-------------------------------------------------- ------------------ First, you must clarify the confusion of the name: 1 SSL (Secure Socket Layer) is a secure transport protocol designed by Netscape for the Web. This protocol has gained a wide range of applications on the Web. 2 IETF (www.ietf.org) made SSL standardization, namely RFC2246, called TLS (Transport Layer Security), which is technically, and TLS1.0 and SSL3.0 are very small. Since this paper does not involve the fine difference between the two, these two names in this article are equivalent. 3 In WAP environment, due to the processing and storage capacity of mobile phones and handheld devices, WAP Forum (www.wapforum.org) is simplified on the basis of TLS, which proposes a WTLS protocol (WiReless Transport Layer Security) to accommodate Wireless special environment. We know from a wide range of articles that SSL can be used for confidential transmission so that the news that we transferred between web server is "safe". How is this "safety" implementation, and can eventually achieve how to achieve how to confidential? This article hopes to clarify its implementation principles in a popular language. The Overall Structure Overview SSL is an optional layer between the HTTP protocol and TCP, its location is approximately: --------- | HTTP | --------- | SSL | --------- | TCP | --------- | IP | --------- If you use the SSL protocol to access the webpage, the steps are as follows: User: In the browser Enter https://www.sslser.com http layer in the address bar: Translate user needs into HTTP requests, such as get /dex.htm http / 1.1 host http://www.sslserver.com SSL layer: With the next protocol The channel secure negotiation has an encryption key and uses this key to encrypt the HTTP request. TCP layer: Establish a connection with the 443 port of Web Server to pass the data after SSL processing. The receiving end is opposite to this process. SSL establishes an encrypted channel on top of TCP, and the data of this layer has passed through the encryption, thus achieving a confidential effect. SSL protocol is divided into two parts: Handshake Protocol and Record Protocol ,. The Handshake Protocol is used to negotiate the key. Most of the agreement is how communication between the communications uses it to securely negotiate a key. Record Protocol defines the format of the transfer. The basic knowledge of the three needed encryption is understood that the SSL principle requires a point of encryption. Here is a simple explanation of the needs of the need: encryption is generally divided into three types, symmetrical encryption, asymmetric encryption, and one-way haveonial functions. Symmetrical encryption: a packet password and sequence password.
The packet password is to make a clear text according to a certain bit length, and the apparent group has been encrypted. The ciphertext group has been decrypted (inverse operation of the encryption operation), and is reduced to a clear text. The sequence password refers to a large number of pseudo-random streams that generate a large number of pseudo-random streams by a small amount of key (producing elements), which uses a complex calculation (cryptographic algorithm) for encryption of the expressive stream. Decryption is to refer to the same key and password algorithm and the same pseudo-random stream as encrypted, to restore the clearing stream. CPC (Cipher Block Chaining) Mode This word is often used in group passwords, which means that a plain text packet is to vary or operate before being encrypted. When the encryption algorithm is used in this mode, an initialization vector (IV) is also required to negotiate an initialization vector (IV), this IV does not make practical significance, just need to be used during the first calculation. The security of this model will be improved. A typical example of the group password is des, RC5, IDEA. A typical example of the sequence password is RC4. Public key encryption: Simply, the encryption key is different from the decryption key, distribute private key and public key. This method is mostly used for key exchange, and RSA is an example of our familiarity. There is also a commonly used called DH, which can only be used for key exchange and cannot be used to encrypt. One-way hash function: Due to the interference and human destruction of the channel itself, the information accepted may be different from the original information, and a general method is to join the check code. The one-way hash function can be used for this purpose, a typical example is the MD5 we are well known, which produces a summary of 128-bit, more in reality is the safety hash algorithm (SHA), and the earlier version of SHA Question, currently used in SHA-1, which can generate a summary of 160 bits, so it is more effective than the exhaustive attack than 128-bit hashes. Since the algorithm of one-way hash is disclosed, others can change the original text to another summary. Solving this problem can pass HMAC (RFC 2104), which contains a key, only people with the same key can identify this hash. Siki negotiation process is more slower due to symmetrical encryption, so it is generally used for key exchange, and both parties negotiate a key through the public key algorithm, and then communicate through symmetry encryption, of course, in order to ensure the integrity of the data. After encryption, you must pass through the HMAC. SSL default only for Server-end authentication, and client authentication is optional. The following is a flow chart (taken from the TLS protocol). Client Server Clienth * llo --------> Serverh * llo Certificate * ServerKeyExchange * CertificateRequest * <-------- Serverh * lloDone Certificate * ClientKeyExchange CertificateVerify * [ChangeCipherSpec] Finished ------ -> [ChangeCipherspec] <------- Finished Application Data <-------> Application Data Simply: SSL client (also TCP client) after the TCP link is established Issue a ClientH * LLO to initiate handshake, this message contains the list of algorithms you can implement and other required messages, SSL's server side responds to a ServerH * LLO, which determines the algorithm required for this communication. , Then send your own certificate (inside the identity and your own public key).
The client generates a secret message after receiving this message. After encryption with the public key of the SSL server, the SSL server is decrypted with its own private key, and the session key is successful, and the two sides can use the same session key. Communicate. The visual metaphor of the five key negotiation If the above instructions are not clear enough, here we use a metaphor of the image, we assume A and B communication, A is the SSL client, B is the SSL server, the encrypted message is placed in square brackets [] In the distinctive difference. The description of the processing operations of both parties is enclosed in parentheses (). A: I want to talk to you safely, I have the symmetrical encryption algorithm here with the DES, RC5, key exchange algorithm with RSA and DH, summary algorithm with MD5 and SHA. B: We have a combination of DES-RSA-SHA. This is my certificate, there is my name and public key, you take it to verify my identity (send the certificate to a). There is no otherthing else. A: (View if the name B. The name of the certificate is correct, and the certificate of the CA has been verified by the CA of the hand, if one is wrong, issue a warning and disconnect, this step is guaranteed B The authenticity of the public key) (a secret message, this secret message will be used as the encryption key, encrypted the initialization vector and HMAC key. This secret message is called Per_Master_secret-use B Public key encryption, encapsulated as a message called ClientKeyExchange. Due to the public key for B, it is guaranteed that the third party can't be eavesdropped) I have generated a secret message, and encrypt it with your public key, give you (send ClientKeyExchange B) Note, I will send you a message with encrypted methods! (Process the secret message, generate encryption keys, encrypt the initialization vector and HMAC key) [I have finished] B: (Decrypt the secret messages in ClientKeyExchange with your private key, then handle the secret message, Generate encryption keys, encrypts initialization vector and HMAC key, then the two sides have negotiated a set of encryption methods) Note that I also want to send you a message with encrypted methods! [I finish it] A: [My secret is ...] B: [Other people will not hear ...] Six encryption calculation Previous talked about the key negotiation, but not yet clarified how to use Encryption key, encrypting the initialization vector and the HMAC key to encrypt the message. In fact, its process is thus: 1 With the HMAC key, the submissions are handled for a safe abstract process, and then put it together with the plain text. 2 With the encryption key, encrypt the initialization vector encrypted the above message. Seven Security SecurityPortal has a article in 2000 "THE End of SSL and SSH?" I have aroused a lot of discussion, and there are currently some mature tools such as dsniff (http://www.monkey.org/~ DUGSONG/DSniff/ ) The message of HTTPS can be intercepted by the Man In The Middle Middle. From the above principle, the SSL structure is rigorous, and the problem generally appears in the actual unusual application. Common attacks are the Middle In the Middle attack. It refers to the communication between A and B communications. There is a third-party C in the middle of the channel, which can fully hear the message of A and B communication, and can intercept, replace, and add these messages. .
1 SSL can allow multiple key exchange algorithms, and some algorithms, such as DH, no certificate concept, so A will not verify that the public key and identity of the identity of B, so that C can be easily posted, with its own key Communicate with both parties, thus stealing the contents of others talking. In order to prevent the Middle In the Middle attack, a certificate-free key exchange algorithm should be used. 2 After the certificate, if c replaced the original certificate with his own certificate, a browser will pop up a warning box for warning, but how many people pay attention to this warning? 3 Due to the limitations of the US password export, the encryption intensity supported by the browser such as IE, NetScape is weak. If only the browser comes with the encryption function, there is a cracked possible. Eight Agents Let's explore how SSL agents work (see [6]). This may not be the same as you start thinking :) When the HTTPS agent is set in the browser, and after entering https://www.example.com, the browser will establish a TCP link with Proxy, Then send such a message to it: Connect Server.example.com:443 http / 1.1 host: server.example.com:443 Then Proxy will establish TCP connections to the Webserver end, then this agent completely a content forwarding device . The browser and Web Server will establish a secure channel, so this security channel is end-to-end, although all the information flows through Proxy, but its content proxy is unresolved and changed (of course, it is necessary to support by the certificate, otherwise this Convenient is a good place for man in the middle attack, see the discussion above). Nine pay attention to the certificate, if the administrator only needs to generate a "certificate request" (mostly .csr) for a general application, it contains your name and public key, then handed this request to CA services such as VeriSign. Company (Of course, together with a few hundred dollars), your certificate request is verified, the CA uses its private key signature, forming a formal certificate to send it back. The administrator is only imported on Web Server. If you don't want to spend the money, or want to know the principle, you can do it yourself. From the perspective of CA, you need the private key and public key of the CA. From the server angle of the server you want, you need to hand over the server's certificate request to CA. If you want to do it yourself, don't forget the certificate that the client needs to import CA (CA certificate is self-signed, importing it means you "Trust" CA signed certificate). The business CA is generally not because they have been built in your browser. Ten WTLS in the WAP environment, there is also a secure encryption, so WAPForum designs WTLS in the most popular SSL protocol in WWW world. In principle, this protocol is basically the same, but in specific places Many changes have been made. Most of these changes have no technical needs, but considers the simplification as much as considering the limitations of handheld equipment and storage. But my feelings are that these changes are really small, and there is not much time and space saved by the calculations and storage. In the era of hardware speed, this change can be obtained, may not be much better (a new agreement requires a lot of new investment, and it is not compatible with the original system. About this article [7] has been a wonderful Explain, you can see it). Here I simply give some differences in SSL and WTLs.
