550 likes | 572 Views
Web Security and Email Security Computer Security and Cyber Law ITC 229. Web Security. Web now widely used by business, government, individuals but Internet & Web are vulnerable have a variety of threats integrity confidentiality denial of service authentication
E N D
Web Security and Email Security Computer Security and Cyber Law ITC 229
Web Security • Web now widely used by business, government, individuals • but Internet & Web are vulnerable • have a variety of threats • integrity • confidentiality • denial of service • authentication • need added security mechanisms
Web Security Threats • Passive Attack • Passive attack include eavasdropping on the network traffic between browser and server and gaining access to information on a web site that is suppose to be restricted. • Active Attack • Active attack include impersonating another user , altering message in transit between client and server, and altering information on a web site. • Location of the Threats • Web server, web browser and network traffic between browser and server • Issue of server and browser
SSL (Secure Socket Layer) • transport layer security service • originally developed by Netscape • version 3 designed with public input • subsequently became Internet standard known as TLS (Transport Layer Security) • uses TCP to provide a reliable end-to-end service • SSL has two layers of protocols
Secure Sockets Layer (SSL), is cryptographic protocols that provide communication security over the Internet. SSL encrypt the segments of network connections at the Application Layer for the Transport Layer, using asymmetric cryptography for key exchange, symmetric encryption for privacy, and message authentication codes for message integrity. Several versions of the protocols are in widespread use in applications such as web browsing, electronic mail, Internet faxing, instant messaging and voice-over-IP (VoIP). SSL
HTTP SMTP POP3 80 25 110 HTTPS SSMTP SPOP3 443 465 995 Secure Sockets Layer Transport Network Link Where does SSL fits?
SSL Services • peer entity authentication • data confidentiality • data authentication and integrity • compression/decompression • generation/distribution of session keys • integrated into protocol • security parameter negotiation
SSL Architecture • SSL session • an association between client & server • created by the Handshake Protocol • define a set of cryptographic parameters • may be shared by multiple SSL connections • SSL connection • A connection is a transport that provides a suitable type of service • For SSL such type of connection are peer to peer • a transient, peer-to-peer, communications link • Every SSL connection is associated with 1 SSL session
SSL Record Protocol • Provide two services for SSL connections: • confidentiality • using symmetric encryption with a shared secret key defined by Handshake Protocol • IDEA, RC2-40, DES-40, DES, 3DES, Fortezza, RC4-40, RC4-128 • message is compressed before encryption • message integrity • using a MAC (Message Authentication Code) created using a shared secret key and a short message • Can be utilized by some upper-layer protocols of SSL.(hand shake protocol )
SSL Change Cipher Spec Protocol • one of 3 SSL specific protocols which use the SSL Record protocol • a single message add from book....... • causes pending state to become current • hence updating the cipher suite in use
Alert Protocol • Enables the parties to exchange error or warning information. • it identifies problems with the protocol or potential security problems with the session. • Alert messages communicate the severity of the message and a description of the alert • Fatal messages result in connection termination.
SSL Handshake Protocol • Responsible for the negotiations that start a SSL session. • Establishment of the secure channel between the client and the server • Provides the keys and the algorithm information to SSL Record Protocol, above it • Enables clients and servers • authenticate each other • To negotiate encryption & MAC algorithms • to negotiate cryptographic keys to be used • comprises a series of messages in phases • Generate shared secrets using public-key encryption techniques
SSL Handshake Protocol • Handshake Protocol divided into 4 phases: • Establish Security Capabilities Server • Authentication and key Exchange Client • Authentication and key Exchange • Change CipherSpec and Finish
Overview of TLS • IETF standard RFC 2246 similar to SSLv3 • with minor differences • in record format version number • uses HMAC for MAC • a pseudo-random function expands secrets • has additional alert codes • some changes in supported ciphers • changes in certificate negotiations • changes in use of padding
TLS VS SSL • TLS uses HMAC, SSL uses a precursor • TLS MAC covers compression version field in addition to what SSL MAC covers • TLS defines additional alert codes • other minor differences • TLS has a mode to fall back to SSL
HTTPS • HTTPS = combination of HTTP and SSL to implement secure communication between web browser to web server. • Uses port 443 • When HTTPS is used the following elements of the communication are encrypted • URL of the requested document • Contents of document • Contents of browser forms • Cookies sent from browser to server and from server to browser. • Contains HTTP header
Secure Electronic Transactions (SET) • open encryption & security specification • to protect Internet credit card transactions • developed in 1996 by Mastercard, Visa etc • not a payment system, rather a set of security protocols & formats • secure communications amongst parties • trust from use of X.509v3 certificates • privacy by restricted info to those who need it
Dual Signature customer creates dual messages order information (OI) for merchant payment information (PI) for bank neither party needs details of other but must know they are linked use a dual signature for this signed concatenated hashes of OI & PI.
Payment Processing • Payment Processing • it describe the process and service that automates payment transactions between the shopper and merchant. • It is usually a third-party service that is actually a system of computer processes that process, verify, and accept or decline credit card transactions on behalf of the merchant through secure Internet connections. • Payment Processor • In electronic commerce, the firm that processes credit card transactions on behalf of a bank.
Email • SMTP, • PEM, • PGP, • MIME • SMIME,and • Concept Secure email
Threats • Threats to the security of e-mail itself • Loss of confidentiality • E-mails are sent in clear over open networks • E-mails stored on potentially insecure clients and mail servers • Loss of integrity • No integrity protection on e-mails; body can be altered in transit or on mail server • Lack of data origin authentication • Lack of non-repudiation • Lack of notification of receipt
Threats Enabled by E-mail • Disclosure of sensitive information • Exposure of systems to malicious code • Denial-of-Service (DoS) • Unauthorized accesses etc.
Email based Attacks • Active content attack • Clean up at the server (AV, Defang) • Buffer over-flow attack • Fix the code • Shell script attack • Scan before send to the shell • Trojan Horse Attack • Use “do not automatically use the macro” option • Web bugs (for tracking)
SMTP Simple Mail Transfer Protocol is a protocol for sending e-mail messages between servers and uses TCP port 25. Most e-mail systems that send mail over the Internet use SMTP to send messages from one server to another; the messages can then be retrieved with an e-mail client using either POP or IMAP. In addition, SMTP is generally used to send messages from a mail client to a mail server.
SMTP While electronic mail servers and other mail transfer agents use SMTP to send and receive mail messages, user-level client mail applications typically only use SMTP for sending messages to a mail server for relaying Goal: To transfer mail reliably and efficiently
SMTP SMTP clients and servers have two main components • User Agents – Prepares the message, encloses it in an envelope. (ex. Thunderbird, Eudora) • Mail Transfer Agent – Transfers the mail across the internet (ex. Sendmail, Exim) Analogous to the postal system in many ways User Agents Mail Transfer Agents
SMTP SMTP also allows the use of Relays allowing other MTAs to relay the mail Mail Gateways are used to relay mail prepared by a protocol other than SMTP and convert it to SMTP
Format of an email • Mail is a text file • Envelope – • sender address • receiver address • other information • Message :- Mail Header – defines the sender, the receiver, the subject of the message, and other information • Mail Body :- Contains the actual information in the message
Connection Establishment TCP Connection Establishment
Connection Termination TCP Connection Termination
Limitations in SMTP • Only uses 7 bit ASCII format • No authentication mechanisms • Messages are sent un-encrypted • Susceptible to misuse (Spamming, faking sender address)
Privacy-Enhanced Mail (PEM) Privacy-Enhanced Mail (PEM) is an Internet standard that provides for secure exchange of electronic mail. PEM employs a range of cryptographic techniques to allow for confidentiality, sender authentication, and message integrity. The message integrity aspects allow the user to ensure that a message hasn't been modified during transport from the sender. The sender authentication allows a user to verify that the PEM message that they have received is truly from the person who claims to have sent it. The confidentiality feature allows a message to be kept secret from people to whom the message was not addressed.
PGPEmail Security Enhancements • authentication • of sender of message or reciever of message in some cases • Certification mechanisms • confidentiality • protection from disclosure (against replay attacks) • message integrity • protection from modification • available in public-key encryption • non-repudiation of origin • protection from denial by sender • available in public-key encryption
PGPPGP Services • messages • authentication • confidentiality • compression • E-mail compatibility • segmentation and reassembly • non-repudiation of origin • key management • generation, distribution, and revocation of public/private keys • generation and transport of session keys
PGPAuthentication • based on digital signatures • message is hashed and 128-bit output is added to message packet • supported algorithms: RSA/SHA and DSS/SHA (unrecoverable) • distributed certification mechanism where every sender/reciever is a certificate authority
PGPConfidentiality • Solved by symmetric key message encryption with a random, single-use session key • 128-bit session key is encrypted with the public key of the receiver • supported algorithms: • symmetric: CAST, IDEA, 3DES, • asymmetric: RSA,
PGPCompression • Applied after the signature • enough to store clear message and signature for later verification • it would be possible to dynamically compress messages before signature verification, • then all PGP implementations should use the same compression algorithm • however, different PGP versions use slightly different compression algorithms • applied before encryption • compression reduces redundancy makes cryptanalysis harder • less bandwidth usage • Useful against decryption attacks where the frequency of letters are used • supported algorithm: ZIP
PGPEmail compatibility • encrypted messages and signatures may contain arbitrary octets • most e-mail systems support only ASCII characters • text file processing is different on different OSs, PGP message packet may optionally include OS information • PGP converts an arbitrary binary stream into a stream of printable ASCII characters
PGPPacket Structure • Message packet, signature packet and session key packet • PGP can produce only message packet + session key packet or signature packet (compression optional) • Timestamp is included to overcome attacks by intruders who steals the whole packet and sends again (e.g. Money transfer)
PGPKey ID • a user may have several public key – private key pairs • which private key to use to decrypt the session key? • which public key to use to verify a signature? • transmitting the whole public key would be wasteful • associating a random ID to a public key would result in management burden • PGP key ID: least significant 64 bits of the public key • unique within a user with very high probability
PGPRandom number generators • true random numbers • used to generate public key – private key pairs (512-2048 bit) • provide the initial seed for the pseudo-random number generator (PRNG) • provide additional input during pseudo-random number generation • pseudo-random numbers • used to generate session keys
PGPTrue random numbers • PGP maintains a 256-byte buffer of random bits • each time PGP expects a keystroke from the user, it records • the time when it starts waiting (32 bits) • the time when the key was pressed (32 bits) • the value of the key stroke (8 bits) • the recorded information is used to generate a key • the generated key is used to encrypt the current value of the random-bit buffer
PGPPrivate key ring • used to store the public key – private key pairs owned by a given user • should be stored on portable storage (floppy,USB disks) • essentially a table, where each row contains the following entries: • timestamp • key ID (indexed) • public key • encrypted private key ( MD5(pwd)+IDEA ) • user ID (indexed)
PGPPublic key ring • used to store public keys of other users • a table, where each row contains the following entries: • timestamp • key ID (indexed) • public key • user ID (indexed) • owner trust • signature(s) • signature trust(s) • key legitimacy