Difference between revisions of "WebFund 2016W Lecture 18"

Video

The video for the lecture given on March 17, 2016 is now available.

Notes

In Class

(This is lecture 18, not 17!)

Lecture 18
----------

Symmetric cryptography
 - everyone uses the same key
 - think secret decoder rings
 - or, file encrypted with AES
 - secret has to be shared between sender and receiver
 

Public-key cryptography
 - but what if we don't have a shared secret?
   - your password isn't good enough, and
   - websites don't remember your password
   - and how would you send them your password in
     the first place
 - instead, we split the key into two parts
   - a public key
   - a private key
 - whatever one does, the other can undo

 - if you encrypt with a public key and decrypt with a
   private key
     - private one-way communication
     - e.g., you download Anil's public key and send
       Anil a secret message
 - if you encrypt with a private key and decrypt with 
   the public key
     - that's a digital signature

First rule of cryptography
 - friends don't let friends implement their own crypto
 - algorithms OR code!

Why?  You'll miss protections against attacks.
Example: timing attacks
 - can extract secrets by watching execution time
 - exploits the fact that some numbers take longer to
   multiply & other operations

Everyone else messes up too
 - so be prepared to update/replace all crypto-related
   code

Student Notes

Additional Notes on OpenStack Instances

• When selecting a floating IP address, the subnet must correspond to the network that you chose for your instance i.e. If you pick comp2406-net-31 you should use a 134.117.31 address and if you pick comp2406-net-26, use a 134.117.26 address. Mismatching will result in an error
• sudo setcap ‘cap_net_bind_service=rep’ /usr/bin/node.js is used to allow the user to bind to a privileged port

HTTPS

• HTTP is HyperText Transfer Protocol
• HTTPS is a secure version of HTTP which uses SSL/TLS
  • SSL - Secure Sockets Layer
  • TLS - Transport Layer Security
  • The current version of SSL is TLS
  • They are security protocols (cryptographic protocols) that encrypt communications to provide a secure connection over a network
• Normally in a URL, we don't see HTTP because it is the default so it is omitted
• With HTTPS, we will see the protocol written in the URL
• We also see a lock icon with HTTPS
  • It means that the data you are sending is secure and the website you’re accessing has been digitally certified
  • When you click on a lock icon, you can view information about the certificate that the server has
• If you want to enable SSL/TLS support in a Node application, you can change HTTP to HTTPS (change var http = require(‘http’); to var http = require(‘https’); in bin/www)
  • For the code to work, we have to specify some options (key and certificate) for the HTTPS server
• You can get it working by modifying the code:

In bin/www:

//use the app objects and put all the configurations into app, If require http is defined.
if (app.locals.sslOptions){
   var http = require(‘https’);
}
else{
   var http-require(‘http’);
}

//modify the ‘HTTP server’ part of your code with sslOptions.
//create an object in the app file.
if (app.locals.sslOptions){
   var server = http.createServer(app.locals.sslOptions, app);
}
else{
   var server = http.createServer(app);
}

In app.js, we specify the HTTPS options by loading the key and certificate files:

var fs = require('fs');

//put this after app is defined but before it is exported
app.locals.sslOptions = {
   key: fs.readFileSync(‘keys/comp2406-test-key.pem’),
   cert: fs.readFileSync(‘keys/comp2406-test-cert.pem’)
}

Certificates

• Certificates are a form of digital authentication for a web server
• They contain information about the server and the authority that has signed the certificate
• Companies such as GlobalSign and Verisign are certificate authorities which are relied upon to sign trustworthy certificates
• If you do not want to pay a trusted certificate authority to sign your server's certificate, you can sign it yourself
  • This gives you a usable certificate but it will produce a warning when a browser communicates with your server since it will receive a certificate signed by an untrusted source
  • In order to get our web application to work properly with SSL/TLS, we have to create a key and use it to sign a certificate
  • An alternative to get a trusted certificate is to get a free temporary certificate (from Let's Encrypt) and update it by using a script to run it in order to obtain new ones upon expiry

Symmetric Cryptography

• With symmetric cryptography, everyone uses the same key i.e. if you want to send a secret message to another person, you have to have the same secret decoder ring or files encrypted with AES
  • AES is a symmetric block cipher in which the same key is used to encrypt and decrypt a document. It is a block cipher because it encrypts data in blocks as opposed to the whole thing
• The key to symmetric cryptography is that the secret has to be shared between the sender and receiver to keep it a secret i.e. instead of making the whole document secret, just make a key to keep it secure
  • The difficulty is in initially sharing this secret in a secure fashion

Public-key Cryptography

• But what if we don’t have a shared secret?
• Passwords aren’t good enough
• Websites don’t remember your password
  • How would you send them your password in the first place (in a secure fashion)?
• Instead, we split the key into two parts: public key and private key
• In public key cryptography, you have two keys, a matched pair of public and private keys are opposite (inverters) because what you do with one can be undone with the other
  • If you encrypt with a public key and decrypt with a private key, it’s a private one way communication
    • For example, you can send the professor a secret message after downloading his public key and using it for encryption
  • If you encrypt with a private key and decrypt with the public key, that’s a digital signature
• This is what is used for HTTPS

Creating Our Key and Certificate

• We can use OpenSSL to create a key and to use that key to sign a certificate
• Randomness is an important factor in the creation of our key
  • We want this done in a non-deterministic fashion so that nobody can guess what our key is
  • OpenSSL uses Linux drivers which are designed to gather random data from events such as:
    • User actions on the keyboard and mouse
    • CPU temperatures
    • Network activity

First Rule of Cryptography

• Friends don’t let friends implement their own cryptography, algorithms or code because it’s hard to do it and be sure you’re secure
• Why?
  • You’ll miss protections against attacks. E.g. Timing attacks.
    • In a timing attack, the attacker can extract secrets by watching execution time
    • This exploits the fact that some numbers take longer to multiply than others
• Even professionally developped crypto systems will have bugs, so be prepared to update/replace all crypto-related code

Code

analyzeLogs-ssl-template.zip