Upload
worapot-jakkhupan
View
273
Download
0
Embed Size (px)
Citation preview
ICT@PSU 308-364 Advanced Web Programming 1 of 26
Website Security (Node.js + OpenSSL)
308-364 Advanced Web Programming
1/2558
Simplicity is the ultimate sophistication
Leonardo da Vinci
ICT@PSU 308-364 Advanced Web Programming 2 of 26
Objectives
• Understanding the basic Cryptography techniques• Symmetric Key Cryptography
• Asymmetric Key Cryptography
• Hybrid Key Cryptography
• Secure the website communication using SSL/TSL• Public Key Infrastructure (PKI)
• Understanding hash functions• MD5• SHA1
ICT@PSU 308-364 Advanced Web Programming 3 of 26
Terminology• Code
• Replacement based on words or semantic structures
• Cipher• Replacement based on symbols
• Cryptography• The science of encrypting or hiding secrets.
• Cryptanalysis• The science of decrypting messages or breaking codes and ciphers.
• Cryptology• The combination of the two.
• Plaintext – an unencrypted message• Cyphertext – an encrypted message• Security: a combination of
• Authentication• Access control
ICT@PSU 308-364 Advanced Web Programming 4 of 26
Friends and enemies: Alice, Bob, Trudy
securesender
securereceiver
channel data, control messages
data data
Alice Bob
Eve
• well-known in network security world
• Bob, Alice (lovers!) want to communicate “securely”
• Eve (or Trudy, intruder) may intercept, delete, add messages
I love you
I love you I love you
ICT@PSU 308-364 Advanced Web Programming 5 of 26
The language of cryptography
plaintext plaintextciphertext
KA
encryptionalgorithm
decryption algorithm
Alice’s encryptionkey
Bob’s decryptionkey
KB
dE@#CFlis^>&
I love you I love you
ICT@PSU 308-364 Advanced Web Programming 6 of 26
Three eras of cryptology
• Pre-WWII• Cryptography as a craft
• Widely used, but few provable techniques
• 1940s-1970• Secret key encryption introduced
• Information theory used to characterize security
• 1970-present• Public key systems introduced
ICT@PSU 308-364 Advanced Web Programming 7 of 26
Cryptographic Methods
• Symmetric
• Same key for encryption and decryption
• Key distribution problem
• Asymmetric
• Mathematically related key pairs for encryption and decryption
• Public and private keys
• Hybrid
• Combines strengths of both methods
• Asymmetric distributes symmetric key
• Symmetric provides bulk encryption
• Example: SSL negotiates a hybrid method
http://www.tools4noobs.com/online_tools/encrypt/
ICT@PSU 308-364 Advanced Web Programming 8 of 26
1. Symmetric Key Cryptography
Encryption
“The quick brown
fox jumps over the
lazy dog”
“AxCv;5bmEseTfid3)fGsm
We#4^,sdgfMwir3:dkJeTsY
8R\s@!q3%”
“The quick brown
fox jumps over the
lazy dog”
Decryption
Plain-text input Plain-text outputCipher-text
Same key(shared secret)
ICT@PSU 308-364 Advanced Web Programming 9 of 26
Symmetric Pros and Cons
• Strength:• Simple and really very fast (order of 1000 to 10000 faster than
asymmetric mechanisms)
• Super-fast (and somewhat more secure) if done in hardware (DES, Rijndael)
• Weakness:• Must agree the key beforehand
• Securely pass the key to the other party
• Some algorithms• DES (Modes: ECB, CBC, CFB, OFB, CM), 3DES, AES, IDEA, Blowfish,
RC4, RC5, CAST, SAFER, Twofish
ICT@PSU 308-364 Advanced Web Programming 10 of 26
2. Asymmetric Key Cryptography
• AKA. Public Key Cryptography
• Knowledge of the encryption key doesn’t give you knowledge of the decryption key
• Receiver of information generates a pair of keys • Publish the public key in a directory
• Then anyone can send him messages that only she can read
ICT@PSU 308-364 Advanced Web Programming 11 of 26
Public Key Encryption
Encryption
“The quick brown
fox jumps over the
lazy dog”
“Py75c%bn&*)9|fDe^bDFa
q#xzjFr@g5=&nmdFg$5kn
vMd’rkvegMs”
“The quick brown
fox jumps over the
lazy dog”
Decryption
Clear-text Input Clear-text OutputCipher-text
Different keys
Recipient’s public key Recipient’s private
key
privatepublic
ICT@PSU 308-364 Advanced Web Programming 12 of 26
Public Key Pros and Cons
• Weakness:• Extremely slow
• Susceptible to “known ciphertext” attack
• Problem of trusting public key (see later on PKI)
• Strength• Solves problem of passing the key
• Allows establishment of trust context between parties
• Example algorithms• Diffie-Hellman, RSA, El Gamal, Elliptic Curve Cryptography (ECC)
ICT@PSU 308-364 Advanced Web Programming 13 of 26
3. Hybrid Encryption (Real World)
As above, repeated for other
recipients or recovery agents
Digital
Envelope
Other recipient’s or
agent’s public key
(in certificate)
in recovery policy
Launch key for Nuclear missile “RedHeat” is...
Symmetric key
encrypted asymmetrically
(e.g., RSA)
Digital
Envelope
User’s
public key
(in certificate)
RNG
Randomly-
Generated symmetric
“session” key
Symmetric encryption
(e.g. DES)
*#$fjda^j
u539!3t
t389E *&\@
5e%32\^kd
ICT@PSU 308-364 Advanced Web Programming 14 of 26
*#$fjda^j
u539!3t
t389E *&\@
5e%32\^kd
Launch keyfor nuclearmissile “RedHeat” is...
Symmetric decryption
(e.g. DES)
Digital
Envelope
Asymmetric decryption of
“session” key (e.g. RSA)
Symmetric
“session” key
Session key must be decrypted
using the recipient’s private keyDigital envelope contains
“session” key encrypted using
recipient’s public key
Recipient’s private key
Hybrid Decryption
ICT@PSU 308-364 Advanced Web Programming 15 of 26
Public Key Distribution Problem
• We just solved the problem of symmetric key distribution by using public/private keys
• But…
• Scott creates a keypair (private/public) and quickly tells the world that the public key he published belongs to Bill
• People send confidential stuff to Bill
• Bill does not have the private key to read them…
• Scott reads Bill’s messages
• We require Certificate Authority (CA) and Digital Signature
ICT@PSU 308-364 Advanced Web Programming 16 of 26
Creating a Digital Signature
Hash Function
(SHA, MD5)
Jrf843kjfgf*£$&Hdif*7oUs
d*&@:<CHDFHSD(**Py75c%bn&*)9|fDe^bDFaq#xzjFr@
g5=&nmdFg$5knvMd’rkvegMs”
This is a really long
message about Bill’s…
Asymmetric
Encryption
Message or File Digital Signature128 bits Message Digest
Calculate a short message digest from
even a long input using a one-way
message digest function (hash)
Signatory’s private
key
private
ICT@PSU 308-364 Advanced Web Programming 17 of 26
Verifying a Digital Signature
Jrf843kjfgf*£$&Hd
if*7oUsd*&@:<CH
DFHSD(**
Py75c%bn&*)
9|fDe^bDFaq
#xzjFr@g5=
&nmdFg$5kn
vMd’rkvegMs”
Asymmetric decryption
(e.g. RSA)
Everyone has access to trusted
public key of the signatory
Signatory’s public
key
Digital Signature
This is a really long
message about Bill’s…
Same hash function
(e.g. MD5, SHA…)
Original Message
Py75c%bn&*)
9|fDe^bDFaq
#xzjFr@g5=
&nmdFg$5kn
vMd’rkvegMs”
? == ?
Are They Same?
ICT@PSU 308-364 Advanced Web Programming 18 of 26
What are SSL and TLS?
• SSL – Secure Socket Layer
• TLS – Transport Layer Security
• both provide a secure transport connection between applications (e.g., a web server and a browser)
• SSL was developed by Netscape
• SSL version 3.0 has been implemented in many web browsers (e.g., Netscape Navigator and MS Internet Explorer) and web servers and widely used on the Internet
• SSL v3.0 was specified in an Internet Draft (1996)
• it evolved into TLS specified in RFC 2246
• TLS can be viewed as SSL v3.1
ICT@PSU 308-364 Advanced Web Programming 19 of 26
Extended Validation (EV) Certificates
• Certificate request must be approved by a human lawyer at the certificate authority
slide 19
ICT@PSU 308-364 Advanced Web Programming 20 of 26
Secure Socket Layer
Client
1. Browser connects to website
Web Server2. Server responds with Certificate and key
CA
3. Client verifies
certificate with CA
Rando
m Key4. Client sends a random key to server
encrypted with the public key
Random
Key
https://www.youtube.com/watch?v=rROgWTfA5qE
ICT@PSU 308-364 Advanced Web Programming 21 of 26
Notes
• All data encrypted with the servers public key can only be decrypted by the servers private key
• The randomly generated key was:• Randomly Generated by the client• Encrypted with the servers public key
• Only the Server and the Client would know the key, and unless they share it no one else would know.
• Therefore encrypting the Data with the random key secures the data from prying eyes.
• In most applications of SSL/TLS the key type, cipher and hash can be configured based on client and server requirements. It is this that determines the security of your connection, although SSL isn’t without it’s vulnerabilities.
ICT@PSU 308-364 Advanced Web Programming 22 of 26
Certificate Authority
• What is Certificate Authorities? • Comodo, Symantec, GoDaddy, GlobalSign, DigiCert
• What are the CA and Public Key algorithm of…• Google
• YouTube
• Instagram• PSU and Science Faculty login page for internet access
ICT@PSU 308-364 Advanced Web Programming 23 of 26
Hash Functions
• A hash function is any function that can be used to map
digital data of arbitrary size to digital data of fixed size.
• A cryptographic hash function is a hash function which is
considered practically impossible to invert, that is, to recreate the
input data from its hash value alone.
• Applications
• Verifying the integrity of files or messages
• Password verification
• File or data identifier
ICT@PSU 308-364 Advanced Web Programming 24 of 26
Hash Function Algorithms
• MD5 hash function widely used (RFC 1321) • computes 128-bit message digest in 4-step process.
• arbitrary 128-bit string x, appears difficult to construct msg m whose MD5 hash is equal to x.
• SHA-1 is also used.• US standard [NIST, FIPS PUB 180-1]
• 160-bit message digest
• http://www.fileformat.info/tool/hash.htm
ICT@PSU 308-364 Advanced Web Programming 25 of 26
Message-Digest Algorithm 5 (MD5)
• Developed by Ron Rivest in 1991
• Uses 128-bit hash values
• Still widely used in legacy applications although considered insecure
• Various severe vulnerabilities discovered
• Chosen-prefix collisions attacks found by Marc Stevens, Arjen Lenstra and
Benne de Weger
• Start with two arbitrary plaintexts P and Q
• One can compute suffixes S1 and S2 such that P||S1 and Q||S2 collide under MD5 by
making 250 hash evaluations
• Using this approach, a pair of different executable files or PDF documents with the
same MD5 hash can be computed
ICT@PSU 308-364 Advanced Web Programming 26 of 26
Secure Hash Algorithm (SHA)
• Developed by NSA and approved as a federal standard by NIST
• SHA-0 and SHA-1 (1993)
• 160-bits
• Considered insecure
• Still found in legacy applications
• Vulnerabilities less severe than those of MD5
• SHA-2 family (2002)
• 256 bits (SHA-256) or 512 bits (SHA-512)
• Still considered secure despite published attack techniques
• Public competition for SHA-3 announced in 2007