Security protocols used on the Internet

Network layer security protocol

IP hardly has any security and cannot guarantee:

• Data confidentiality;
• Data integrity;
• Data source certification

IPsec provides a standard, robust and comprehensive mechanism to ensure IP layer security. IPsec is the abbreviation of "IP Security".

The three parts of IPsec

1. The two protocols of the IP security datagram format
   (1) Authentication Header (AH) protocol: provides source point authentication and data integrity, but cannot be kept confidential
   (2) Encapsulation Security Payload (Encapsulation Security Payload) protocol: provides source point Authentication, data integrity and confidentiality.

2. Three protocols related to encryption algorithms (not discussed here)

3. Internet Key Exchange IKE (Internet KeyExchange) protocol.

Two working modes of IP security datagram

1. Transport mode: Add a number of control information before and after the entire transport layer message segment , plus the IP header to form an IP security datagram. The entire transport layer message segment is protected, which is suitable for secure transmission from host to host . All hosts that need to use IPsec run the IPsec protocol.
2. Tunnel mode: Add some control information before and after the original IP datagram, plus a new IP header to form an IP security datagram. This requires that the IPsec protocol is running on all routers through which the IPsec datagram passes. The tunnel method is commonly used to implement a virtual private network VPN.

No matter which method is used, the IP header of the final IP security datagram is not encrypted . The so-called "secure datagram" means that the data part of the datagram is encrypted and can be authenticated. The data part of the datagram is usually called the payload of the datagram .

Security Association SA

Before using AH or ESP, a logical connection at the network layer must be established from the source host to the destination host. This logical connection is called the Security Association (SA). IPsec transforms the traditional Internet connectionless network layer into a logically connected network layer.

Assume that the host H1 of the company headquarters and the host H2 of the branch company must communicate securely through the Internet. The security association SA between the company headquarters and branch offices is established between routers R1 and R2.

If the host H1 of the company headquarters wants to communicate securely with the host H2 of a foreign salesperson, a security association SA needs to be established between the router R1 of the company headquarters and the host H2 of the foreign salesperson.

Transport layer security protocol

The following two protocols are widely used now:

• Secure Socket Layer SSL (Secure Socket Layer)
• TLS (Transport Layer Security).

SSL acts between the HTTP and the transport layer of the end system application layer, and establishes a secure channel on top of TCP to provide security for the application layer data transmitted via TCP. In 1999, IETF launched the transport layer security standard TLS on the basis of SSL3.0 to provide secure data transmission services for all TCP-based network applications.

• SSL/TLS is built on top of reliable TCP and has nothing to do with application layer protocol independence.
• SSL/TLS has been supported by all commonly used browsers and web servers.
• The basic goal of SSL/TLS: to achieve safe and reliable communication between two application entities.
• The application layer that uses SSL the most is HTTP, but SSL is not only used for HTTP, but can be used for any application layer protocol. When the application HTTP calls SSL to encrypt the entire web page, the web page will prompt the user that the place where http was originally displayed in the URL bar is now https. The s added after http stands for security, indicating that the HTTP protocol that provides security services is now used (the HTTPS port number of TCP is 443 instead of the usual port number 80).

Security services provided by SSL

(1) SSL server authentication allows users to verify the identity of the server. The client that supports SSL authenticates the real identity of the server and obtains the server's public key by verifying the certificate from the server.

(2) SSL client authentication, an optional security service of SSL, allows the server to verify the identity of the client.

(3) The encrypted SSL session encrypts all messages sent between the client and the server, and detects whether the messages have been tampered with.

Application layer security protocol

PGP (Pretty Good Privacy) is a complete e-mail security software package, including encryption, authentication, electronic signature and compression technology. PGP does not use any new concepts, it just integrates some existing algorithms such as MD5, RSA, and IDEA. Although PGP has been widely used, PGP is not an official standard for the Internet.

PGP working principle

• PGP provides email security, sender authentication and message integrity.
  Suppose A sends an e-mail plain text X to B, using PGP for encryption.
  A has three keys: A's private key, B's public key, and A's one-time key.
  B has two keys: B's private key and A's public key.

Work of sender A

(1) Perform MD5 calculation on plaintext mail X to get MD5 message digest H. Use A's private key to encrypt H (ie, digital signature) to get the message authentication code MAC, which is spliced ​​after the plain text X to get the extended mail (X, MAC).
(2) Use A's own one-time key to encrypt the extended mail (X, MAC).
(3) Use B's public key to encrypt the one-time key generated by A. Because the key used for encryption is a one-time use, that is, the key will only be used once, and the previously encrypted content will not be decrypted due to key leakage.
Even if the key is leaked, it will only affect the communication process once.
(4) Send the encrypted one-time key and the encrypted extended mail to B.

Recipient B's work

(1) Separate the encrypted one-time key from the encrypted extended message (X, MAC).
(2) Use B's own private key to solve A's one-time key.
(3) Use the solved one-time key to decrypt the message, and then separate the plaintext X and MAC.
(4) Use A's public key to decrypt the MAC (namely, signature verification) to obtain a message digest H. This message digest is the message digest generated by A using plaintext mail X through MD5 operation.
(5) Perform MD5 message digest operation on the separated plaintext mail X to obtain another message digest H(X). Compare H(X) with the previously obtained H to see if they are the same. If the same, the authentication of the sender of the mail is passed, and the integrity of the message is also confirmed.