Chapter 18. Web Security

hotbroodΑσφάλεια

2 Νοε 2013 (πριν από 3 χρόνια και 1 μήνα)

76 εμφανίσεις

CRYPTOGRAPHY AND INFORMATION SECURITY


Lecturer: Dr. Nguyen Nam Hong


Tel.: 048781437.


Mob.: 0912312816.


Email:




nguyennamhong2003@yahoo.com.au


Website:



www.freewebs.com/namhongthanhloc

Chapter 18. Web Security

Chapter 18. Web Security (1/3)

18.01. Web Security

18.02. SSL (Security Socket Layer)

18.03. SSL Architecture

18.04. Session State Parameters

18.05. Connection State Parameters

18.06. SSL Record Protocol

18.07. SSL Change Cipher Spec Protocol

Dr. Nguyen Nam Hong, Le Quy Don Technical University


Slide
2

/ 32

Chapter 18. Web Security (2/3)

18.08. SSL Alert Protocol

18.09. SSL Handshake Protocol

18.10. TLS (Transport Layer Security)

18.11. SET (Secure Electronic Transaction)

18.12. SET Components

18.13. SET Transaction

18.14. Dual Signature



Dr. Nguyen Nam Hong, Le Quy Don Technical University


Slide
3

/ 32

Chapter 18. Web Security (3/3)

18.15. Purchase Request
-

Customer

18.16. Purchase Request
-

Merchant

18.17. Payment Gateway Authorization

18.18. Payment Capture

18.19. Summary



Dr. Nguyen Nam Hong, Le Quy Don Technical University


Slide
4

/ 32

18.01. Web Security (1/2)


Web now widely used by business, government,
individuals


but Internet & Web are vulnerable


have a variety of threats


integrity


confidentiality


denial of service


authentication


need added security mechanisms

Dr. Nguyen Nam Hong, Le Quy Don Technical University


Slide
5

/ 32

Web Security (2/2)


HTTP is not a secure protocol


simple and stateless client/server application
running over TCP/IP


Added security measures needed


we will see SSL (Secure Socket Layer) and TLS
(Transport Layer Security)


HTTPS


Secure HTTP protocol


SSL support is provided for several other
TCP/IP applications as well


POP3, SMTP, FTP, News, ...

Dr. Nguyen Nam Hong, Le Quy Don Technical University


Slide
6

/ 32

18.02. SSL (Secure Socket Layer)


transport layer security service


originally developed by Netscape


version 3 designed with public input


subsequently became Internet standard known
as TLS (Transport Layer Security)


uses TCP to provide a reliable end
-
to
-
end service


SSL has two layers of protocols

Dr. Nguyen Nam Hong, Le Quy Don Technical University


Slide
7

/ 32

18.03. SSL Architecture (1/2)

Dr. Nguyen Nam Hong, Le Quy Don Technical University


Slide
8

/ 32

18.03. SSL Architecture (2/2)


SSL session


an association between client & server


created by the Handshake Protocol


define a set of cryptographic parameters


may be shared by multiple SSL connections


SSL connection


a transient, peer
-
to
-
peer, communications link


associated with 1 SSL session

Dr. Nguyen Nam Hong, Le Quy Don Technical University


Slide
9

/ 32

Session State Parameters


Session
identifier


Peer
certificate


Compression
method


Cipher Spec


Master
Secret


Is resumable

Dr. Nguyen Nam Hong, Le Quy Don Technical University


Slide
10

/ 32

18.05. Connection State Parameters


Random numbers


server and client exchange


used as nonces during key exchange


MAC secret


secret key used for MAC operations


conventional encryption key


initialization vector


if CBC mode is used

Dr. Nguyen Nam Hong, Le Quy Don Technical University


Slide
11

/ 32

18.06. SSL Record Protocol (1/2)


confidentiality


using symmetric encryption with a shared
secret key defined by Handshake Protocol


IDEA, RC2
-
40, DES
-
40, DES, 3DES, Fortezza,
RC4
-
40, RC4
-
128


message is compressed before encryption


message integrity


using a MAC with shared secret key


similar to HMAC but with different padding

Dr. Nguyen Nam Hong, Le Quy Don Technical University


Slide
12

/ 32

18.06. SSL Record Protocol (2/2)

header fields


content type (higher layer protocol)


Version


fragment length

Dr. Nguyen Nam Hong, Le Quy Don Technical University


Slide
13

/ 32

18.07. Change Cipher Spec Protocol (1/2)


one of 3 SSL specific protocols which use the SSL
Record protocol


a single message


causes pending state to become current


hence updating the cipher suite in use

Dr. Nguyen Nam Hong, Le Quy Don Technical University


Slide
14

/ 32

18.07. Change Cipher Spec Protocol (2/2)


very simple protocol


the new state established by the handshake
protocol is a
pending

state


that is
, it is

not yet valid


change cipher spec protocol (actually a single
command exchanged between client and server)
makes this pending state the current one


connection parameter
s

change


will see its use in handshake protocol

Dr. Nguyen Nam Hong, Le Quy Don Technical University


Slide
15

/ 32

18.08. SSL Alert Protocol


conveys SSL
-
related alerts to peer entity


severity


warning or fatal


specific alert


unexpected message, bad record mac,
decompression failure, handshake failure,
illegal parameter


close notify, no certificate, bad certificate,
unsupported certificate, certificate revoked,
certificate expired, certificate unknown


compressed & encrypted like all SSL data

Dr. Nguyen Nam Hong, Le Quy Don Technical University


Slide
16

/ 32

18.09. SSL Handshake Protocol (1/2)


allows server & client to:


authenticate each other


to negotiate encryption & MAC algorithms


to negotiate cryptographic keys to be used


comprises a series of messages in phases


Establish Security Capabilities


Server Authentication and Key Exchange


Client Authentication and Key Exchange


Finish

Dr. Nguyen Nam Hong, Le Quy Don Technical University


Slide
17

/ 32

18.09. SSL Handshake Protocol (2/2)

Dr. Nguyen Nam Hong, Le Quy Don Technical University


Slide
18

/ 32

18.10. TLS (Transport Layer Security)


IETF standard RFC 2246 similar to SSLv3


with minor differences


in record format version number


uses HMAC for MAC


a pseudo
-
random function expands secrets


has additional alert codes


some changes in supported ciphers


changes in certificate negotiations


changes in use of padding

Dr. Nguyen Nam Hong, Le Quy Don Technical University


Slide
19

/ 32

18.10. TLS (Transport Layer Security)
(1/2)


TLS is a proposed Internet Standard (RFC 2246)


similar to SSL v3, some difference
s

are given
here


Version number


record format is the same, but the major
version 3, minor version 1 (v3.1)


MAC


TLS uses HMAC with pads XORed (unlike SSL
where pads are appended)


additional alert codes

Dr. Nguyen Nam Hong, Le Quy Don Technical University


Slide
20

/ 32

18.10. TLS (Transport Layer Security)
(2/2)


Same cipher suites of SSL except Fortezza


actually it is not common in SSL v3 either


No ephemeral client certificates in TLS


since signature
-
only certificates are used for
that purpose


some changes in certificate verify and finished
message calculations


a different Pseudorandom function (PRF)


master secret and key block calculations use
PRF in TLS

Dr. Nguyen Nam Hong, Le Quy Don Technical University


Slide
21

/ 32

18.11. SET (Secure Electronic
Transactions)


open encryption & security specification


to protect Internet credit card transactions


developed in 1996 by Mastercard, Visa etc


not a payment system


rather
a set of security protocols & formats


secure communications amongst parties


trust from use of X.509v3 certificates


privacy by restricted info to those who need it

Dr. Nguyen Nam Hong, Le Quy Don Technical University


Slide
22

/ 32

18.12. SET Components

Dr. Nguyen Nam Hong, Le Quy Don Technical University


Slide
23

/ 32

18.13. SET Transaction

1.
customer opens account

2.
customer receives a certificate

3.
merchants have their own certificates

4.
customer places an order

5.
merchant is verified

6.
order and payment are sent

7.
merchant requests payment authorization

8.
merchant confirms order

9.
merchant provides goods or service

10.
merchant requests payment

Dr. Nguyen Nam Hong, Le Quy Don Technical University


Slide
24

/ 32

18.14. Dual Signature


customer creates dual messages


order information (OI) for merchant


payment information (PI) for bank


neither party needs details of other


but
must

know they are linked


use a dual signature for this


signed concatenated hashes of OI & PI

Dr. Nguyen Nam Hong, Le Quy Don Technical University


Slide
25

/ 32

18.15. Purchase Request


Customer

Dr. Nguyen Nam Hong, Le Quy Don Technical University


Slide
26

/ 32

18.16. Purchase Request


Merchant
(1/2)

Dr. Nguyen Nam Hong, Le Quy Don Technical University


Slide
27

/ 32

18.16. Purchase Request


Merchant
(2/2)

1.
verifies cardholder certificates using CA sigs

2.
verifies dual signature using customer's public
signature key to ensure order has not been
tampered with in transit & that it was signed
using cardholder's private signature key

3.
processes order and forwards the payment
information to the payment gateway for
authorization (described later)

4.
sends a purchase response to cardholder


Dr. Nguyen Nam Hong, Le Quy Don Technical University


Slide
28

/ 32

18.17. Payment Gateway Authorization
(1/2)

1. verifies
all certificates

2. decrypts
digital envelope of authorization block
to obtain symmetric key & then decrypts
authorization block

3. verifies
merchant's signature on authorization
block

4. decrypts
digital envelope of payment block to
obtain symmetric key & then decrypts payment
block

Dr. Nguyen Nam Hong, Le Quy Don Technical University


Slide
29

/ 32

18.17. Payment Gateway Authorization
(2/2)

5. verifies
dual signature on payment block

6. verifies
that transaction ID received from
merchant matches that in PI received (indirectly)
from customer

7. requests
& receives an authorization from issuer

8. sends
authorization response back to merchant

Dr. Nguyen Nam Hong, Le Quy Don Technical University


Slide
30

/ 32

18.18. Payment Capture


merchant sends payment gateway a payment
capture request


gateway checks request


then causes funds to be transferred to merchants
account


notifies merchant using capture response

Dr. Nguyen Nam Hong, Le Quy Don Technical University


Slide
31

/ 32

18.19. Summary


have considered:


need for web security


SSL
(Security Socket Layer)



TLS

(Transport Layer Security)


SET

(Secure Electronic Transaction)

Dr. Nguyen Nam Hong, Le Quy Don Technical University


Slide
32

/ 32