Server-side Web Programming Lecture 17: SSL and HTTPS for Secure Communication Security Problems Major concerns: • Encryption of sensitive data sent between client and server • Authentication of server – How does client know who they are dealing with? Alice thinks she is at Bob’s site, but Darth is spoofing it • Bob’s web site Information integrity – How we know third party has not altered data en route? Address information Change so item shipped to Darth Bob’s web site Security Protocols Encryption algorithms • Symmetric key: DES, AES, RC4, etc – Fast – Requires both parties to know same secret key • Impossible in paractice • Public key: RSA, etc – Sender uses public key of recipient to encrypt data – Recipient uses their private key to decrypt • Darth cannot recreate private key from public key – Slow • Not practical to encrypt/decrypt large blocks of data Security Protocols Use public key encryption to securely send symmetric key Use a much faster symmetric key algorithm (like DES) to securely transmit the rest of the message Ks P E E E(KS, KPU) E(P, KS) D D Ks P Security Protocols Information Integrity • • • • Hashing function H(M) creates “fingerprint” of message M Hashing applied to message by sender and recipient Darth cannot create own fingerprint of altered message without key If no match, message has been tampered with H(M) M H H(M) M + H(M) M H compare H(M) Certificates • Authentication: public key certificates created by certification authority – Trusted third party (Verisign, Geotrust, Equifax, etc.) – Well known public key • Certificate contains user’s name, signed with CA’s private key – No one else can create the certificate without the private key Certificates • Browser can validate certificate using CA’s public key – – – – Use indicated hash algorithm to create digest from all fields in certificate Use CA’s public key to decrypt signature and get enclosed digest If the two match, certificate is valid and has not been tampered with Can then check user’s name to make sure matches Certificates • Public keys stored in browser SSL Protocol • Secure Socket Layer protocol for web communication – Latest upgrade: Transport Layer Security (TLS) – Same structure as SSL, somewhat more secure SSL Protocol Phase 1: Information exchange • Problem: Large number of encryption algorithms in use – How client and server agree on which to use? • Client passes preferred algorithms to server • Public key encryption algorithms • Private key encryption algorithms • Hash algorithms • Server replies with algorithms that will be used SSL Protocol Phase 2: Server Identification and Key Exchange • Server passes their certificates to client – Client uses issuer public key to verify identity – May pass many certificates (one for each known issuer key) – Also passes public key SSL Protocol Phase 3: Client Identification and Key Exchange • Server may request certificate from client in some cases – Online banking, etc • Client sends certificate and public key – If certificate not requested, browser generates new public key Obtaining Certificates • Must obtain from known public key authority – Not free! – Expense depends on strength • 56 bits: inexpensive, but crackable • 128 bits: expensive but secure • Can create “temporary” key for testing – Keytool utility in Java – See page 520 in text Creating Certificates Password must be “changeit” for Tomcat Will automatically generate keys using RSA Https Protocol • When started, requests secure session from server – Uses separate port in Tomcat • Invokes SSL protocol Https Protocol • Need to edit server.xml file in conf directory to enable https: on some port Https Protocol • Note that will get warning since certificate not real! • If accept, get “secure” session Https Protocol • Https protocol is expensive – Should not unless necessary • Once done with secure transactions, should go back to using nonsecure channel – Return to non-secure port ... Protocol • Secure Socket Layer protocol for web communication – Latest upgrade: Transport Layer Security (TLS) – Same structure as SSL, somewhat more secure SSL Protocol Phase 1: Information exchange... conf directory to enable https: on some port Https Protocol • Note that will get warning since certificate not real! • If accept, get ? ?secure? ?? session Https Protocol • Https protocol is expensive... automatically generate keys using RSA Https Protocol • When started, requests secure session from server – Uses separate port in Tomcat • Invokes SSL protocol Https Protocol • Need to edit server.xml