Lecture 12-13 1

APACHE Web Server mod-perl

• When a CGI script is launched under mod_perl, that script has already been compiled into PERL opcodes, eliminating the need to start a new process

• Apache initializes a new Perl interpreter in an existing process and hands that interpreter previously compiled code to execute

• Much higher performance

Lecture 12-13 2

SECURITY

• Fundamental Requirements:

1. Privacy

2. Integrity

3. Authentication

4. Non-repudiation

5. Availability

Lecture 12-13 3

SECURITY

• Privacy issue:

- How do you ensure that that the information you transmit over the Internet has not been captured or passed on to a third party without your knowledge.

• Integrity Issue

- How do you ensure the information you send or receive has not been compromised or altered

Lecture 12-13 4

SECURITY

• Authentication issue:

- How do sender and receiver of a message prove their identities to each other

• Non-Repudiation Issue:

- How do you legally prove that a message was sent or received

• Availability Issue:

- How do we ensure that the network and the computer system it connects will stay in operation continuously

Lecture 12-13 5

Cryptography

• Cryptography: transforms data using a key (a string of digits that acts as a password) to make the data incomprehensible to all but the sender and the intended receiver

•Plaintext: unencrypted data

•Ciphertext: encrypted data

•Cipher/Cryptosystem: technique/algorithm for encrypting messages

•Simple examples of cryptosystem:

-Substitution

-Transposition

Lecture 12-13 6

Secret key (Symmetric) Cryptography

• uses same (symmetric) keys to encrypt/decrypt a message

• fundamental problem: before two people can communicate, they must first find a way to exchange the symmetric key securely

• Point-to-point key exchange

• Centralized: Key distribution center generates a session key

• DES algorithms developed by NSA and |IBM in the 1950s

Lecture 12-13 7

Public Key (Asymmetric) Cryptography

• developed by Diffie & Hellman (Stanford Univ) 1976

• Two inversely related keys are used:

1. Public key : freely distributed

2. Private key: kept secret by its owner

• Either the public key or the private key can be used to encrypt or decrypt a message

• If the public key is used to encrypt a message, only the corresponding private key can decrypt it

• Vice versa: if the private key is used to encrypt a message, only the corresponding public key can decrypt it (this can be used to authenticate the sender of the message)

Lecture 12-13 8

Public Key (Asymmetric) Cryptography• The defining property of a secure public key is that it is computationally infeasible to deduce the private key from the public key

•Public key algorithms require large amounts of computer power

•Symmetric systems are faster

•RSA : most commonly used public key algorithm (developed by Rivest, Shamir, Adleman, MIT Professors, in 1977)

Lecture 12-13 9

Key Agreement Protocols

• Public key algorithms can be used to allow two parties to agree upon a key to be used as secret key to be used for symmetric key encryption over insecure medium

•Digital Envelope:

-message is encrypted using a symmetric key

-Symmetric key is encrypted using public key

-Attach encrypted symmetric key to encrypted message and send the entire package

-To decrypt: receiver first decrypts the symmetric key using the receiver’s private key. Then the symmetric key is used to decrypt actual message

Lecture 12-13 10

SECURITY-Hash Function

• Also known as “message digest”

• Mathematical function that gives message a hash value

• The chance that two different messages will have the same message digest is statistically insignificant

• Collision occurs when multiple messages have the same hash value

• It is computationally infeasible to compute a message from its hash value or to find two messages with the same hash value

• Example: MD5

Lecture 12-13 11

SECURITY- Digital signatures

• Solve problems of integrity and authentication

• Like a written signature, authenticates sender’s identity

• To create a digital signature

1. Run original plaintext message through hash (message digest)

2. Encrypt message digest using sender’s private key (creates a digital signature and authenticates the sender)

3. Encrypt original message with receiver’s public key

4. Send (encrypted message+digital signature+hash function) to the receiver

Lecture 12-13 12

SECURITY – Digital Signatures

• Receiver:

1. Receives the package

2. Uses sender’s public key to decipher the digital signature and reveal the message digest

3. Uses receiver’s own private key to decipher the original message

4. Applies the hash function to the original message

5. Compare the deciphered message digest to the result of hash function

Lecture 12-13 13

SECURITY – Digital Signatures

• Digital signatures do not provide the proof that a message has been sent

• A time-stamping agency (third party) can help to solve the non-repudiation problem by digitally signing the time-stamp

• US government recently passed digital-signature legislation that makes digital signatures as legally binding as hand-written signatures

Lecture 12-13 14

Public Key Infrastructure (PKI)

• How does a customer know that the web site it is accessing belongs to a trustworthy merchant and not to a third party site that is acting as merchant to steal credit-card information

• PKI integrates public-key cryptography with “digital certificates” and “certification authorities (CA)” to authenticate parties in a transaction

• Digital Certificate: is a digital document issued by a CA and includes:

-name of the subject (being certified)

-Subject’s public key

-Expiration date

- … plus other relevant information

• CA is a financial institution or other trusted third party such as VeriSign or Thawte

Lecture 12-13 15

CA • CA takes the responsibility for authentication, it checks the validity of

information before issuing a digital certificate

• Digital certificates are publicly available in CA certificate repositories

• CA signes the certificate by encrypting either the public key or a hash value of the public key using the CA’s own private key

• CA has to verify every individual’s public key. Thus users must trust the public key of a CA.

• A certificate authority is a chain of certificates starting with the root certification authority IPRA (Internet Policy Registration Authority)

• Root only signs certificates for policy creation authorities (organizations that set policies for obtaining digital certificates)

• Policy creation authorities sign digital certificates for Cas

• CA s sign digital certificates for individuals, organizations

Lecture 12-13 16

SECURE SOCKETS LAYER (SSL)

• SSL protocol developed by Netscape

• Built into web browsers and numerous other products

• When you use the Internet, the connection between you and any other point can be routed through dozens of independent systems (unauthorized people can steal confidential information, credit card numbers etc by eavesdropping)

• SSL protocol was developed to transfer information privately and securely across the Internet

• SSL is the de facto standard for encrypted and authenticated communications between clients and servers on the Internet

• Virtually all online purchases and monetary tansactions on the Internet are secured by SSL

• URL starts with https:

Lecture 12-13 17

SSL• SSL usage is not just limited to securing e-commerce transactions; other SSL

usage examples:

-financial institutions, insurance companies, B2B, private organizations

• SSL ensures that connection is private and secure by providing authentication and encryption

• Authentication confirms the server and optionally the client are who they say they are

• Encryption creates a secure ‘tunnel’ between the client and the server which prevents any unauthorized system from reading the data

• SSL-enabled clients: Netscape, MS Internet Explorer

• SSL-enabled servers: Apache or MS IIS

• Clients and Servers confirm each other’s identities using digital certificates which are issued by CA.

Lecture 12-13 18

SSL• SSL is comprised of two protocols:

1. Handshake Protocol: (key exchange)

2. Record Protocol (bulk data transfer)

Lecture 12-13 19

SSL- Handshake Protocol

1. Authenticates the server to the client (optionally the client to the server) using public-key encryption (asymmetric) techniques

2. Allows client and server to negotiate the cipher suite to be used

3. Allows the client and the server to generate symmetric session keys

4. Establishes the encrypted session

• Once key exchange is complete, client and server use symmetric session keys to encrypt all communication between them (SSL Record Protocol)

• Symmetric encryption algorithm such as DES or RC4 is used.

Lecture 12-13 20

SSL Negotiation Steps1. Initially request for SSL session comes from the browser to the web server

2. Web server sends the browser its digital certificate (contains info about the server and server’s public key)

3. Browser verifies that certificate is valid and that a CA listed in the client’s list of trusted CA’s issued it. Browser also checks expiration date and web server domain name

4. Once browser has determined that the server certificate is valid, browser generates a 48-byte master secret. This master secret is encrypted using server’s public key and is then sent to the Web server

5. Web server receives the encrypted master secret from the browser and decrypts it using the server’s private key

6. Both web server and the browser have the same secret key

7. Communicate securely by encrypting data using symmetric technique

Lecture 12-13 21

SSL Negotiation StepsSSL Negotiation Steps

Lecture 12-13 22

• SSL sits on top of TCP at the transport layer

• SSL operates independently and transparently of other protocols so it will work with any application layer and transport layer protocol

• This allows clients & servers to establish secure SSL connections w/o requiring knowledge of other party’s code