CS 898n - Lecture 16

advertisement
CS 898N – Advanced World Wide
Web Technologies
Lecture 17: Security and
E-Commerce
Chin-Chih Chang
chang@cs.twsu.edu
SSL
• SSL (Secure Socket Layer) is a client/server
security scheme.
• SSL runs in a layer between HTTP and
TCP/IP. This means two things:
– HTTP data will continue to go back and forth
but at some point it will become encrypted.
– The SSL protocol protocol will perform the
encryption and decryption in a manner
completely transparent to the user.
SSL in E-commerce
Browser (Client)
Server
Client-Hello
includes cipher list
Server-Hello
includes cipher list
Server Data
Pre-master key generation
encrypted
PRE-MASTER KEY
Client Data +
Pre-master key
Master key generation
Master key generation
Session key generation
Session key generation
encrypted
Secure session begins
Secure session begins
SSL
• Documentation on the SSL protocol can be
found in many places, specifically on the
Netscape, Microsoft, and RSA sites.
• The first thing is the client issues a ClientHello message. This includes a list of
ciphers supported by the client.
• The server responds with a Server-Hello
message, sending back a list of ciphers
compatible with the client and the server’s
digital certificate which contains the
server’s public key.
SSL
• At this time, the client may take steps of
validating the server’s certificate. Later the
server may apply the same validating
procedure.
• As part of the Server-Hello the client
accepts the information from the server,
which includes a piece of random data to be
used in the process of creating a pre-master
key.
SSL
• The piece of data used is in cryptographic
terms called the nonce (“the number n used
only once”) and is typically the session ID
number sent by the server.
• The client computes the pre-master key and
sends this to the server encoded to the
public key in the server’s digital certificate.
• The server and client then separately go
through a standard key generation process
to create a pair of session keys.
SSL
• Because these keys are generated in secret
and are valid only for the current session,
and because symmetric ciphering is faster,
the symmetric keys are used.
• Once this process is completed, the secure
session can now get underway. If anything
goes wrong, the client and server go out of
communication.
• To configure security for an e-commerce
site, you have to choose the level of
security.
Encryption Options
• There are two types of algorithms at work:
those for key generation and those for
encryption.
• Key generation algorithms work differently
for Public Key and Secret Key
Cryptography.
• The two popular algorithms implemented
by PGP in Public/Private key pair
generation are RSA and Diffie-Hellman.
Encryption Options
• In Secret Key generation, RC2, RC4, DES, and
Triple-DES are used.
• Encryption algorithms implemented by PGP
include CAST, IDEA, and Triple-DES.
• Secret key encryption algorithms are
combined with their key generation
methods.
• The common algorithm that Public and
Secret Key Cryptography uses is TripleDES.
Encryption Options
• Public Key Cryptography algorithms are
used for e-mail, digital signatures, and
digital certificate authentication.
• Public Key Cryptography algorithms are not
really used for e-commerce security.
• Secret Key Cryptography algorithms have
very specific parameters that are totally
relevant to e-commerce.
Encryption Options
• RSA is a “public key cryptosystem” that
defines both key pair generation and
message encryption.
• RSA was invented by Ron Rivest, Adi
Shamir, and Leonard Adleman. RSA is a
patented and licensed technology.
• RC2, RC4, and RC5 were designed to be
faster, more secure, and an exportable
replacement for DES.
Encryption Options
• RC means either Rivest’s Cipher or Ron’s
Code.
• DES stands for Data Encryption Standard
and came out of IBM.
• DES became a U.S. Department of Defense
standard and export of the technology was
severely restricted.
• DES is scheduled to be replaced by a more
sophisticated algorithm - AES.
Encryption Options
• One of the interim solutions to the weaken
status of DES is an enhanced version of
DES - Triple-DES.
• DES is patented by IBM but IBM has
placed it in the public domain.
• Diffe-Hellman was invented by Diffie and
Hellman and is a key agreement protocol.
It only defines how users can exchange
secret keys over a public medium.
Encryption Options
• IDEA (International Data Encryption
Algorithm), SAFER (Secure and Fast
Encryption Routines), CAST (Carlisle
Adams and Stafford Tavares), and Blowfish
are all newer encryption algorithms of the
1990s.
• For more information, check these sites:
www.rsa.com
Message Authentication Options
• Message authentication is the task of
verifying that the message has not been
altered and uses a hash algorithm to produce
a digital signature.
• There are two of these algorithms used in
the SSL protocol: MD5 (Message Digest 5)
by Ron Rivest and SHA (Secure Hash
Algorithm) by NIST (National Institute of
Standards and Technology), a division of
the U.S. Department of Commerce.
Security Options in SSL
• When we look at security options we are
looking at defining how hard it will be to
crack a certain code.
• The longer the key is, the harder the code
will be to crack. This is a central theme in
Internet security for two reasons:
– Keys used in Public Key Cryptography must
be longer than those used in Secret Key
Cryptography.
Security Options in SSL
– The restrictions that U.S. Government export
laws put on cryptographic software force
servers processing secure transactions for
clients to support a dual standard.
• The new Internet Engineering Task Force
(IETF) standard called Transport Layer
Security (TLS) is based on SSL. This was
recently published as an IETF InternetDraft, The TLS Protocol Version 1.0.
Netscape products will fully support TLS.
Cracking a Cipher
• The argument as to which cipher to use
depends on statistics, experience, and
periodic attempts by cryptoanalysis to break
certain codes.
40
• Statistically, a 40-bit key gives 2 , or a little
more than 1 trillion possible combination. A
56-bit key gives 72 quadrillion. A 128-bit
38
key gives 3 x 10 possible keys.
• A 128-bit key is considered adequate for
commercial security.
Cracking a Cipher
• In early 1997 RSA labs offered a challenge:
Anyone who could break the 56-bit DES
code would receive a $10,000 prize.
• A group of Internet users responded to the
challenge and broke a DES code in three
months.
• They did this by writing a client program
that participants could download. During
the project, over 78,000 computers
participated in the project.
Cracking a Cipher
• In the three months of testing, a total of less
than half of all the possible 72 quadrillion
key combinations were tested before
someone came up with the winning number.
• This type of attempt, trying all possible
combinations, is called an exhaustive key
search or brute-force attack.
• Using improved techniques, the 56-bit DES
code can be broken in shorter time.
Cracking a Cipher
• It is concluded that 40-bit keys are
worthless.
• To break a 128-bit key would put us off
effectively forever.
• As a rough comparison, a 40-bit secret key
is considered equal to a 512-bit public key.
This is main reason public key processing
takes much longer.
• This is some informative site: www.eff.org
SET (Secure Electronic
Transaction)
• SET (Secure Electronic Transaction) was
developed by Visa and MasterCard as a
method to increase security specifically for
e-commerce purposes.
• SET uses all the tools SSL does: public and
secret key encryption, digital signatures,
and digital certificates.
• SET™ relies on cryptography and digital
certificates to ensure message
confidentiality and security.
SET (Secure Electronic
Transaction)
• Message data is encrypted using a randomly
generated key that is further encrypted
using the recipient's public key.
• This is referred to as the "digital envelope"
of the message and is sent to the recipient
with the encrypted message.
• The recipient decrypts the digital envelope
using a private key and then uses the
symmetric key to unlock the original
message.
SET (Secure Electronic
Transaction)
• Software developed to the Specification
must perform at least the following
functions:
– Create a digital signature using distinct key
pairs;
– Generate a dual signature used to link an order
message to another component;
– Verify the digital signature.
• For more information about SET, check
www.setco.org.
Navigator Security
• To get the Navigator security screen, select
the Communicator menu, Tools item,
Security Info tab or just click on the
Security icon on the toolbar.
• Navigator supports a standard cryptography
package called PKCS #11.
• PKCS stands for Public Key Cryptography
Standard which is published by RSA
Laboratories.
Navigator Security
• PKC#11 is a specification for an API for
cryptography and is also called Cryptoki,
which is pronouced “crypto-key”. Cryptokey is short for cryptographic token
interface.
• Cryptoki supports all the current
cryptographic standards.
Explorer Security
• To view security information for the Web
page currently loaded in Explorer, click the
File menu, Properties item, and
Certificates button.
• The advanced security settings for Explorer
show that it supports SSL 2.0 and 3.0, and
TLS 1.0.
• A document in the Microsoft library states
that Explorer and Navigator both support
PKCS#7.
Explorer Security
• PKCS#7, according to RSA, is a general
syntax for cryptographic enhancements.
• Microsoft also offers PCT security, its own
version of SSL called Private
Communications Technology.
• PCT has been superseded by SSL 3.0 and
TLS. It is there for backward compatibility.
Accepting Electronic Payments
• A four-step Internet ordering scheme for
those with their own bank account is
illustrated as below:
– The customer submits the CGI form to the
merchant’s Web server, secure or not.
– The CGI script generates an e-mail to the
merchant, with or without PGP encryption.
– The CGI script transfers the customer to an
acknowledgement page.
Accepting Electronic Payments
– The merchant processes the credit cards
offline, using a separate computer program,
card reader with numeric keypad by filling out
paper slips.
• The full-service e-commerce Web site, more
commonly called a storefront, will have a
sequence of several Web pages to process
the customer’s order:
– One or more pages for building the list of
goods to buy,
Accepting Electronic Payments
–
–
•
•
a different page to process each different type
of possible payment,
a thank you or acknowledgment page.
If the product can be downloaded
immediately, then the customer is routed
the fulfillment area.
A complete storefront work flow is shown
below:
1. The customer submits the completed order
form to merchant server.
Accepting Electronic Payments
2. The merchant server encrypts the payment
information and sends it to a server run by an
electronic payment processing company.
3. The payment processing server relays the
encrypted payment information to a server
that can verify the customer’s payment
information.
4. The customer’s bank server accepts or
declines the transaction.
Accepting Electronic Payments
5. If accepted, the payment processing server
routes the payment information to a server
that can deposit the electronic payment into
the merchant’s bank account.
6. The payment processing server also relays the
results of the payment request to the
merchant’s Web server so the order can
processed or declined.
7. The merchant’s Web server e-mails the results
of a successful transaction to the merchant.
Accepting Electronic Payments
8. The merchant’s Web server generates a page
that tells a page that tells the customer if his
or her payment was accepted or declined.
•
•
•
CyberCash is a digital payment processing
service.
To use Cybercash, you need a merchant
account. You can establish an account
with Cybercash.
CyberCash's Internet payments business
was recently acquired by VeriSign.
VeriSign/Cybercash
• VeriSign's Payment Processing services
provide payment connectivity over
the Internet between buyers, sellers, and the
financial networks that move money
between them.
• Their products include Payflow Link,
Payflow Pro, Commerce Site, and Payflow
Faud. For details, check
www.verisign.com/products/payment.html
Wallets
• A wallet is an application that keeps track of
the buyer’s payment information.
• The idea of a wallet is that you enter all
your credit card information in the wallet,
which can be automatically launched when
it’s time to pay for something.
• Microsoft Passport Wallet is the product
that makes it possible for you to store credit
card information and your shipping and
billing addresses in a secure, online
location.
Wallets and Digital Cash
• Only you have access to the information in
your Passport wallet.
• The first and most familiar form of digital
cash is credit cards.
• There are a lot of interesting issues about
how Digital Cash will work:
– To buy digital cash, you’d have to download it
form the bank.
– Like paper money, it would have to come in
unalterable denominations.
Digital Cash
– You’d have to have a way to make change.
– You’d have to either delete spent digital cash
from your computer or have a way to keep
track of spent and unspent digital cash files.
• There are many issues and open questions
in this field.
• For more information, refer to
www.ex.ac.uk/~RDavies/arian/emoney.html
EDI
• EDI (Electronic Data Interchange) is a
standard format for exchanging business
data.
• The standard is ANSI X12 and it was
developed by the Data Interchange
Standards Association. ANSI X12 is either
closely coordinated with or is being merged
with an international standard, EDIFACT.
EDI
• An EDI message contains a string of data
elements, each of which represents a
singular fact, such as a price, product model
number, and so forth, separated by
delimiter.
• The entire string is called a data segment.
One or more data segments framed by a
header and trailer form a transaction set,
which is the EDI unit of transmission
(equivalent to a message).
EDI
• A transaction set often consists of what
would usually be contained in a typical
business document or form. The parties who
exchange EDI transmissions are referred to
as trading partners.
• EDI (Electronic Data Interchange) has been
around since its start in the late 1980s and is
a B2B e-commerce technology.
EDI
• EDI is a very complex, hard to support
method of computerized business.
• XML/EDI development is under the way.
• XML/EDI provides a standard framework
to exchange different types of data.
• The information in a transaction is
exchanged via an Application Program
Interface (API),
Download