Web Security II: Secure Communication with HTTPS

I. Security Goals

HTTP is an open protocol, inappropriate for secure communications.

• Goal: widespread public access to public information.
• Clear text. All HTTP messages are transmitted in clear text (a.k.a., plaintext). They can be read by anyone and are vulnerable to packet sniffers.
• Mostly anonymous access. HTTP does not require identify confirmation. In essence, anonymous access is allowed, although client domains/IP addresses may be recorded.

HTTPS is designed to support secure, private communications.

• Confidentiality through encryption of messages.
• Authentication to verify identities of communicating parties.

II. Encryption

Encryption is the process of translating a plaintext message into an encoded form, not readable by others.

A ciphertext is the result of encryption. The ciphertext can be transmitted over the network. Even if intercepted, the ciphertext is designed to be unreadable.

Decryption is the process of recovering the original plaintext message from the ciphertext.

Public Algorithms, Private Keys

Encryption generally uses public algorithms and private keys. Public algorithms are assumed to be known by everyone. Private keys are the secrets that allow senders and recipients to keep others from decrypting messages.

Why public algorithms? Secrecy can be achieved using private algorithms known only to sender and recipient. But what if the algorithm is discovered?

• It may be costly and time-consuming to replace the "broken" encryption technology with a new private algorithm.
• How do you communicate the new private algorithm?
• With public algorithms, only the secrecy of the decryption key must be maintained.
• If the key is discovered, it can quickly be replaced without investing in new encryption technology.

Symmetric vs. Public Key Algorithms

Symmetric algorithms use the same key for encryption and decryption.

• The key is a shared secret between sender and recipient.
• A separate key is required for every sender-recipient pair.
• How are keys communicated?

Public key algorithms use two keys: a public encryption key and a private decryption key.

• Anyone can encode a message to a particular recipient using that recipient's public key.
• Only the recipient can recover the plaintext using the private key.
• The private key need never be communicated.
• Only one pair of keys is needed by each recipient.
• A discovered private key can very quickly be changed by simply publishing a new public key.

Limits to Encryption

Encryption technology cannot provide a guarantee of confidentiality. The plaintext of a message may be discovered in several ways.

• Host compromise of sender system.
• Recipient's private key becomes known.
• Ciphertext is cracked through a weak algorithm or short key.

III. Authentication

Digital Signatures

A digital signature is used to secure the authenticity of a document.

• A checksum or message digest is computed for the document.
• The checksum is encrypted with the author's private key.
• The document is signed by appending the encrypted checksum to document.
• The authenticity of a document can be computing the document checksum and comparing this with the result of decrypting the signature with the author's public key.

But how do we know that we have the right public key for an author, i.e., it is not a fake?

Digital Certificates

A digital certificate is a record that establishes the identity of a party to a communication (e.g., author of a document).

• Certificates identify the certificate owner (subject) and the owner's public key.
• Certificate authorities are trusted third parties that issue certificates.
• A digital signature for the certificate is computed using the certificate authority's private key.
• Verifying the identity and public key of a large number of potential correspondents is reduced to verifying the identity and public keys of a smaller number of certificate authorities.

IV. SSL/TSL: Secure Sockets Layer/Transport Layer Security

SSL (Secure Sockets Layer) 3.0 is the current widely deployed protocol used for providing a secure communications layer for HTTP, as developed by Netscape.

TLS (Transport Layer Security) is the standards-track IETF protocol based on SSL. TLS 1.0 is essentially the successor to SSL 3.0.

SSL/TLS is a layer on top of TCP/IP, below application level protocols.

HTTP over SSL/TLS is known as HTTPS.

Normally, HTTPS service listen on port 443, while HTTP defaults to port 80. Both types of service may be running on a single server.

The Handshake

The handshake is the key process for a client and server to exchange authentication and encryption information under SSL or TLS.

1. Establish identity of server.
2. Develop a shared encryption key that can be used to exchange messages, called the session key.

• Client: Hello, here is a list of encryption algorithms I know.
• Server:
  • Hello, here is the algorithm I chose from your list.
  • Also, here is my certificate and public key.
• Client examines certificate and makes sure that it is signed by a known certificate authority.
• Client: OK, here is the premaster secret encrypted with your public key.
• Now both client and server can use the premaster secret to compute the session key: the encryption key for subsequent messages.
• Client: [encrypted] I'm finished with the handshake.
• Server: Got it, an encrypted reply is next.
• Server: [encrypted] I'm finished with the handshake.
• All subsequent messages are encrypted.

Essentially, SSL consists of two phases corresponding to two subprotocols. The SSL Handshake Protocol governs the first phase to establish secure communication. Subsequently, all messages are encrypted and exchanged using the SSL Record Protocol.