WebFund 2016W Lecture 18: Difference between revisions

From Soma-notes
LeeCroft (talk | contribs)
No edit summary
LeeCroft (talk | contribs)
No edit summary
 
Line 140: Line 140:
**If you encrypt with a private key and decrypt with the public key, that’s a digital signature
**If you encrypt with a private key and decrypt with the public key, that’s a digital signature
*This is what is used for HTTPS
*This is what is used for HTTPS
=====Creating Our Key and Certificate=====
*We can use OpenSSL to create a key and to use that key to sign a certificate
*Randomness is an important factor in the creation of our key
**We want this done in a non-deterministic fashion so that nobody can guess what our key is
**OpenSSL uses Linux drivers which are designed to gather random data from events such as:
***User actions on the keyboard and mouse
***CPU temperatures
***Network activity


====First Rule of Cryptography====
====First Rule of Cryptography====

Latest revision as of 02:17, 21 March 2016

Video

The video for the lecture given on March 17, 2016 is now available.


Notes

In Class

(This is lecture 18, not 17!)

Lecture 18
----------

Symmetric cryptography
 - everyone uses the same key
 - think secret decoder rings
 - or, file encrypted with AES
 - secret has to be shared between sender and receiver
 

Public-key cryptography
 - but what if we don't have a shared secret?
   - your password isn't good enough, and
   - websites don't remember your password
   - and how would you send them your password in
     the first place
 - instead, we split the key into two parts
   - a public key
   - a private key
 - whatever one does, the other can undo

 - if you encrypt with a public key and decrypt with a
   private key
     - private one-way communication
     - e.g., you download Anil's public key and send
       Anil a secret message
 - if you encrypt with a private key and decrypt with 
   the public key
     - that's a digital signature

First rule of cryptography
 - friends don't let friends implement their own crypto
 - algorithms OR code!

Why?  You'll miss protections against attacks.
Example: timing attacks
 - can extract secrets by watching execution time
 - exploits the fact that some numbers take longer to
   multiply & other operations

Everyone else messes up too
 - so be prepared to update/replace all crypto-related
   code

Student Notes

Additional Notes on OpenStack Instances

  • When selecting a floating IP address, the subnet must correspond to the network that you chose for your instance i.e. If you pick comp2406-net-31 you should use a 134.117.31 address and if you pick comp2406-net-26, use a 134.117.26 address. Mismatching will result in an error
  • sudo setcap ‘cap_net_bind_service=rep’ /usr/bin/node.js is used to allow the user to bind to a privileged port

HTTPS

  • HTTP is HyperText Transfer Protocol
  • HTTPS is a secure version of HTTP which uses SSL/TLS
    • SSL - Secure Sockets Layer
    • TLS - Transport Layer Security
    • The current version of SSL is TLS
    • They are security protocols (cryptographic protocols) that encrypt communications to provide a secure connection over a network
  • Normally in a URL, we don't see HTTP because it is the default so it is omitted
  • With HTTPS, we will see the protocol written in the URL
  • We also see a lock icon with HTTPS
    • It means that the data you are sending is secure and the website you’re accessing has been digitally certified
    • When you click on a lock icon, you can view information about the certificate that the server has
  • If you want to enable SSL/TLS support in a Node application, you can change HTTP to HTTPS (change var http = require(‘http’); to var http = require(‘https’); in bin/www)
    • For the code to work, we have to specify some options (key and certificate) for the HTTPS server
  • You can get it working by modifying the code:

In bin/www:

//use the app objects and put all the configurations into app, If require http is defined.
if (app.locals.sslOptions){
   var http = require(‘https’);
}
else{
   var http-require(‘http’);
}

//modify the ‘HTTP server’ part of your code with sslOptions.
//create an object in the app file.
if (app.locals.sslOptions){
   var server = http.createServer(app.locals.sslOptions, app);
}
else{
   var server = http.createServer(app);
}

In app.js, we specify the HTTPS options by loading the key and certificate files:

var fs = require('fs');

//put this after app is defined but before it is exported
app.locals.sslOptions = {
   key: fs.readFileSync(‘keys/comp2406-test-key.pem’),
   cert: fs.readFileSync(‘keys/comp2406-test-cert.pem’)
}
Certificates
  • Certificates are a form of digital authentication for a web server
  • They contain information about the server and the authority that has signed the certificate
  • Companies such as GlobalSign and Verisign are certificate authorities which are relied upon to sign trustworthy certificates
  • If you do not want to pay a trusted certificate authority to sign your server's certificate, you can sign it yourself
    • This gives you a usable certificate but it will produce a warning when a browser communicates with your server since it will receive a certificate signed by an untrusted source
    • In order to get our web application to work properly with SSL/TLS, we have to create a key and use it to sign a certificate
    • An alternative to get a trusted certificate is to get a free temporary certificate (from Let's Encrypt) and update it by using a script to run it in order to obtain new ones upon expiry
Symmetric Cryptography
  • With symmetric cryptography, everyone uses the same key i.e. if you want to send a secret message to another person, you have to have the same secret decoder ring or files encrypted with AES
    • AES is a symmetric block cipher in which the same key is used to encrypt and decrypt a document. It is a block cipher because it encrypts data in blocks as opposed to the whole thing
  • The key to symmetric cryptography is that the secret has to be shared between the sender and receiver to keep it a secret i.e. instead of making the whole document secret, just make a key to keep it secure
    • The difficulty is in initially sharing this secret in a secure fashion
Public-key Cryptography
  • But what if we don’t have a shared secret?
  • Passwords aren’t good enough
  • Websites don’t remember your password
    • How would you send them your password in the first place (in a secure fashion)?
  • Instead, we split the key into two parts: public key and private key
  • In public key cryptography, you have two keys, a matched pair of public and private keys are opposite (inverters) because what you do with one can be undone with the other
    • If you encrypt with a public key and decrypt with a private key, it’s a private one way communication
      • For example, you can send the professor a secret message after downloading his public key and using it for encryption
    • If you encrypt with a private key and decrypt with the public key, that’s a digital signature
  • This is what is used for HTTPS
Creating Our Key and Certificate
  • We can use OpenSSL to create a key and to use that key to sign a certificate
  • Randomness is an important factor in the creation of our key
    • We want this done in a non-deterministic fashion so that nobody can guess what our key is
    • OpenSSL uses Linux drivers which are designed to gather random data from events such as:
      • User actions on the keyboard and mouse
      • CPU temperatures
      • Network activity

First Rule of Cryptography

  • Friends don’t let friends implement their own cryptography, algorithms or code because it’s hard to do it and be sure you’re secure
  • Why?
    • You’ll miss protections against attacks. E.g. Timing attacks.
      • In a timing attack, the attacker can extract secrets by watching execution time
      • This exploits the fact that some numbers take longer to multiply than others
  • Even professionally developped crypto systems will have bugs, so be prepared to update/replace all crypto-related code


Code

analyzeLogs-ssl-template.zip