Article Directory
I. Introduction
Combined with the [Java Basics] Basics of Encryption and Security I wrote before, you can read this article to be more familiar with the basic concepts of "Encryption and Security"
Personally, I think the safety measures are mainly in 2 aspects
- How to guarantee
数据在传输过程中不被窃取
- Is that the data has arrived at the server,
服务器端验证传过来的数据没有被篡改,如何不被攻击
2. Security measures
1. Data encryption
We know that data is easy to be transmitted during transmission 抓包
. If it is transmitted directly, such as through http协议
, then the data transmitted by the user can be obtained by anyone, so the data must be encrypted. Common practice is to encrypt key fields, for example: user password is directly encrypted by md5. The function of encryption is to ensure that data is not stolen during transmission.
- Now the mainstream practice is to use
https协议
, add a layer of encryption layer between http and tcp(SSL层)
, this layer is responsible for encryption and decryption of data;
2. Data endorsement
Data signature is a string that cannot be forged by the sender to ensure that the data has not been tampered with by packet capture during transmission.
You may ask if the data has been https
encrypted, is it necessary to endorse it?
- The data is encrypted during transmission. In theory, even if the packet is captured, the data cannot be tampered with; but we need to know that the encrypted part is actually there
外网
. Now many services内网
need to go through a lot of service jumps in the process, so the addition here It can be signed防止内网中数据被篡改
.
3. Timestamp mechanism
Data is very easy to get caught, but after the above 加密
, 加签
the processing, data can not even get to see the real data. But there are lawbreakers 不关心真实的数据,而是直接拿到抓取的数据包进行恶意请求
. At this time, you can use the timestamp mechanism
- Add the current time to each request, and the server will get it
当前时间和请求中的时间相减,看看是否在一个固定的时间范围内
, for example, within 5 minutes. In this way, the time in the maliciously requested data packet cannot be changed, so it will be regarded as an illegal request after 5 minutes.
4. AppId mechanism
Most websites basically require a user name and password to log in. It is not anyone who can use my website. This is actually a security mechanism. The corresponding externally-provided interface actually needs such a mechanism, not everyone can call it, 需要使用接口的用户需要在后台开通appid
and provide the relevant 密钥
(appSecret) to the user . The appid and key (mainly used to generate the signature sign) need to be provided in the called interface, and the server will perform related verification;
5. Current limiting mechanism
It was originally a real user, and the appid was activated, but 频繁调用接口
the situation occurred; this situation needs to be limited to the relevant appid
- Commonly used current limiting algorithms are
令牌桶
sum漏桶算法
.
6. Blacklist mechanism
If this appid conducted many illegal operations, or that there is a special 中黑系统
, after analyzing the direct inclusion of this appid 黑名单
, 所有请求直接返回错误码
.
7. Data legality verification
This can be said to be a processing mechanism that every system will have 只有在数据是合法的情况下才会进行数据处理
. Each system has its own verification rules, of course, there may also be some conventional rules, such as ID card length and composition, telephone number length and composition, etc.;
Three. How to achieve
The above is a general introduction to some commonly used interface security measures. Of course, there may be other methods that I don’t know. I hope you can add. Let’s take a look at the above methods and measures and how to implement them in detail;
1. Data encryption
Encryption methods are now mainstream 对称加密(单钥加密)
and 非对称加密(双钥加密)
.
-
Symmetric encryption : used in the
加密
sum解密
of symmetric keys密钥是相同的
- Common symmetric encryption algorithms:
DES
,AES
- DES:
比较老的算法
There are three parameter entries (original text, key, encryption mode). And 3DES is just a mode of DES, a more secure variant based on DES, the data is encrypted three times, and it is also designated asAES的过渡算法
.
-AES:高级加密标准,新一代标准,加密速度更快,安全性更高(优先选择)
- Advantages:
计算速度快
, suitable for large data encryption and decryption . - Disadvantages: it is before data transfer,
发送方和接收方必须商定好密钥
and so that both sides keep it secret key,如果一方的秘钥被泄露,那么加密信息也就不安全了
.
There is only one key, so the preservation of the key becomes very important. Once the key is leaked, the password is also cracked.
- Common symmetric encryption algorithms:
Because of the fast speed of symmetric encryption and decryption, it can be mixed with asymmetric encryption. Asymmetric encryption can be used to encrypt the symmetric encryption key to protect the security of the key.
- Asymmetric encryption :, generated
加密和解密使用不同的密钥
by the服务端
meeting一对密钥
,私钥
stored in服务端
, and公钥
can be released for任何人
use.用公钥加密的数据,只能用和它对应的私钥解密,用私钥加密也只能同与之对应的公钥解密。
- Common asymmetric encryption is the
RSA 加密
algorithm - Advantages: more secure than symmetric encryption
- Disadvantages: The speed of encryption and decryption is much faster than that of symmetric encryption
慢
(such as: the generation of key pairs, the private key is reversed according to the public key) is not suitable for encryption and decryption of big data - Scene: The most common scenario is used
数字签名
and密码传输
, as数字签名
use secret key cryptography, public key decryption; as加密解密
when using public key cryptography, private key to decrypt .
It should be relatively easy to generate a public key and a private key at the same time, but it should be difficult or impossible to deduce the private key from the public key
- Common asymmetric encryption is the
- Two methods have advantages and disadvantages, but
https
the implementation is just结合了两种加密方式
, ,整合了双方的优点
are better in terms of safety and performance
Symmetric encryption and asymmetric encryption code implementation, Java provides related tools that can be used directly, but I will not introduce more here. How to configure and use https is relatively complicated for HTTPS analysis and actual combat
2. Data endorsement
Three kinds of data signing security policy: 消息摘要
, 数字签名
,数字签名+加密[证书]
security strategy | description | Security Level |
---|---|---|
Message digest (Digest), also known as message Hash | Combine data and Key (custom key) to hash | 安全级别低 , The key security is very low. In the case of key security, it can basically guarantee the non-tampering of data. |
Digital Signature (Signature) | Use certificates and asymmetric signature algorithms to sign data | 安全级别中 , Can guarantee the non-tampering and non-repudiation of the data, but cannot guarantee the privacy of the data |
Signature-encryption [certificate] | Use certificates and asymmetric algorithms to sign data, and use a one-time password and symmetric algorithms to encrypt data | 安全级别高 , Which can guarantee the non-tampering and non-repudiation of the data, and the privacy of the data. |
- Confidentiality: Don't watch without permission
- Integrity: no tampering
- Availability (Availability): prevent unavailability
- Non-Repudiation: Users cannot deny their actions
1. Digest
- Message digests use more digest algorithms (also known as Hash algorithms)
MD5、SHA-1、SHA-256
. The data that needs to be submitted is combined into a string in some way, and then an encrypted string is generated through the hash algorithm. This string is the data packet签名signature
. ,such as:This fixed-length hash value is a summary of this data, also called a fingerprint.
str = 参数1={
参数1}&参数2={
参数2}&……&参数n={
参数n}&signature={
用户密钥};
MD5.encrypt(str);
Note: The final 用户密钥signature
, 客户端和服务端都有一份
so that will be more secure;
- The principle of message digest:,
Hash算法不可逆
and the calculation result has唯一性
, in用户密钥
the case that the privacy is guaranteed, the integrity can be guaranteed - Message digest flaws:
用户密钥
Yes明文传输
, privacy is difficult to guarantee.
2. Digital Signature (Signature)
If you use the "public key" to encrypt the data and use the "private key" to decrypt it, this is 「加密」
; otherwise, use " 私钥」对数据加密
, use 「公钥」去解密
, this is 「签名」
!!!
Simply looking at it, there seems to be no difference, just a different name. But in fact, the purpose of the two is completely different. Because
所有人都持有公钥,所以「签名」并不能保证数据的安全性
, because everyone can use the public key to decrypt. But the "signature" can be used as a guarantee数据的准确性和不可否认性
. Because公钥和私钥是一一对应的
so当一个公钥能解密某个密文时,说明这个密文一定来自于私钥持有者。
Efficient digital signature scheme: use 摘要算法(Hash算法)
and 非对称加密结合
use.
如何签名
: The client first withHash算法
the calculation明文数据
ofHash值
, and then thisHash值用 “私钥“ 加密
. In this way, it can be obtained more quickly原始信息的签名
, and the plaintext data and ciphertext are transmitted to the server at the same time如何验证
: The server uses the相同的Hash算法
calculation first客户端传递明文数据的Hash值
, then uses“公钥“ 对 客户端传递的签名进行解密
it to get the received Hash value, and finally compares the two Hash values to determine whether they are equal. If they are not equal, the data is not credible.
If the plaintext data is particularly large, the direct use asymmetric encryption to generate a signature would lead to efficiency particularly under the encryption and decryption (slow- slow- slow), which is why the above will
先将明文数据hash后在通过私钥加密
Specific operation
- Client to
明文数据
make amd5/SHA
calculation of计算后的值通过 "私钥" 加密得到密文(签名)
, the client will明文数据
and密文
sent to the server - The server to
密文
pass“公钥解密”
to get值A
while the server for明文
a makemd5/SHA
calculated值B
- The server comparing the client and the Hash value A plaintext value B , ,
相同得验证通过
if not equal described untrusted data.
Able to protect 不可篡性
and 不可抵赖性
, but 不能保障数据的私密性
(clear text)
- Even if it is intercepted and tampered with by others
「明文数据」
, since it「私钥」
is confidential, the tamper can not generate the correct one「签名」
. So it can be guaranteed数据的完整
.
3. Sign + encryption [certificate] process
- The client generates one
随机字符串
, aspassword
, and then passes the passwordB公钥加密生成密文C
, putsA明文通过password加密生成密文B
, - While the
A明文
doMD5/SHA
value calculated byA私钥
encrypting obtained签名D
, the密文B
and密文C
and签名D
sent to the server ,服务端通过私钥解密文C得到password
and then throughpassword解密文B
can be obtainedA明文
, at the same time签名
can be used验证发送者是不是A
as wellA发送的数据有没有被第三方修改过
.
Suppose there is a malicious party X, who pretends to be A, and sends 密文B(password生成)
, 密文C
after the server receives the data, it can still decrypt the plaintext normally, but it does not 无法证明这个明文数据是A发送的还是恶意用户B发送的
. 签名D
The meaning is A自己签名
that the server can verify. X
Because it does not A的私钥
, this signature cannot be impersonated and will be recognized by the server.
3. Timestamp mechanism
解密后
After passing the data, 签名认证
we get the data in the packet 客户端时间戳字段
, and then 用服务器当前时间去减客户端时间,看本次请求是否超时
.
The pseudo code is as follows:
long interval=5*60*1000;//超时时间
long clientTime=request.getparameter("clientTime");
long serverTime=System.currentTimeMillis();
if(serverTime-clientTime>interval){
return new Response("超过处理时长")
}
4. AppId mechanism
Generate a unique appId and corresponding appSecret (key). The key can be randomly generated using special characters such as letters and numbers;
- The generation of unique appId depends on the actual situation
是否需要全局唯一
, but regardless of whether it is globally unique, it is best to let the generated Id have the following properties:- Increasing trend: In this way, when saving the database, the performance of using the index is better.
- Information security: try not to be continuous, it is easy to find the rules.
全局唯一Id
The common methods of generationSnowflake
(Snowflake, commonly known as snowflake algorithm, used for generation分布式自增 ID
) methods, etc.;
5. Current limiting mechanism
Commonly used current limiting algorithms include:令牌桶限流,漏桶限流,计数器限流
The principle of the token bucket current limiting token bucket algorithm is that the system puts tokens into the bucket at a certain rate, and discards the token when it is full; when the request comes, the token will be taken out of the bucket first. If the token can be obtained, Then you can continue to complete the request, otherwise wait or deny the service; the token bucket allows a certain degree of burst traffic, as long as there is a token, it can be processed, and it supports multiple tokens at a time;
The principle of the leaky bucket flow limiting algorithm is to flow out requests at a fixed constant rate, and the incoming request rate is arbitrary. When the number of requests exceeds the capacity of the bucket, new requests wait or deny service; it can be seen that the leaky bucket algorithm can force limit data transfer speed;- Counter current limit
counter is a relatively simple and rude algorithm, mainly used to limit the total number of concurrency, such as the number of concurrent database connection pool, thread pool, spike; counter current limit as long as the total number of requests within a certain period of time exceeds the set threshold Value is limited to current;
Specifically based on how the above algorithm is implemented, Guava
it is RateLimiter工具类
based on 令牌桶算法
:
RateLimiter rateLimiter = RateLimiter.create(5);
- The above code indicates that only five concurrent requests are allowed to be processed in one second , and the above method can only be used
单应用
for request flow limitation and cannot be performed全局限流
. It is needed at this time分布式限流
and canredis+lua
be realized based on ;
6. Blacklist mechanism
As to why we don’t discuss China and Black, we can 给每个用户设置一个状态
include: 初始化状态,正常状态,中黑状态,关闭状态
etc., or we can pass directly 分布式配置中心
,直接保存黑名单列表,每次检查是否在列表中即可
7. Data legality verification
The legality check includes: 常规性校验
and业务校验
- Routine verification : including signature verification, required verification, length verification, type verification, format verification, etc.
- Business verification : It depends on the actual business, for example, the order amount cannot be less than 0.
Four. Source code
Elegant implementation of third-party open API interface signatures (stateful/stateless)