traffic to share the same well-known port (in this case, http: at 80 rather than https: at 443). It also enables virtual hosting, so a single HTTP+TLS server can disambiguate traffic intended for several hostnames at a single IP address.

30. Reference (cont.) SSL and TLS http://ww.ietf.org/rfc/rfc2246.txt RFC 2246, “The TLS Protocol Version 1.0,” specifies Version 1.0 of the TLS protocol (the successor to SSL). TLS provides communications privacy over the Internet. The protocol allows client/server applications to communicate in a way that is designed to prevent eavesdropping, tampering, and message forgery. http://developer.netscape.com/docs/manuals/security/sslin/contents.htm “Introduction to SSL” introduces the Secure Sockets Layer (SSL) protocol. Originally developed by Netscape, SSL has been universally accepted on the World Wide Web for authenticated and encrypted communication between clients and servers. http://www.netscape.com/eng/ssl3/draft302.txt “The SSL Protocol Version 3.0” is Netscape’s 1996 specification for SSL.

31. Reference (cont.) http://developer.netscape.com/tech/security/ssl/howitworks.html “How SSL Works” is Netscape’s introduction to key cryptography. http://www.openssl.org The OpenSSL Project is a collaborative effort to develop a robust, commercial-grade, full-featured, and open source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols, as well as a full-strength, general-purpose cryptography library.