04/24/06
HTTP Fundamentals
RFC 1945 HTTP 1.0 RFC 2616 HTTP 1.1 RFC 2396 URL/URI syntax www.w3.org - World Wide Web Consortium (W3C) - Check this site regularly
04/24/06
Tim Berners-Lee
HTTP Fundamentals
Traditional Client/Server Model Listens on port 80 Glorified FTP server HTTP transmits resources rather than files Universal Resource Locator (URL) a subset of URI
Hofstra University Network Security Course, CSC290A
04/24/06
HTTP Fundamentals
A request line has three parts, separated by spaces: a method name, the local path of the requested resource, and the version of HTTP being used.
GET /path/to/file/index.html HTTP/1.0
HTML Fundamentals
<h1>An important heading</h1> <h2>A slightly less important heading</h2> <p>This is the first paragraph.</p> <p>This is the second paragraph.</p> This is a really <em>interesting</em> topic!
04/24/06 Hofstra University Network Security Course, CSC290A 6
HTML Fundamentals
04/24/06
04/24/06
04/24/06
12
04/24/06
14
SSL Origins
Originated by Netscape Competed with SHTTP Version 3 became Internet draft TLS (Transport Layer Security) is an attempt to develop a common standard SSLv3.1 = TLS
04/24/06 Hofstra University Network Security Course, CSC290A 15
SSL Architecture
Depends on TCP for end-to-end reliability Two layers of protocols: SSL Record Protocol basic security services to higher layers Three higher layer protocols used in the management of SSL exchanges
04/24/06 Hofstra University Network Security Course, CSC290A 16
04/24/06
17
SSL Architecture/Concepts
Connection peer-to-peer relationships in the transport layer. Every connection is associated with one session Session an association between a client and a server created by the Handshake Protocol
Define a set of cryptographic security parameters, which can be shared among multiple connections Avoid the expensive negotiation of new security parameters for each connection
04/24/06 Hofstra University Network Security Course, CSC290A 18
SSL Statefullness
Multiple secure connections in a session Number of states associated with each session Current operating state for read and write (receive and send) Pending read and write states created during Handshake Protocol
04/24/06 Hofstra University Network Security Course, CSC290A 19
Session State
Session identifier arbitrary byte sequence chosen by the server Peer certificate X.509.v3 digital certificate of peer; may be null Compression method Cipher spec algorithms used (AES, MD5) Master secret 48 byte shared key Is resumable session can be used to initiate new connections
04/24/06 Hofstra University Network Security Course, CSC290A 20
Connection State
Server and client random byte sequences chosen for each connection Server/Client write MAC secret secret key used in MAC operations on data sent by the server/client Server/Client write key conventional encryption key Initialization vectors needed for CBC mode Sequence numbers separate for xmit & recv
04/24/06 Hofstra University Network Security Course, CSC290A 21
04/24/06
22
optional
04/24/06
23
04/24/06
24
Recall: HMAC
Effort to develop a MAC derived from a cryptographic hash code Executes faster in software No export restrictions Relies on a secret key RFC 2104 list design objectives Used in IPsec
04/24/06 Hofstra University Network Security Course, CSC290A 25
HMAC Structure
Message, M
secret key By passing Si and So through the hash algorithm, we have pseudoradomly generated two keys from K.
output
04/24/06
26
04/24/06
27
04/24/06
30
Content Types
Four types: Change Cipher Spec simplest protocol consists of a single byte message that causes the pending state to be copied into the current state which updates cipher suite to be used 1 byte
1
Change Cipher Spec Protocol
04/24/06 Hofstra University Network Security Course, CSC290A 31
Content Types
Four types: Alert 2 byte protocol used to convey SSL related alerts to the peer entity. 1st byte is either a warning or fatal, which terminates the connection. 2nd byte indicates specific alert
1 byte 1 byte
level alert
Alert Protocol
04/24/06 Hofstra University Network Security Course, CSC290A 32
Content Types
Four types: Application Data this is opaque data to SSL. No distinction made among the various applications
u1 byte
opaque content
Other upper-layer protocol (e.g., HTTP)
04/24/06
33
Content Types
Four types: Handshake allows server and client to authenticate each other and negotiate and encryption and MAC algorithm. Used before any application data is transmitted. Consists of a series of messages
1 byte 3 bytes
u0 bytes
type
length
content
Handshake Protocol
04/24/06 Hofstra University Network Security Course, CSC290A 34
04/24/06
35
Phase 2
Phase 3
Phase 4
04/24/06
36
Handshake Protocol
04/24/06
37
04/24/06
40
Completes the setting up of a secure connection Client sends a change_cipher_spec message and copies the pending CipherSpec into the current CipherSpec Client sends finished message under the new algorithm, keys and secrets In response to these two messages, the server does the same Handshake is complete and the client and server may begin to exchange application layer data
04/24/06 Hofstra University Network Security Course, CSC290A 41
Cryptographic Computations
Master Secret Creation two stages: pre-master-secret exchange (RSA or Diffie-hellman) and master secret computation by both sides Generation of Cryptographic Parameters the master-secret is a seed value for functions that generate the client/server MAC secret, keys, and IV
04/24/06 Hofstra University Network Security Course, CSC290A 42
04/24/06
43
Digital Watermarks
Watermark
04/24/06
45
Digital Watermarks
Complements the cryptographic processes Visible or invisible identification code that is permanently embedded in the multimedia data Removal of the watermark is virtually impossible Composed of a bit pattern distributed throughout the data based on noise theory Causes no visual aural degradation of the image
04/24/06 Hofstra University Network Security Course, CSC290A 46
Jessica Fridrich
Inventor of the most commonly used method for speed-solving the Rubik's Cube, better known as speedcubing. Specialist in all aspects of watermarking for authentication and tamper detection, self-embedding, robust watermarking, steganography and steganalysis, forensic analysis of digital images (detection of forgeries), advanced image processing and encryption techniques http://www.ws.binghamton.edu/fridrich/
04/24/06
47
Important URLs
http://docs.sun.com/source/816-615610/contents.htmIntroduction to SSL
from
http://www.forensics.nl/digital-watermarking
Homework
Read Chapter Seven (7.1 & 7.2) Submit topic for term paper by next week
04/24/06
49
SET Transactions
04/24/06
B o m t: T t c thng tin
Tin c y: Cc bn tham gia truy n thng ph i c ch ng ch s Ring t : Thng tin ch khi c n thi t. c cung c p
04/24/06
SET Transactions
Khch hng m ti kho n t i m t nh cung c p d ch v th tn d ng (MasterCard, Visa, etc.) Khch hng nh n c 1 ch ng ch s c k b i ngn hng. Nh cung c p ( n v ch p nh n lo i th c a khc hng) s h u 2 ch ng ch s : M t k v m t trao i kha. Khch hng ti n hnh t hng m t s hng ha ho c d ch v c a nh cung c p. Nh cung c p g i ch ng ch s xc minh. Hofstra University Network 04/24/06
Security Course, CSC290A
SET Transactions
Khch hng g i thng tin t hng v thng tin thanh ton cho nh cung c p. Nh cung c p yu c u ki m ch ng thng tin thanh ton t i ngn hng tr c khi chuy n hng cho khch. Nh cung c p xc nh n n t hng v chuy n hng cho khch hng. Nh cung c p yu c u thanh ton t ngn hng.
04/24/06
04/24/06
Ch
K t n i 2 b n tin 1 cch an ton, nh ng ch cho php m i bn c th c thng tin dnh cho mnh. MESSAGE 1 MESSAGE 2
HASH 1 & 2 WITH SHA GHP 2 M HASH
k kp (dual signature)
DIGEST 1
DIGEST 2
T O M HASH M I B NG SHA
04/24/06
Nh cung c p khng c n bi t s th tn d ng Ngn hng khng c n bi t thng tin t hng. S lin k t gi a 2 thng tin l c n thi t xc nh n s ti n thanh ton l cho n t hng ny (trnh vi c l i d ng b t h p php).
04/24/06 Hofstra University Network Security Course, CSC290A
T o ch
k kp trong SET
Cc b c: Take the hash (SHA-1) of the payment and order information. These two hash values are concatenated [H(PI) || H(OI)] and then the result is hashed. Customer encrypts the final hash with a private key creating the dual signature. DS = EKRC [ H(H(PI) || H(OI)) ]
04/24/06 Hofstra University Network Security Course, CSC290A
Nh cung c p xc minh ch
Nh cung c p c kha public c a khch hng thng qua ch ng ch s . Nh cung c p tnh 2 gi tr H(PIMD || H(OI)) DKUC[DS] Hai gi tr ny ph i b ng nhau
04/24/06
Ngn hng c thng tin v ch k, PI, v m hash c a OI (OIMD) v kha public c a khch hng. Ngn hng c th tnh v so snh: H(H(PI) || OIMD) DKUC [ DS ]
04/24/06
t hng
The cardholder generates a one-time symmetric encryption key, KS,
04/24/06
04/24/06
04/24/06
04/24/06
65
3-D Secure
3-D Secure is a XML-based protocol to allow authentication of cardholders of credit card companies in ePayment transactions. The protocol was developed by Visa and was adopted under the names Verified By Visa and Mastercard Secure Code. Visa 3-D Secure Payment Program
04/24/06
67