"Computer Network" Xiaobai's Understanding of HTTPS

Others 2021-03-05 14:58:06 views: null

1. Why you need HTTPS

The Hypertext Transfer Protocol HTTP protocol is used to transfer information between the Web browser and the website server. The HTTP protocol sends content in plain text and does not provide any means of data encryption. If the attacker intercepts the data between the Web browser and the website server You can directly read the information in the transmitted message. Therefore, the HTTP protocol is not suitable for transmitting some sensitive information, such as credit card numbers, passwords and other payment information.

In order to solve this defect of the HTTP protocol, another protocol is needed: Secure Sockets Layer Hypertext Transfer Protocol HTTPS. For the security of data transmission, HTTPS adds the SSL / TLS protocol on the basis of HTTP. SSL / TLS relies on The certificate verifies the identity of the server and encrypts the communication between the browser and the server.

The HTTPS protocol is a network protocol constructed by the SSL / TLS + HTTP protocol that can be used for encrypted transmission and identity authentication. It is safer than the HTTP protocol.

The main functions of the HTTPS protocol can be divided into two types: one is to establish an information security channel to ensure the security of data transmission; the other is to confirm the authenticity of the website.

2. The main difference between HTTP and HTTPS

  • The HTTPS protocol requires a CA to apply for a certificate. Generally, there are fewer free certificates, so a certain fee is required
  • HTTP is a hypertext transfer protocol, information is transmitted in plain text, and HTTPS is a secure SSL/TLS encrypted transfer protocol
  • HTTP and HTTPS use completely different connection methods and use different ports. The former is 80 and the latter is 443.
  • The HTTP connection is very simple and stateless; the HTTPS protocol is a network protocol constructed by the SSL / TLS + HTTP protocol for encrypted transmission and identity authentication, which is safer than the HTTP protocol

3. HTTPS establishment process

The general process of establishing SSL for HTTPS is as follows:

Insert picture description here

The following explains why this is done:

  1. Public key and private key

    RSA refers to asymmetric encryption. The result of encryption is a pair of secret keys . Only the corresponding public key can decrypt the data encrypted with the private key. Only the corresponding private key can decrypt the data encrypted with the public key.

    So we can distribute the public key and keep the private key ourselves.

    Insert picture description here

  2. Disadvantages of asymmetric encryption

    In asymmetric encryption, the recipient’s public key needs to be used to encrypt the message, but the public key is not confidential and can be obtained by anyone, as well as an intermediary. Then the middleman can do two things. The first thing is that the middleman can replace the client's public key with his own when the client exchanges the public key with the server. In this way, the public key obtained by the server will not be that of the client, but that of the middleman. The server cannot determine the correctness of the source of the public key. The second thing is that the middleman can not replace the public key, but he can intercept the message sent by the client, tamper with it, and then encrypt it with the server's public key and send it to the server. The server will receive the wrong message.

    The middleman can pretend to be the server to tamper with the public key, as shown in the figure below:

    Insert picture description here

  3. digital signature

    What is a digital signature? It is the fingerprint of information. But this is not the point, the point is the generation process of the digital signature. There are two steps in the generation of a digital signature:

    • Hash the plaintext to get a string of hash values

    • Encrypt the hash value obtained in the first step with a private key

    Insert picture description here

    How are digital signatures used? In fact, just look at a picture to understand. The digital signature will be sent out along with the content. The receiver first decrypts the digital signature with the public key to obtain the hash value h1, and then uses the same algorithm to calculate the hash value h2 for the content. If h1 = h2, then the content is not stringed Changed.

    Insert picture description here

    However, there are risks in this process. If the middleman tampered with the public key, then he could forge the digital signature, and it would be ruined. as follows:

Insert picture description here

So the introduction of digital certificates.

  1. Digital certificate

    Digital certificate contains two parts: certificate information and digital signature

    The certificate information here contains the information sent by the server (including the server public key), and of course some other information, such as the name of the certificate, issuing authority, finite period, hash algorithm, etc.

    The digital signature is the result of hashing the certificate information and then encrypting it with the private key of the CA certification center.

    Insert picture description here

    It is particularly emphasized here that the digital signature is encrypted with the private key of the CA certification center, because this can prevent the intermediary from altering the public key. One more thing to note here is that the operating system will automatically install the public key of the CA certification center, so each client has the public key of the CA certification center by default.

    The use process after the introduction of digital certificates is as follows:

    Insert picture description here

    If the intermediary wants to forge a digital certificate, tampering with the public key in the digital certificate, because the intermediary does not have the private key of the CA certification center, and cannot forge the digital signature, it cannot forge the digital certificate:

    Insert picture description here

    But is this foolproof? No, if the middleman also registered a digital certificate in the CA certification center and replaced the server's digital certificate with this legal digital certificate, it would still be finished. But this is not a problem that we should worry about. This is a problem that the CA certification center should consider. Who should issue a certificate and who should refuse to issue a certificate. We are safe only if the CA certification center can distinguish good people from bad people.

    In fact, in the end, the client entrusts the trust of the server to the CA certification center, because the server is not necessarily trustworthy, so create a relatively trustworthy third party.

  2. Certificate verification

    Based on the above content, we can get the process of client integer verification in HTTPS communication:

    Insert picture description here

  3. Symmetrically encrypted communication

    The real HTTPS communication is not encrypted by public and private keys. The public and private keys are only used in the handshake process. When the client requests the real public key, it will generate a random number (symmetric key) and use the public key. The key is encrypted and sent to the server, and the subsequent communication is encrypted with the symmetric key. The reason for this is that the performance of asymmetric encryption is several times or even hundreds of times slower than that of symmetric encryption, which consumes system resources. Because of this, HTTPS combines two encryptions.

4. Disadvantages of HTTPS

Although HTTPS has great advantages, relatively speaking, there are still shortcomings:

  • The handshake phase of the HTTPS protocol is time-consuming, which will extend the page load time by nearly 50% and increase the power consumption by 10% to 20%
  • HTTPS connection caching is not as efficient as HTTP, which will increase data overhead and power consumption, and even existing security measures will be affected by this
  • SSL certificate requires money, the more powerful the certificate, the higher the cost, personal websites and small websites are not necessary and generally won’t be used
  • SSL certificates usually need to be bound to an IP, and multiple domain names cannot be bound to the same IP. IPv4 resources cannot support this consumption
  • The encryption scope of the HTTPS protocol is also relatively limited, and it has little effect on hacker attacks, denial of service attacks, and server hijacking. The most important thing is that the credit chain system of SSL certificates is not secure, especially when some countries can control CA root certificates, man-in-the-middle attacks are equally feasible

5. HTTPS optimization

5.1 HSTS redirection technology

HSTS (HTTP Strict Transport Security) technology, when HSTS is enabled, it will ensure that the browser is always connected to the HTTPS encrypted version of the website.

  1. When the user enters the HTTP protocol in the browser to access, the browser will automatically convert HTTP to HTTPS for access to ensure user access security

  2. Eliminate the occurrence of 301 jumps and shorten the access time

  3. It can prevent man-in-the-middle attacks based on the SSL Strip. If there is an error in the certificate, the error will be displayed, and the user cannot avoid the warning, so that the user's access can be more effectively and safely protected

5.2 TLS handshake optimization

Before transmitting application data, the client must negotiate the key, encryption algorithm and other information with the server, and the server must also send its own certificate to the client to indicate its identity. These links constitute the TLS handshake process.

With the False Start technology, the browser starts to send request data before completing the TLS handshake with the server. After receiving the data, the server starts to send response data while completing the TLS handshake.

After enabling the False Start function, the data transmission time will be further shortened.

5.3 Session Identifier reuse

If a user's service request contains multiple encrypted streams, the client and the server will shake hands repeatedly, which will inevitably lead to more time loss. Or some special circumstances lead to a sudden interruption of the conversation, and the two parties need to shake hands again, which increases the user's access time.

  1. The server generates and records an ID number for each session, and then sends it to the client
  2. If the client initiates a reconnection , it only needs to send the ID number to the server
  3. The server receives the ID number sent by the client, and then looks up its own session record. After matching the ID, both parties can reuse the previous symmetric encryption key for data encryption transmission without having to regenerate it, reducing interaction time

5.4 Enable OCSP Stapling to improve the efficiency of TLS handshake

The server actively obtains the OCSP query result and sends it to the client along with the certificate, so that the client can directly verify the certificate through the Web Server, which improves the efficiency of the TLS handshake.

The server simulates a browser to initiate a request to the CA, and saves the OCSP response signed by the CA organization locally, and then sends the OCSP response to the browser during the handshake phase with the client, eliminating the need for the browser's online verification process. Since the browser does not need to directly query the CA site for the status of the certificate, this function can significantly improve the access speed.

5.5 Fully forward encryption of PFS to protect user data and prevent private key leakage

The asymmetric encryption algorithm RSA contains public and private keys. The private key is kept secret and not disclosed to the outside world. Since this algorithm can be used for both encryption and signature, it has a wide range of uses, but it still encounters some problems. :

  • Suppose I am a hacker. Although I don’t know the private key now, I can save all the data (encrypted) transmitted between the client and the server first. If one day, the server maintainer accidentally leaks the private key , Or the server is compromised by me to obtain the private key, then I can use this private key to crack the data that has been saved by me before and obtain useful information from it.

So in order to prevent the above phenomenon from happening, we must protect our private key.

If the private key is indeed leaked, how can we remedy it? Then you need PFS (perfect forward secrecy) complete forward secrecy function, this function is used for the client and server to exchange symmetric keys, play the role of forward secrecy, that is, even if the private key is leaked, hackers can not crack the previous Encrypted data.

Wiki explained that: the leakage of the long-term master key will not lead to the leakage of the past session key.

The realization of this function requires the server to support the following algorithm and signature combinations:

  • ECDHE key exchange, RSA signature
  • ECDHE key exchange, ECDSA signature

5.6 HTTPS optimization summary Easy-to-remember version

1. HSTS redirection technology: automatically convert HTTP to HTTPS, reducing 301 redirection

2. TLS handshake optimization: the client sends data to the server in advance before the TLS handshake is completed

3. Session identifier: The server records the session ID with a client, and the next time the client connects to send the ID, you can directly use the previous private key to communicate

4. OSCP Stapling: The server sends the OCSP response signed by the CA organization to the client during the handshake, and the saved client goes to the CA to query

5. Fully forward encryption PFS: use a more powerful and complex secret key algorithm

Guess you like

Origin blog.csdn.net/dreaming_coder/article/details/114128610
Recommended
LFOSSA Yuanlaisusu Open Course | Mastering the Cloud Native Future: Comprehensive Guide to CNCF Certification and Exam Preparation Tips
Ranking
C++ Basic Syntax
bootstrapTable hides a column based on a condition
Why is reentrant lock recommended instead of Synchronized when dynamic high concurrency?
hexo create a blog
[Fully open source and non-encrypted version] Imitation of the eighth district distribution/online signature/multiple sets of download templates/APP distribution hosting/APP packaging and packaging
Polymerization combination
https://www.flysnow.org/2017/05/06/go-in-action-go-log.html
From the perspective of Flutter and the front-end, talk about how to ensure UI fluency under the single-threaded model
nginx-301, 302 redirect
Geolocation by IP Address in ASP.NET
Daily
More
2024-04-26(22)
2024-04-25(32)
2024-04-24(30)
2024-04-23(30)
2024-04-22(5)
2024-04-21(0)
2024-04-20(6)
2024-04-19(5)
2024-04-18(0)
2024-04-17(31)

Code World

© 2018 codetd.com