Server-side Web Programming

Lecture 17: SSL and HTTPS for Secure

Communication

Security Problems

Major concerns:• Encryption of sensitive data sent between client and server• Authentication of server

– How does client know who they are dealing with?

• Information integrity– How do we know third party has not altered data en route?

Change so item shipped to Darth

Address information

Bob’s web site

Alice thinks she is at Bob’s site, but Darth is spoofing it

Bob’s web site

Security Protocols

Encryption algorithms• Symmetric key: DES, AES, RC4, etc.

– Fast

– Requires both parties to know same secret key• Impossible in paractice

• Public key: RSA, etc.– Sender uses public key of recipient to encrypt data

– Recipient uses their private key to decrypt• Darth cannot recreate private key from public key

– Slow• Not practical to encrypt/decrypt large blocks of data

Security Protocols

1. Use public key encryption to securely send symmetric key

2. Use a much faster symmetric key algorithm (like DES) to securely transmit the rest of the message

EKs D

E(KS, KPU)

P

Ks

E DP E(P, KS)

Security Protocols

Information Integrity• Hashing function H(M) creates “fingerprint” of message M• Hashing applied to message by sender and recipient• Darth cannot create own fingerprint of altered message without key• If no match, message has been tampered with

HM

H

M + H(M)

H(M)

M

H(M)

H(M)

compare

Certificates

• Authentication: public key certificates created by certification authority– Trusted third party (Verisign, Geotrust, Equifax, etc.)

– Well known public key

• Certificate contains user’s name, signed with CA’s private key– No one else can create the certificate without the private key

Certificates

• Browser can validate certificate using CA’s public key– Use indicated hash algorithm to create digest from all fields in certificate

– Use CA’s public key to decrypt signature and get enclosed digest

– If the two match, certificate is valid and has not been tampered with

– Can then check user’s name to make sure matches

Certificates

• Public keys stored in browser

SSL Protocol

• Secure Socket Layer protocol for web communication– Latest upgrade: Transport Layer Security (TLS)

– Same structure as SSL, somewhat more secure

SSL Protocol

Phase 1: Information exchange• Problem: Large number of encryption algorithms in use

– How do client and server agree on which to use?

• Client passes preferred algorithms to server• Public key encryption algorithms• Private key encryption algorithms• Hash algorithms

• Server replies with algorithms that will be used

SSL Protocol

Phase 2: Server Identification and Key Exchange• Server passes their certificates to client

– Client uses issuer public key to verify identity

– May pass many certificates (one for each known issuer key)

– Also passes public key

SSL Protocol

Phase 3: Client Identification and Key Exchange• Server may request certificate from client in some cases

– Online banking, etc.

• Client sends certificate and public key– If certificate not requested, browser generates new public key

Obtaining Certificates

• Must obtain from known public key authority– Not free!

– Expense depends on strength• 56 bits: inexpensive, but crackable• 128 bits: expensive but secure

• Can create “temporary” key for testing– Keytool utility in Java

– See page 520 in text

Creating Certificates

Password must be “changeit” for TomcatWill automatically generate keys using RSA

Https Protocol

• When started, requests secure session from server– Uses separate port in Tomcat

• Invokes SSL protocol

Https Protocol

• Need to edit server.xml file in conf directory to enable https: on some port

Https Protocol

• Note that will get warning since certificate not real!

• If accept, get “secure” session

• Https protocol is expensive– Should not do unless necessary

• Once done with secure transactions, should go back to using non-secure channel– Return to non-secure port

Https Protocol