1.37k likes | 1.66k Views
Internet & Web Security. References & Resources. Lincoln Stein, Web Security: A Step-by-Step Reference Guide Larry J. Hughes, Jr., Internet Security Techniques. What is web security?. Three parts of web security Three points of view Risks. Three components of web security. Browser Server
E N D
References & Resources • Lincoln Stein, Web Security: A Step-by-Step Reference Guide • Larry J. Hughes, Jr., Internet Security Techniques
What is web security? • Three parts of web security • Three points of view • Risks
Three components of web security • Browser • Server • Connection between the two (I.e., the Internet!)
Three points of view • User’s • Webmaster’s • Both parties’
User’s point of view • Remote server’s ownership known and true • No viruses or other damaging documents / sw • Remote server respects user’s privacy • Doesn’t obtain / record / distribute private info
Webmaster’s point of view • User won’t try to break in / alter contents • User won’t try to gain access to documents s/he’s not privy to • User won’t try to crash the server • User’s ID (if provided!) is true
Both parties’ point of view • Network connection free of eavesdropping • Info between browser and server delivered intact, free from tampering
Three (interdependent) parts • Document confidentiality • Client-side security • Server-side security
Document confidentiality • Protect private information from • Eavesdropping • Fraudulent identities • Mostly via cryptography
Client-side security • Protect user’s privacy and system’s integrity • Virus protection • Limit amount of info browser transmits (without user’s consent) • Protect organizations confidential information / network integrity • From Web browsing activities
Server-side security • Protect server from • Break-ins • Site vandalism • Denial-of-service attacks • Mostly firewalls and OS security measures
Risks • Risks that affect both client and server • Risks to the end user • Risks to the web site
Risks that affect both client and server • Eavesdropping • “Packet sniffers” (more …) • Fraud
Network snooping (sniffing) ... • Abuse of network debugging tools ... • Network interface into promiscuous mode ... • Solution: encrypt
Abuse of network debugging tools ... • E.g., Network General's Expert Sniffer • etherfind (SunOS) • tcpdump (free on Internet) • Sniffer FAQ • comp.security, news.answers • ftp://ftp.iss.net/pub/faq/sniff • http://www.iss.net/iss/sniff.html
Network interface into promiscuous mode ... • Report all packets to sniffer • Display / record • Analyze • Remote also possible
Fraud • Authenticate • Individuals, organizations • Transactions • Documents • Solution: digital signatures, certification authorities
Risks to the end user • Active content • Privacy infringement
Active content • Browsers download and run SW without notice • Java applets • ActiveX controls • Plug-ins • Helper app’s • JavaScript • Malicious (not many) / buggy (???)
Privacy infringement • Site-collected data on visitors • Server log (time, date, IP addr., document, referrer URL) • Proxy servers log (every site visited) • Cookies • User-provided data • Solutions: e.g., “stealth browser”
Risks to the web site • Webjacking • Server and LAN break-ins • Denial-of-service attacks
Webjacking • Break in & modify contents • Happens(ed) a lot • How? • Exploit holes in • OS, Web server, buggy SW • CGI scripts
Server and LAN break-ins • Various attacks at different protocol layers (OSI, more …) • Defense: firewall
Denial-of-service attacks • Cause server to crash / hang / “crawl” • OS, server, CGI scripts, Web site services • No real defenses • Place limits on resources used by server / other sw • Close known holes
Part I: Document confidentiality • Basic cryptography • SSL, SET, and Digital Payment Systems
Basic cryptography • How cryptography works • Symmetric cryptography • Public key cryptography • Online Resources • Printed Resources
How cryptography works • Plaintext • Ciphertext • Cryptographic algorithm • Key Decryption Key Algorithm Plaintext Ciphertext Encryption
Simple cryptosystem ... • Caesar Cipher • Simple substitution cipher • ROT-13 • half alphabet ==> 2 x ==> plaintext
Keys cryptosystems … • keys and keyspace ... • secret-key and public-key ... • key management ... • strength of key systems ...
Keys and keyspace … • ROT: key is N • Brute force: 25 values of N • IDEA in PGP: 2128 numeric keys • 1 billion keys / sec ==> >10,781,000,000,000,000,000,000 years
Key Decryption Plaintext Ciphertext Plaintext Encryption Sender Recipient Symmetric cryptography • DES • Triple DES, DESX, GDES, RDES • RC2, RC4, RC5 • IDEA • Blowfish
DES • Data Encryption Standard • US NIST (‘70s) • 56-bit key • Good then • Not enough now (cracked June 1997) • Discrete blocks of 64 bits • Often w/ CBC (cipherblock chaining) • Each blocks encr. depends on contents of previous
Triple DES, DESX, GDES, RDES • Variants on DES: decrease risk of brute-force guessing • Triple-DES • 1. W/ Key 1 • 2. W/ Key 2 • 3. W/ Key 1 • ==> Effective key length ~168 bits
RC2, RC4, RC5 • Proprietary (RSA Data Security, Inc.) • Variable length keys(up to 2,048 bits) • Outside US: 40-bit versions of RC2 & RC4 • ==> Web browsers & servers
IDEA • Int’l Data Encryption Algorithm • Patented (AscomTech AG) • Popular in Europe • 128-bit key ==> more secure than DES • (One of) at heart of PGP • (Other is RSA)
Blowfish • Unpatented (Bruce Schneier) • In many commercial & freeware • Var-length key (up to 448 bits)
Symmetric not fit for Internet • Spontaneous comm ==> can’t exchange keys • Multiway comm ==> key secrecy compromised
Public key cryptography • Two-in-one • Cryptography • Digital signatures
Key Key Decryption Recipient’s secret key Recipient’s public key Encryption Public key cryptography • Asymmetric Plaintext Ciphertext Plaintext Recipient Senders
Key Key Decryption Sender’s public key Sender’s secret key Recipient Sender Encryption Digital signatures • But, problem ... Authenticated Plaintext Plaintext Digital signature y =?
Key Recipient’s secret key Key Key Key Sender’s public key Recipient’s public key Recipient Sender Sender’s secret key Combining cryptography and digital signature Signature text Message text Authenticated Message y =? Digital signature Ciphertext
Problem ... • Can cut & paste from older • Solutions • A --> B: random “challenge” phrase • B --> A: sign w/ secret key, return • A: decrypts w/ B’s public key, compare to original • Or, message digest functions
Message digest functions & message integrity • One-way hashes • Digital fingerprint for original message • Sender ... • Recipient
Sender • 1. Run message through digest function • 2. Sign hash with secret key • 3. Send signed hash & original message to recipient
Recipient • Decrypt hash w/ sender’s public key • Compare with result of running message through digest function • Match ==> verified integrity • In SSL (later): Message Authenticity Check (MAC) • MAC = digest(secret + digest(secret - message))
Message digest functions • MD4 (Rivest, MIT) • 128-bit hashes • Weaknesses ==> • MD5 (Rivest) • Most widely used • SHA: Secure Hash Algorithm (NIST) • 160-bit hash
Digital envelopes • Public key encryption SLOWER than symmetric ==> Hybrid • 1. Random secret key (“session key”; discard when done) • 2. Encrypt message w/ session key & symmetric alg. • Encrypt session key w/ recipient’s public key (==> “digital envelope”) • Send encrypted message + digital envelope
Key Key Key Session key Session key Recipient’s secret key Key Recipient’s public key Recipient Sender Digital envelopes Message plaintext Message plaintext Ciphertext
Certifying authorities & public key infrastructure • Large public-key database • ==> management? Trusted third party • Certifying authorities (CA)