Web安全

整理文档很辛苦,赏杯茶钱您下走!

免费阅读已结束,点击下载阅读编辑剩下 ...

阅读已结束,您可以下载文档离线阅读编辑

资源描述

Web安全胡建斌北京大学网络与信息安全研究室E-mail:hjbin@infosec.pku.edu.cn~hjbin目录1.Web安全概述2.SSL3.SSL程序设计4.ApacheWebServer安全Web安全概述Web安全威胁及对策Web安全的特点提供双向的服务,攻击防范能力脆弱作为可视化窗口和商业交互平台,提供多种服务,事关声誉底层软件庞大,如apache约10M,历来是漏洞之最,攻击手段最多如果被攻破可能导致成为进入企业的跳板配置比较复杂Web安全的组成部分Browser安全WebServer安全Browser与WebServer之间网络通信安全Web安全方案网络层:IPSec传输层:SSL/TLS应用层:SET/SHTTP目录1.Web安全概述2.SSL3.SSL程序设计4.ApacheWebServer安全SecureSocketsLayer(SSL)SSL设计目标在Browser和WebServer之间提供敏感信息传输通道SocialSecurityNumber(SSN)CreditCard,etc提供访问控制OpenClosedSSL被设计用来使用TCP提供一个可靠的端到端安全服务,为两个通讯个体之间提供保密性和完整性(身份鉴别)SSL历史Netscape公司于1994开发SSLv2releasedin1995SSLv3alsoreleasedin1995duetobugsinv21996年IETF成立TransportLayerSecurity(TLS)committeeTLSv1wasbaseduponSSLv3Netscape、Microsoft都支持TLSv1SSL功能SSL提供四个基本功能AuthenticationEncryptionIntegrityKeyExchange采用两种加密技术非对称加密认证交换加密密钥对称加密:加密传输数据SSL功能SSL的结构SSL是独立于各种协议的常用于HTTP协议,但也可用于别的协议,如NNTP,TELNET等建立在可靠的传输协议(如TCP)基础上提供连接安全性保密性,使用了对称加密算法完整性,使用HMAC算法用来封装高层的协议SSL记录协议客户和服务器之间相互鉴别协商加密算法和密钥提供连接安全性身份鉴别,至少对一方实现鉴别,也可以是双向鉴别协商得到的共享密钥是安全的,中间人不能知道协商过程是可靠的SSL握手协议协议的使用SSL体系结构连接会话SSL基本概念连接是能提供合适服务类型的传输(在OSI分层模型中的定义)对SSL,这样的连接是对等关系连接是暂时的,每个连接都和一个会话相关连接SSL会话是指在客户机和服务器之间的关联会话由握手协议创建会话定义了一组可以被多个连接共用的密码安全参数对于每个连接,可以利用会话来避免对新的安全参数进行代价昂贵的协商会话在任意一对的双方之间,也许会有多个安全连接理论上,双方可以存在多个同时会话,但在实践中并未用到这个特性连接Vs会话会话状态参数连接状态参数各种密钥pre_master_secretmastersecretClientwriteMACsecretClientwritesecretClientwriteIVServerwriteMACsecretServerwritesecretServerwriteIVSSLHandshakeSSL握手协议报文格式ClientServer一建立安全能力ClientHelloSSLClientSSLServerPort4431.TheClientHellomessageiscomposedofa.SSLVersion(highest)thatisunderstoodbytheclient.TLSv1elseSSLv3b.KeyExchangetoidentifythemethodofexchangingkeys.RSAifnotthenD-H.c.DataEncryptiontoidentifytheencryptionmethodsavailabletotheClient.TripleDesorelseDESd.MessageDigestfordataintegrity.SHAorelseMD5e.DataCompressionmethodformessageexchangePKZiporelsegzipf.ARandomnumbertocomputethesecretkey(highest)thatisunderstoodbytheclient.TLSv1b.KeyExchangetoidentifythemethodofexchangingkeys.RSA.c.DataEncryptiontoidentifytheencryptionmethodsavailabletotheClient.DESd.MessageDigestfordataintegrity.MD5e.DataCompressionmethodformessageexchangePKZipf.ARandomnumbertocomputethesecretkey一建立安全能力DataEncryption:RC2-40RC4-128DESDES403DESIDEAFortezzaMessageDigest:MD5SHA.CipherSuiteAlternativesKeyExchange.RSAFixedDiffie-HellmanEphemeralDiffie-HellmanAnonymousDiffie-HellmanFortezzaDataCompression:PKZipWinZipgzipStuffItSSLClientSSLServerServerCertificate1.TheServerCertificatemessageiscomposedofa.TheserverIdentifierinformationb.ADigitalCertificateoftheseverinformationencryptedwiththeCAsPrivateKey.Thiscontainstheserver'sPublicKeyClientCertificateRequest1.TheClientCertificateRequestmessageiscomposedofa.TheCertificatetypetoindicatethetypeofpublickeyb.TheCertificateAuthorityisalistofdistinguishednamesofCertificateAuthoritiesacceptabletotheServerServerDoneMessage1.ThisServerDonemessagehasnoparameters.二服务器鉴别和密钥交换SSLClientSSLServerClientCertificate1.TheClientCertificatemessageiscomposedofa.TheserverIdentifierinformationb.ADigitalCertificateoftheclientinformationencryptedwiththeCAsPrivateKey1.TheClientAuthenticatestheServerwiththeCA.a.ExtractsthepublickeyoftherootsignedcertificatethatcameinstalledwiththeclientandComputesaMDoftheservercertificateinformation.b.Decryptstheservercertificate(thatwasissuedbytherootCA)thatcontainsthehashcomputedbytheCAPrivateKeyc.ComparesthecomputedhashwiththehashcontainedintheserverDigitalCertificate.2.Generatesasessionkey(psuedo-randomnumber)touseasaPre-MasterKeythen3.Encryptsthesessionkeywiththeserver’spublickey.三客户机验证和密钥交换SSLClientSSLServerClientKeyExchange1.TheClientKeyExchangemessageiscomposedofa.Theencryptedsessionkeywhichwillserveasapre-mastersecretkeyencryptedwiththeserver’spublickey.1.Boththeclientandtheserverusethepre-mastersecretkeytocomputethreeidenticalsetsofsecretkeypairsa.Thefirstpair(i.e.DES)isusedtoencryptoutgoingtrafficfromtheclienttotheserverandtodecryptincomingtraffictotheserverwhileb.Thesecondpair(i.e.HMAC)isusedtoencryptoutgoingtrafficfromtheserverandtodecryptincomingtraffictotheclientc.ThethirdpairisusedtoinitializethecipherIV(InitializationVector)Note:BoththeClientandtheServereachgeneratethreesetsofkeys三客户机验证和密钥交换SSLClientSSLServerCSSCCSSCEncryptionMACIVEncryptionMACIV密钥交换结果1.TheClientFinishmessageiscomposedofa.Theclientauthenticatestheserverwithamessageencryptedwiththenewlygeneratedsharedkeys.b.Thisvalidatestotheserverthatasecureconnectionhasbeencreated.SSLClientSSLServerClientFinishServerFinish1.TheServerFinishmessageiscomposedofa.Theserverauthenticatestheclientwithamessageencryptedwiththenewlygeneratedsharedkeys.b.Thisvalidatestotheclientthatasecureconnectionhasbeencreated.Note:theServerandclientcannowbegintousetheirsixsharedkeysforbulkdataencryptionutilizingtheSSLRecordLayerprotocol四完成SSLRecordProtocolByIntroducingSSLandCertificatesusingSSLeay-Frederick

1 / 89
下载文档,编辑使用

©2015-2020 m.777doc.com 三七文档.

备案号:鲁ICP备2024069028号-1 客服联系 QQ:2149211541

×
保存成功