網(wǎng)絡(luò)安全導(dǎo)論 課件 第十章 安全通信2_第1頁
網(wǎng)絡(luò)安全導(dǎo)論 課件 第十章 安全通信2_第2頁
網(wǎng)絡(luò)安全導(dǎo)論 課件 第十章 安全通信2_第3頁
網(wǎng)絡(luò)安全導(dǎo)論 課件 第十章 安全通信2_第4頁
網(wǎng)絡(luò)安全導(dǎo)論 課件 第十章 安全通信2_第5頁
已閱讀5頁,還剩47頁未讀, 繼續(xù)免費(fèi)閱讀

下載本文檔

版權(quán)說明:本文檔由用戶提供并上傳,收益歸屬內(nèi)容提供方,若內(nèi)容存在侵權(quán),請進(jìn)行舉報(bào)或認(rèn)領(lǐng)

文檔簡介

第十章安全通信(2)SMUCSE5349/49上一次課的內(nèi)容密鑰如何分配

對稱加密用的密鑰

——三種辦法非對稱加密中的公鑰

——證書一種辦法SMUCSE5349/49上一次課的內(nèi)容Deffie-Hellman協(xié)議

SMUCSE5349/49上一次課的內(nèi)容數(shù)字證書SMUCSE5349/49本講的主要內(nèi)容“支付寶”是如何保障安全的?“支付寶”使用的安全協(xié)議SSL(TLS)。比SSL更安全協(xié)議“支付寶”為什么不用?今天課程用到的知識對稱加密公鑰加密與簽名MAC=H(k,M)加密密鑰與認(rèn)證密鑰要分開課后要完成的作業(yè)Page198:3,4Page215:5,6SMUCSE5349/491支付寶是如何保障安全的?SMUCSE5349/49出現(xiàn)登錄界面后,瀏覽器與服務(wù)器之間已經(jīng)完成的工作如下:

服務(wù)器已經(jīng)提交了數(shù)字證書并被瀏覽器驗(yàn)證完畢.一套密碼套件已經(jīng)協(xié)商完畢,48字節(jié)的預(yù)主密鑰已經(jīng)傳送.服務(wù)器用443端口通信,SSL握手協(xié)議已經(jīng)完成,包括一個(gè)會話已經(jīng)建立,一個(gè)連接中的加密密鑰與MAC密鑰已經(jīng)算出。SMUCSE5349/49:

之后的通信內(nèi)容全是加密的SMUCSE5349/492“支付寶”使用的安全協(xié)議SSL/TLSSMUCSE5349/7349LayersofSecuritySMUCSE5349/7349SSLHistoryEvolvedthroughUnreleasedv1(Netscape)Flawed-but-usefulv2Version3fromscratchStandardTLS1.0,TLS1.2SSL3.0withminortweaks,henceVersionfieldis3.1DefinedinRFC2246,/rfc/rfc2246.txtOpen-sourceimplementationat/SMUCSE5349/7349OverviewEstablishasessionAgreeonalgorithmsSharesecretsPerformauthenticationTransferapplicationdataEnsureprivacyandintegritySMUCSE5349/7349ArchitectureRecordProtocoltotransferapplicationandTLSinformationAsessionisestablishedusingaHandshakeProtocolTLSRecordProtocolHandshakeProtocolAlertProtocolChangeCipherSpecSMUCSE5349/7349Architecure(cont’d)HANDLESCOMMUNICATIONWITHTHEAPPLICATIONProtocolsINITIALIZESCOMMUNCATIONBETWEENCLIENT&SERVERINITIALIZESSECURECOMMUNICATIONHANDLESDATACOMPRESSIONERRORHANDLINGSMUCSE5349/7349HandshakeNegotiateCipher-SuiteAlgorithmsSymmetricciphertouseKeyexchangemethodMessagedigestfunctionEstablishandsharemastersecretOptionallyauthenticateserverand/orclientSMUCSE5349/7349HandshakePhasesHellomessagesCertificateandKeyExchangemessagesChangeCipherSpecandFinishedmessagesSMUCSE5349/7349SSLMessagesOFFERCIPHERSUITEMENUTOSERVERSELECTACIPHERSUITESENDCERTIFICATEANDCHAINTOCAROOTCLIENTSIDESERVERSIDESENDPUBLICKEYTOENCRYPTSYMMKEYSERVERNEGOTIATIONFINISHEDSENDENCRYPTEDSYMMETRICKEYSOURCE:THOMAS,SSLANDTLSESSENTIALSACTIVATEENCRYPTIONCLIENTPORTIONDONE(SERVERCHECKSOPTIONS)ACTIVATESERVERENCRYPTIONSERVERPORTIONDONE(CLIENTCHECKSOPTIONS)NOWTHEPARTIESCANUSESYMMETRICENCRYPTIONSMUCSE5349/7349ClientHelloProtocolversionSSLv3(major=3,minor=0)TLS(major=3,minor=1)RandomNumber32bytesFirst4bytes,timeofthedayinseconds,other28bytesrandomPreventsreplayattackSessionID32bytes–indicatestheuseofpreviouscryptographicmaterialCompressionalgorithmSMUCSE5349/7349ClientHello-CipherSuitesINITIAL(NULL)CIPHERSUITEPUBLIC-KEYALGORITHMSYMMETRICALGORITHMHASHALGORITHMCIPHERSUITECODESUSEDINSSLMESSAGESSSL_NULL_WITH_NULL_NULL={0,0}SSL_RSA_WITH_NULL_MD5={0,1}SSL_RSA_WITH_NULL_SHA={0,2}SSL_RSA_EXPORT_WITH_RC4_40_MD5={0,3}SSL_RSA_WITH_RC4_128_MD5={0,4}SSL_RSA_WITH_RC4_128_SHA={0,5}SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5={0,6}SSL_RSA_WITH_IDEA_CBC_SHA={0,7}SSL_RSA_EXPORT_WITH_DES40_CBC_SHA={0,8}SSL_RSA_WITH_DES_CBC_SHA={0,9}SSL_RSA_WITH_3DES_EDE_CBC_SHA={0,10}

SMUCSE5349/7349ServerHelloVersionRandomNumberProtectsagainsthandshakereplaySessionIDProvidedtotheclientforlaterresumptionofthesessionCiphersuiteUsuallypicksclient’sbestpreference–NoobligationCompressionmethodSMUCSE5349/7349CertificatesSequenceofX.509certificatesServer’s,CA’s,…X.509CertificateassociatespublickeywithidentityCertificationAuthority(CA)createscertificateAdherestopoliciesandverifiesidentitySignscertificateUserofCertificatemustensureitisvalidSMUCSE5349/7349ValidatingaCertificateMustrecognizeacceptedCAincertificatechainOneCAmayissuecertificateforanotherCAMustverifythatcertificatehasnotbeenrevokedCApublishesCertificateRevocationList(CRL)SMUCSE5349/7349ClientKeyExchangePremastersecretCreatedbyclient;usedto“seed”calculationofencryptionparameters2bytesofSSLversion+46randombytesSentencryptedtoserverusingserver’spublickeyThisiswheretheattackhappenedinSSLv2SMUCSE5349/7349ChangeCipherSpec&

FinishedMessagesChangeCipherSpecSwitchtonewlynegotiatedalgorithmsandkeymaterialFinishedFirstmessageencryptedwithnewcryptoparametersDigestofnegotiatedmastersecret,theensembleofhandshakemessages,senderconstantHMACapproachofnestedhashingSMUCSE5349/7349SSLEncryptionMastersecretGeneratedbybothpartiesfrompremastersecretandrandomvaluesgeneratedbybothclientandserverKeymaterialGeneratedfromthemastersecretandsharedrandomvaluesEncryptionkeysExtractedfromthekeymaterialSMUCSE5349/7349GeneratingtheMasterSecret

SOURCE:THOMAS,SSLANDTLSESSENTIALSSERVER’SPUBLICKEYISSENTBYSERVERINServerKeyExchangeCLIENTGENERATESTHEPREMASTERSECRETENCRYPTSWITHPUBLICKEYOFSERVERCLIENTSENDSPREMASTERSECRETINClientKeyExchangeSENTBYCLIENTINClientHelloSENTBYSERVERINServerHelloMASTERSECRETIS3MD5HASHESCONCATENATEDTOGETHER=384BITSSMUCSE5349/7349GenerationofKeyMaterialSOURCE:THOMAS,SSLANDTLSESSENTIALSJUSTLIKEFORMING

THEMASTERSECRETEXCEPTTHEMASTERSECRETISUSEDHEREINSTEADOFTHEPREMASTERSECRET...SMUCSE5349/7349ObtainingKeysfromtheKeyMaterial

SOURCE:THOMAS,SSLANDTLSESSENTIALSSECRETVALUESINCLUDEDINMESSAGEAUTHENTICATIONCODESINITIALIZATIONVECTORSFORDESCBCENCRYPTIONSYMMETRICKEYSSMUCSE5349/7349SSLRecordProtocolSMUCSE5349/7349RecordHeaderThreepiecesofinformationContenttypeApplicationdataAlertHandshakeChange_cipher_specContentlengthSuggestswhentostartprocessingSSLversionRedundantcheckforversionagreementSMUCSE5349/7349Protocol(cont’d)Max.recordlength214–1MACDataHeadersSequencenumberTopreventreplayandreorderingattackNotincludedintherecordSMUCSE5349/7349AlertsandClosureAlerttheothersideofexceptionsDifferentlevelsTerminateandsessioncannotberesumedClosurenotifyTopreventtruncationattack(sendingaTCPFINbeforethesenderisfinished)SMUCSE5349/7349SSLSessionsSessionsvs.ConnectionsMultipleconnectionswithinasessionsOnenegotiation/sessionSessionResumptionThroughsessionIDsClientsuseserverIPaddressornameasindexServersusethesessionIDsprovidebytheclientsUseofrandomnumbersinresumedsessionkeycalculationensuresdifferentkeysSessionRe-handshakeClientcaninitiateanewhandshakewithinasessionUseofServerGatedCryptography(SGC)foraddedsecuritySMUCSE5349/7349SSLOverhead2-10timesslowerthanaTCPsessionWheredowelosetimeHandshakephaseClientdoespublic-keyencryptionServerdoesprivate-keyencryption(stillpublic-keycryptography)UsuallyclientshavetowaitonserverstofinishDataTransferphaseSymmetrickeyencryptionSMUCSE5349/7349SSLApplicationsHTTP–originalapplicationSecuremailServertoclientconnectionSMTP/SSL?Telnet,ftp..Resources:/related/apps.htmlSMUCSE5349/493“支付寶”為什么不用更安全的協(xié)議?SMUCSE5349/49WTLSSMUCSE5349/7349WAPGatewayArchitectureWTLSHTTP/SSLHTTP/SSLWirelessGatewayApplicationServersSMUCSE5349/7349WAPStackConfigurationSMUCSE5349/7349WirelessTransportLayerSecurity(WTLS)Providessecurityservicesbetweenthemobiledevice(client)andtheWAPgatewayDataintegrityPrivacy(throughencryption)Authentication(throughcertificates)Denial-of-serviceprotection(detectsandrejectsmessagesthatarereplayed)SMUCSE5349/7349WTLSProtocolStackSMUCSE5349/7349WTLSRecordProtocolTakesinfofromthenexthigherlevelandencapsulatesthemintoaPDUPayloadiscompressedAMACiscomputedCompressedmessageplusMACcodeareencryptedusingsymmetricencryptionRecordprotocoladdsaheadertothebeginningtoencryptedpayloadSMUCSE5349/734

溫馨提示

  • 1. 本站所有資源如無特殊說明,都需要本地電腦安裝OFFICE2007和PDF閱讀器。圖紙軟件為CAD,CAXA,PROE,UG,SolidWorks等.壓縮文件請下載最新的WinRAR軟件解壓。
  • 2. 本站的文檔不包含任何第三方提供的附件圖紙等,如果需要附件,請聯(lián)系上傳者。文件的所有權(quán)益歸上傳用戶所有。
  • 3. 本站RAR壓縮包中若帶圖紙,網(wǎng)頁內(nèi)容里面會有圖紙預(yù)覽,若沒有圖紙預(yù)覽就沒有圖紙。
  • 4. 未經(jīng)權(quán)益所有人同意不得將文件中的內(nèi)容挪作商業(yè)或盈利用途。
  • 5. 人人文庫網(wǎng)僅提供信息存儲空間,僅對用戶上傳內(nèi)容的表現(xiàn)方式做保護(hù)處理,對用戶上傳分享的文檔內(nèi)容本身不做任何修改或編輯,并不能對任何下載內(nèi)容負(fù)責(zé)。
  • 6. 下載文件中如有侵權(quán)或不適當(dāng)內(nèi)容,請與我們聯(lián)系,我們立即糾正。
  • 7. 本站不保證下載資源的準(zhǔn)確性、安全性和完整性, 同時(shí)也不承擔(dān)用戶因使用這些下載資源對自己和他人造成任何形式的傷害或損失。

評論

0/150

提交評論