General Computer Science 320201 GenCS I & II Lecture ... - Kwarc
General Computer Science 320201 GenCS I & II Lecture ... - Kwarc
General Computer Science 320201 GenCS I & II Lecture ... - Kwarc
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
on a UNIX system, you can create a certificate (and associated private key) e.g. with<br />
openssl ca -in req.pem -out newcert.pem<br />
c○: Michael Kohlhase 386<br />
Building on the notion of a public key certificate, we can build secure variants of the applicationlevel<br />
protocols. Of course, we could do this individually for every protocol, but this would duplicate<br />
efforts. A better way is to leverage the layered infrastructure of the Internet and build a generic<br />
secure transport-layer protocol, that can be utilized by all protocols that normally build on TCP<br />
or UDP.<br />
Building Security in to the WWWeb Infrastructure<br />
Idea: Build Encryption into the WWWeb infrastructure (make it easy to use)<br />
Secure variants of the application-level protocols that encrypt contents<br />
Definition 582 Transport layer security (TLS) is a cryptographic protocol that encrypts<br />
the segments of network connections at the transport layer, using asymmetric cryptography<br />
for key exchange, symmetric encryption for privacy, and message authentication codes for<br />
message integrity.<br />
TLS can be used to make application-level protocols secure.<br />
c○: Michael Kohlhase 387<br />
Let us now look at bit closer into the structure of the TLS handshake, the part of the TLS protocol<br />
that initiates encrypted communication.<br />
A TLS Handshake between Client and Server<br />
Definition 583 A TLS handshake authenticates a server and provides a shared key for<br />
symmetric-key encryption. It has the following steps<br />
1. Client presents a list of supported encryption methods<br />
2. Server picks the strongest and tells client (C/S agree on method)<br />
3. Server sends back its public key certificate (name and public key)<br />
4. Client confirms certificate with CA (authenticates Server if successful)<br />
5. Client picks a random number, encrypts that (with servers public key) and sends it to<br />
server.<br />
6. Only server can decrypt it (using its private key)<br />
7. Now they both have a shared secret (the random number)<br />
8. From the random number, both parties generate key material<br />
Definition 584 A TLS connection is a transport-layer connection secured by symmetric-key<br />
encryption. Authentication and keys are established by a TLS handshake and the connection<br />
is encrypted until it closes.<br />
c○: Michael Kohlhase 388<br />
The reason we switch from public key to symmetric encryption after communication has been<br />
initiated and keys have been exchanged is that symmetric encryption is computationally more<br />
efficient without being intrinsically less secure.<br />
But there is more to the integration of encryption into the WWWeb, than just enabling secure<br />
transport protocols. We need to extend the web servers and web browsers to implement the<br />
secure protocols (of course), and we need to set up a system of certification agencies, whose public<br />
222