Chapter 16 – Cryptography and Network Transport ‐ Level Security Security Chapter 16 Use your mentality Wake up to reality —From the song, "I've Got You under My Skin“ Fifth Edition by Cole Porter by William Stallings Lecture slides by Lawrie Brown Web Security Web Traffic Security Approaches • Web now widely used by business, government, individuals • but Internet & Web are vulnerable • have a variety of threats have a variety of threats – integrity – confidentiality – denial of service – authentication • need added security mechanisms SSL (Secure Socket Layer) SSL Architecture • transport layer security service • originally developed by Netscape • version 3 designed with public input • subsequently became Internet standard • subsequently became Internet standard known as TLS (Transport Layer Security) • uses TCP to provide a reliable end ‐ to ‐ end service • SSL has two layers of protocols 1
SSL Architecture SSL Record Protocol Services SSL connection • confidentiality – using symmetric encryption with a shared secret a transient, peer ‐ to ‐ peer, communications link key defined by Handshake Protocol associated with 1 SSL session – AES, IDEA, RC2 ‐ 40, DES ‐ 40, DES, 3DES, Fortezza, SSL SSL session i RC4 ‐ 40, RC4 ‐ 128 an association between client & server – message is compressed before encryption created by the Handshake Protocol • message integrity define a set of cryptographic parameters – using a MAC with shared secret key may be shared by multiple SSL connections – similar to HMAC but with different padding SSL Record Protocol Operation SSL Change Cipher Spec Protocol • one of 3 SSL specific protocols which use the SSL Record protocol • a single message • causes pending state to become current • hence updating the cipher suite in use SSL Handshake Protocol SSL Alert Protocol allows server & client to: conveys SSL ‐ related alerts to peer entity authenticate each other severity to negotiate encryption & MAC algorithms • warning or fatal to negotiate cryptographic keys to be used specific alert comprises a series of messages in phases • fatal: unexpected message, bad record mac, decompression failure, handshake failure, illegal 1. Establish Security Capabilities parameter 2. Server Authentication and Key Exchange • warning: close notify, no certificate, bad certificate, unsupported certificate, certificate revoked, certificate 3. Client Authentication and Key Exchange expired, certificate unknown 4. Finish compressed & encrypted like all SSL data 2
Cryptographic Computations master secret creation a one ‐ time 48 ‐ byte value SSL generated using secure key exchange (RSA / Diffie ‐ Handshake Handshake Hellman) and then hashing info Hellman) and then hashing info generation of cryptographic parameters Protocol client write MAC secret, a server write MAC secret, a client write key, a server write key, a client write IV, and a server write IV generated by hashing master secret TLS (Transport Layer Security) HTTPS HTTPS (HTTP over SSL) • IETF standard RFC 2246 similar to SSLv3 combination of HTTP & SSL/TLS to secure • with minor differences communications between browser & server – in record format version number • documented in RFC2818 – uses HMAC for MAC uses HMAC for MAC • no fundamental change using either SSL or TLS – a pseudo ‐ random function expands secrets use https:// URL rather than http:// • based on HMAC using SHA ‐ 1 or MD5 and port 443 rather than 80 – has additional alert codes encrypts – some changes in supported ciphers URL, document contents, form data, cookies, – changes in certificate types & negotiations HTTP headers – changes in crypto computations & padding HTTPS Use Secure Shell (SSH) protocol for secure network communications • connection initiation designed to be simple & inexpensive – TLS handshake then HTTP request(s) SSH1 provided secure remote logon facility • connection closure replace TELNET & other insecure schemes p – have “Connection: close” in HTTP record h “C i l ” i HTTP d also has more general client/server capability – TLS level exchange close_notify alerts SSH2 fixes a number of security flaws – can then close TCP connection documented in RFCs 4250 through 4254 – must handle TCP close before alert exchange sent or completed SSH clients & servers are widely available method of choice for remote login/ X tunnels 3
SSH Protocol Stack SSH Transport Layer Protocol • server authentication occurs at transport layer, based on server/host key pair(s) – server authentication requires clients to know host keys in advance • packet exchange k t h – establish TCP connection – can then exchange data • identification string exchange, algorithm negotiation, key exchange, end of key exchange, service request – using specified packet format SSH Connection Protocol SSH User Authentication Protocol • runs on SSH Transport Layer Protocol authenticates client to server • assumes secure authentication connection three message types: • used for multiple logical channels SSH_MSG_USERAUTH_REQUEST – SSH communications use separate channels _ _ _ SSH_MSG_USERAUTH_FAILURE – either side can open with unique id number SSH_MSG_USERAUTH_SUCCESS – flow controlled authentication methods used – have three stages: • opening a channel, data transfer, closing a channel public ‐ key, password, host ‐ based – four types: • session, x11, forwarded ‐ tcpip, direct ‐ tcpip. Port Forwarding • convert insecure TCP connection into a secure SSH connection SSH – SSH Transport Layer Protocol establishes a TCP Connection connection between SSH client & server Protocol – client traffic redirected to local SSH, travels via tunnel, then remote SSH delivers to server Exchange • supports two types of port forwarding – local forwarding – hijacks selected traffic – remote forwarding – client acts for server 4
Summary • have considered: – need for web security – SSL/TLS transport layer security protocols – HTTPS HTTPS – secure shell (SSH) 5
Recommend
More recommend
