security, privacy and trust - web technologies (1019888bnr)
TRANSCRIPT
2 December 2005
Web TechnologiesSecurity, Privacy and Trust
Prof. Beat Signer
Department of Computer Science
Vrije Universiteit Brussel
http://www.beatsigner.com
Beat Signer - Department of Computer Science - [email protected] 2December 23, 2016
Security Aspects
Authenticity knowing the sender or receiver of data
- who is trying to access data on a web server
- who is offering a service
- who sent an email
- …
Privacy keeping information private
- protect credit card information that is sent to a server
- protect information sent in emails
- …
Integrity ensuring that information is not changed when transferred
Beat Signer - Department of Computer Science - [email protected] 3December 23, 2016
HTTP Authentication
Native authentication functionality offered by HTTP instead of directly sending a response for a given request, the
server can always respond with an authentication challenge(401 status code)
HTTP is extensible to support different authentication
protocols and offers the following two standard protocols basic access authentication
- simple Base64 encoding of the string <username>:<password>
digest access authentication
Protected resources can be grouped in security realms
with different sets of authorised users or groups of users
Beat Signer - Department of Computer Science - [email protected] 4December 23, 2016
Basic Access Authentication
Client Server
GET /wise/exam.pdf HTTP/1.0
Client Server
Client Server
Client Server
ask
password
try to access
a protected
resource
HTTP/1.0 401 Authorization RequiredWWW-Authenticate: Basic realm="WISE"
GET /wise/exam.pdf HTTP/1.0Authorization: Basic YmVhdDpydWxleg==
HTTP/1.0 200 OKContent-type: application/pdf
Internet
Beat Signer - Department of Computer Science - [email protected] 5December 23, 2016
Base64 Encoding
Base64 encoding can be used to represent binary data
in a portable format (alphabet) used by MIME for content transfer encoding
used to embed binary data in XML files (e.g. in XML-RPC)
note that Base64 encoded data needs more space
Takes a sequence of bytes (8-bit) and breaks it into 6-bit
chunks padding with 0s to make it a multiple of 24 (LCM of 6 and 8)
complete 6-bit padding chunks are represented by the special character '='
Each 6-bit chunk is then represented by a character from
a 64-character alphabet
Beat Signer - Department of Computer Science - [email protected] 6December 23, 2016
Base64 Encoding Example
Let us encode the string
'No' to Base64
padding to 24 bit
lookup of 6-bit chunks in
index table
use '=' for completely padded
6-bit chunks
val
0
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
char
A
B
C
D
E
F
G
H
I
J
K
L
M
N
O
P
val
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
char
Q
R
S
T
U
V
W
X
Y
Z
a
b
c
d
e
f
val
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
char
g
h
i
j
k
l
m
n
o
p
q
r
s
t
u
v
val
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
char
w
x
y
z
0
1
2
3
4
5
6
7
8
9
+
/
01001110
N o
01101111 00000000
19 38 60
T m 8 =
Base64 index table
Text
Bit Pattern
Index
Base64
padding
Beat Signer - Department of Computer Science - [email protected] 7December 23, 2016
Web Server Configuration
Example configuration for an Apache HTTP Server
Create a new password file (using the –c parameter)
Put an .htaccess file with the configuration into the
directory that has to be protected alternatively add information to httpd.conf
#htpasswd -c /usr/local/apache/admin/passwords nelson
New password: nelson123Re-type new password: nelson123Adding password for user nelson
AuthType BasicAuthName "WISE"AuthUserFile /usr/local/apache/admin/passwordsRequire user nelson
Beat Signer - Department of Computer Science - [email protected] 8December 23, 2016
Basic Access Authentication ...
Basic access authentication is not secure username and password are sent almost in "cleartext"
- Base64 value can be very easily decoded
easy to do replay attacks
- simply reuse the Base64-encoded username and the password
Potential solutions combine the basic access authentication with an encrypted data
transfer (e.g. via TLS/SSL)
- does not necessarily prevent replay attacks
use of alternative digest access authentication
Beat Signer - Department of Computer Science - [email protected] 9December 23, 2016
Digest Access Authentication
Password is no longer sent in cleartext only a one-way digest that is computed out of the password
(one-way hash function) is sent to the server
Message Digest #5 (MD5) is a popular digest function
What about digest replay attacks? server sends a special token (nonce) that changes frequently
client adds the nonce to the password before computing the MD5
- any changes of the nonce result in changes of the digest which helps to
prevent replay attacks
h1 = MD5(username:realm:password)h2 = MD5(httpMethod:requestedURI)response = MD5(h1:nonce:h2)
Computed response based on MD5
Beat Signer - Department of Computer Science - [email protected] 10December 23, 2016
Digest Access Authentication ...
Client Server
GET /wise/exam.pdf HTTP/1.0
Client Server
Client Server
Client Server
ask
password
HTTP/1.0 401 UnauthorizedWWW-Authenticate: Digest realm="WISE",qop="auth,auth-int" nonce="6G543RED"
GET /wise/exam.pdf HTTP/1.0Authorization: Digest username="nelson",realm="WISE", nonce="6G543RED",qop="auth", response="HF779RW47R7HF",...
HTTP/1.0 200 OKAuthorization-Info: nextnonce="7HZT7F6"...
Internet
try to access
a protected
resource
Beat Signer - Department of Computer Science - [email protected] 11December 23, 2016
Digest Access Authentication ...
The Authorization-Info: nextnonce="..." is used
to send the next nonce in advance client can send the computed hash value already with the original
request (preemptive authorization)
The quality of protection (qop) field is used to
negotiate different protection mechanisms auth
- authentification
auth-int
- authentification and message integrity protection
- add an MD5 of the body
Beat Signer - Department of Computer Science - [email protected] 12December 23, 2016
Transport Layer Security (TLS)
Cryptographic protocol to
ensure secure network
communication
successor of the Secure
Socket Layer (SSL) protocol
situated at the TCP/IP
Application Layer or OSI
Presentation Layer
Types of authentification
unilateral authentification
- only server authentification
mutual authentification
- client and server authentification
TCP/IP stack
Transport
Application
Link
Internet
TLS/SSL
Beat Signer - Department of Computer Science - [email protected] 13December 23, 2016
Cryptography
In cryptography a cipher (coding scheme)
is used in combination with a key to create
a ciphertext out of a plaintext
Cryptanalysis tries to get information out of the ciphertext
without having access to the secret information (key)
MEET MEAT NOON
PHHW PHDW QLLQ
MEET MEAT NOONcipher
(encoder)
cipher
(decoder)ciphertext
key key
plaintext plaintext
Beat Signer - Department of Computer Science - [email protected] 14December 23, 2016
Symmetric Key Cryptography
A symmetric key cipher uses the same key for the
encoding and decoding of a plaintext message
Many existing symmetric key ciphers DES, Triple DES, Blowfish, Rijndael/AES, ...
The algorithms are often common knowledge and the
key is the only secret thing key has to be kept secret
Brute force attack (enumeration attack) tries all keys
The key length defines the number of potential keys e.g. 128 bit key considered safe today
- can change with more powerful machines
Beat Signer - Department of Computer Science - [email protected] 15December 23, 2016
Symmetric Key Cryptography ...
One problem of symmetric key cryptography is that we
have to secretly share the common key before we can
exchange any messages this has to be repeated with different keys for any two partners
willing to establish a secret communication
how should we establish the exchange over the Internet?
- initially only an insecure channel is available
where should we secretly store all those keys?
Beat Signer - Department of Computer Science - [email protected] 16December 23, 2016
Public Key (Asymmetric) Cryptography
Instead of a single key, public key cryptography uses an
asymmetric pair of keys publicly available key for the encoding
secret key for the decoding
Each party has only a single public key which is used by
everybody to encode messages to this party only the receiver can decode message with their private key
MEET MEAT NOON
hJ7FHDuKJF Z8efsdlgi MEET ME
AT NOONcipher
(encoder)
cipher
(decoder)ciphertext
public key B private key B
plaintext plaintext
A B
Beat Signer - Department of Computer Science - [email protected] 17December 23, 2016
Public Key (Asymmetric) Cryptography ...
Public key cryptography can be used to establish secure
Internet connections to any computer around the world
without having to secretly share a key beforehand
An asymmetric public key cipher has to ensure that an
attacker cannot compute the private key based on any
information they can intercept public key
ciphertext (with corresponding plaintext)
- can easily be created by any party by using the public key
A well known public key algorithm is the RSA cipher
Beat Signer - Department of Computer Science - [email protected] 18December 23, 2016
RSA Cipher (Rivest, Shamir and Adleman)
Public-key cipher that can
be used for encryption as
well as signing published in 1978 by Rivest,
Shamir and Adleman while they were at MIT
The public and private keys are
generated based on two large distinct prime numbers the potential attacker will know about the product of the two prime
numbers but nothing about the numbers themselves
use modular arithmetic for the encoding/decoding
as long as the attacker is not able to do a factorisation into the two prime numbers, RSA is assumed to be secure
Adi Shamir, Ron Rivest and Len Adleman
Beat Signer - Department of Computer Science - [email protected] 19December 23, 2016
Public Key (Asymmetric) Cryptography ...
A drawback of asymmetric public key cryptography is the
fact that the algorithms are much slower than symmetric
ciphers
Hybrid solutions combine public key with symmetric key
cryptography the public key encryption is only used in the setup phase to
securely exchange a pair of symmetric keys
afterwards a secure channel is established based on the symmetric keys
Security of public key cryptography? new developments (e.g. quantum computing) might break public
key cryptography
Beat Signer - Department of Computer Science - [email protected] 20December 23, 2016
Digital Signatures
A digital signature can be used for two purposes to prove the authenticity of a message
to guarantee that a message has not been changed during the transfer (integrity)
Sender creates a plaintext digest, encodes it with the
private key and adds it as a signature to the message the receiver creates the same digest and compares it with the
decoded signature
ciphercipher
private key A public key A
plaintext plaintextplaintext
signature
digestdigest digest
same?
A B
Beat Signer - Department of Computer Science - [email protected] 21December 23, 2016
Digital Certificates
Information about a
person/company that is
digitally signed by a
certificate authority (CA)
owner's name
validity time
signature of the CA
owner's public key
Beat Signer - Department of Computer Science - [email protected] 22December 23, 2016
HTTP Secure (HTTPS)
Secure version of HTTP combines HTTP with asymmetric, symmetric and certificate-
based cryptography
HTTP sent over TLS/SSL
HTTPS protocol is selected by the https:// URL prefix
Browser connects to the HTTPS default port (port 443) Initial SSL handshake
- negotiate protocol versions
- negotiate common cipher
- authentication
- generate temporary symmetric session keys
Beat Signer - Department of Computer Science - [email protected] 23December 23, 2016
Email Security
Emails are generally sent as unencrypted plain text
An email is stored on multiple intermediary servers
before reaching its target relatively easy to intercept
would you also put anything you write in an email on a postcard?
Note that the sender of an email can easily be faked
If we want to fix these problems we have to use third-
party tools such as Pretty Good Privacy (PGP) privacy
- strong encryption
authentication
- digital signatures
Beat Signer - Department of Computer Science - [email protected] 24December 23, 2016
Email SPAM
Abuse of an electronic messaging
system (email) to deliver unwanted messages
A major part of all SPAM is sent by only a few hundred
spammers
It is estimated that SPAM costs businesses more than
100 billion dollars per year
SPAM is illegal in many countries and some spammers
have already been sentenced to jail
"Solutions" SPAM filters
micropayments for emails
Beat Signer - Department of Computer Science - [email protected] 25December 23, 2016
Email SPAM ...
Phishing attacks send emails that look like coming from an official authority
and contain a request for sensitive data (e.g. password)
send emails with links to websites that look like official companies (e.g. your homebank)
Spammers often use botnets to send their SPAM
Beat Signer - Department of Computer Science - [email protected] 26December 23, 2016
Botnets
Computers infected by malicious software become part
of a large botnet that can be remotely controlled the largest botnets contain more than 1 million machines
An attacker can buy part of such a botnet to perform
various harmful tasks including the distribution of SPAM
distributed denial of service attacks (DDOS)
Distributed denial of service attacks are a very powerful
weapon as it has for example been shown when Estonia
was attacked in May 2007 cannot easily be detected and filtered by firewalls since the traffic
is created by many different machines
Beat Signer - Department of Computer Science - [email protected] 27December 23, 2016
Firewalls
Software and hardware firewalls introduce artifical
"bottlenecks" that have to be passed by all the traffic block specific ports
filter and block content
protect private intranets from incoming Internet traffic
- often only a subnetwork (demilitarised zone) is connected to the Internet
Internet
Client Server
Firewall
Beat Signer - Department of Computer Science - [email protected] 28December 23, 2016
Privacy
While users access information over the Internet,
there is a continuous logging of their requests
Each server stores information about clients who
accessed specific resources
Data mining techniques can be used to combine this
logging information and create user profiles can for example be used for user-targeted advertising
Users also "deliberately" publish personal information e.g. on Facebook
Published information often cannot be easily deleted e.g. still accessible via Internet Archive (http://www.archive.org)
Beat Signer - Department of Computer Science - [email protected] 29December 23, 2016
Web Log
Log entry created every time a web server is accessed
A log entry typically contains information about IP address of the requesting machine
accessed URL
request time
refer link (previous page accessed by the client)
- sent as part of the HTTP Request
browser type
errors that occured
...
Beat Signer - Department of Computer Science - [email protected] 30December 23, 2016
Web Log
Web logs can be combined with other information e.g. login information can be used to reveal a user's identity
Refer link enables access to potentially private information
e.g. if previous request was an HTML form request using the GETmethod then all the data will be available as part of the URL
XXX.XXX.XXX.193 - - [02/Dec/2009:05:50:40 +0100] "GET /knives-shun-c-81_114-l-en.html?gclid=CLOFucf5tp4CFc5L5Qod8jQzpA HTTP/1.1" 200 65478 "http://guelph.kijiji.ca/f-Shun-Classifieds-W0QQKeywordZShunQQisSearchFormZtrue" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-GB; rv:1.9.0.15) Gecko/2009101601 Firefox/3.0.15"XXX.XXX.XXX.116 - - [02/Dec/2009:05:50:42 +0100] "GET /images/Jamie%20Oliver/flavourShakerSchwarz.jpg HTTP/1.1" 200 3594 "http://www.tenera.ch/kenwood-pasta-roller-at970a-for-lasagne-base-unit-p-1314-l-en.html" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; GTB5; .NET CLR 1.1.4322; MS-RTC LM 8; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)"XXX.XXX.XXX.139 - - [02/Dec/2009:05:52:19 +0100] "GET /stylesheet.css HTTP/1.1" 200 10185 "http://www.tenera.ch/kai-seki-magoroku-redwood-nakirimesser-165-cm-p-1433-l-de.html" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) )"XXX.XXX.XXX.139 - - [02/Dec/2009:05:52:19 +0100] "GET /kai-seki-magoroku-redwood-nakirimesser-165-cm-p-1433-l-de.html HTTP/1.1" 200 60636 "http://www.google.ch/search?hl=de&source=hp&q=seki+magoroku&meta=&aq=0&oq=seki+ma" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) )"XXX.XXX.XXX.139 - - [02/Dec/2009:05:52:21 +0100] "GET /images/pixel_trans.gif HTTP/1.1" 200 43 "http://www.tenera.ch/kai-seki-magoroku-redwood-nakirimesser-165-cm-p-1433-l-de.html" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1) )"...
web log with refer links
Beat Signer - Department of Computer Science - [email protected] 31December 23, 2016
Web Log File Analysis
Site owner can use
various tools to analyse
the log files e.g. Webalizer
How much information do
we give away when
accessing a website?
What is happening with the logged data? combined with other information to reveal IP addresses?
combined with log files from other sites?
- user profiling
intended use of data should be mentioned in the privacy policy
Beat Signer - Department of Computer Science - [email protected] 32December 23, 2016
Cookies Revisited
Persistent cookies can be used to track a
user over time similar to IP address but more precise
Third-party cookies can be used to build an anonymous
user profile if a website contains elements that have to be accessed from
another server (e.g. banner ads), then the server can set a cookie
- the third-party server creates a unique resource URL for every page on which
the resource has been embedded
- the user can be tracked on any site that uses the same service (e.g. banner
ads) and an anonymous user profile can be created
Cookies should not be used for authentication can be modified by a user to forge identity (cookie poisoning)
Beat Signer - Department of Computer Science - [email protected] 33December 23, 2016
Web Bugs
User tracking based on the same idea as
with third-party cookies
Embed a small object (e.g. 1 pixel image) in a webpage
and get informed every time the webpage is accessed request containing the IP address is sent to the server
The web bugs approach cannot only be used for
webpages but also for other resources such as email,
Word documents etc. if the user reads an email containing an embedded HTML web
bug, the server knows when the email has been read but also gets information about the IP address of the mail client
Beat Signer - Department of Computer Science - [email protected] 34December 23, 2016
Other Services with Privacy Issues
Google Earth shows a lot of sensitive information e.g. military bases etc.
Google Street View shows not only streets and buildings
but also citizens privacy of individuals might be violated since they are shown at
strange places or in weird situations
since the blurring of faces and number plates does not always work, some countries would like to stop the service
Many other free services from Google as well as other
companies harvest personal information and use it, for
example, for customer-targeted advertising
Beat Signer - Department of Computer Science - [email protected] 35December 23, 2016
Video: Google Analytics
Beat Signer - Department of Computer Science - [email protected] 36December 23, 2016
Google Analytics
Very nice tool for web administrators to analyse their
web traffic easy to "install" over the Web
website administrators have to add a piece of JavaScript code to their website
- similar to web bug approach shown earlier
Google gets information about site visitors
While a user can normally choose to use a free service
(e.g. Gmail) or not, the user has no choice when it
comes to the tracking via Google Analytics
How save is the captured data? what if somebody manages to steal the data?
Beat Signer - Department of Computer Science - [email protected] 37December 23, 2016
Course Summary
1. Introduction history of the Web
- Memex, Xanadu and various hypertext systems
ARPANET and TCP/IP
World Wide Web
2. Web Architectures HTTP protocol and session management
client-server architectures, proxies, tunnels and gateways
caching
client-side processing
- JavaScript, Java Applets, ...
server-side processing
- CGI, Java Servlets, JavaServer Pages (JSP), ...
Beat Signer - Department of Computer Science - [email protected] 38December 23, 2016
Course Summary …
3. HTML5 and the Open Web Platform history of HTML
HTML5 principles and markup
HTML5 APIs
- e.g. WebSockets, Geolocation, Drag and Drop, …
JavaScript Object Notation (JSON)
4. Web Application Frameworks Model-View-Controller (MVC)
Apache Struts 2
Apache Flex, CakePHP, Ruby on Rails, ...
web content management systems
Beat Signer - Department of Computer Science - [email protected] 39December 23, 2016
Course Summary …
5. CSS3 and Responsive Web Design CSS syntax and selectors
CSS inclusion and cascading
box model and layouting
responsive web design
- media queries, breakpoints, …
6. JavaScript and jQuery basic JavaScript concepts
JavaScript best practises
jQuery syntax and event handling
Beat Signer - Department of Computer Science - [email protected] 40December 23, 2016
Course Summary …
7. XML and Related Technologies SAX (Simple API for XML) and DOM (Document Object Model)
XSL (XSLT)
XPath, XPointer and XLink
Document Type Definition (DTD) and XML Schema
XML-RPC, VoiceXML etc.
8. Web 2.0 Patterns and Technologies main concepts and interactions
various Web 2.0 applications and social implications
asynchronous partial updates and RIAs
- AJAX and JSON-RPC
service-oriented architectures (SOAs)
- Big Web Services and RESTful Web Services
Beat Signer - Department of Computer Science - [email protected] 41December 23, 2016
Course Summary …
9. Semantic Web semantic web stack
- RDF and RDFS, OWL, SPARQL, ...
semantic web applications
(X)HTML extensions and HTML5 Microdata
- Microformats, RDFa
10.Web Search and SEO information retrieval concepts
web search engine architectures
Google PageRank algorithm
search engine optimisations (SEO)
- e.g. white and black hat optimisations
Beat Signer - Department of Computer Science - [email protected] 42December 23, 2016
Course Summary …
11.Security, Privacy and Trust HTTP Authentication
- basic authentication, digest authentication and base64 encoding
symmetric key and public key cryptography
- RSA cipher
digital signatures and digital certificates
TLS/SSL and HTTP Secure (HTTPS)
privacy issues
Beat Signer - Department of Computer Science - [email protected] 43December 23, 2016
Exam
Exams on January 26 and February 1, 2017
Each student will be assigned an examination slot
of 20 minutes 5 minutes for questions about the assignment (6 ECTS)
15 minutes oral exam about different topics that have been covered in the course
- note that there will be no specific preparation time
Overall grade = oral exam (60%) + assigment (40%) students have some flexibility in distributing the grades for the
assignment (±2 points)
Students following the 3 ECTS programme will only have
an oral exam (100%) and no assigment
Beat Signer - Department of Computer Science - [email protected] 44December 23, 2016
Exam …
You will have to register for a specific examination via
PointCarré (deadline December 23, 2016)
Submission of the assignment via PointCarré (dropbox) deadline: December 23, 24:00 (UTC)
You can bring the copies of your solutions for the
exercises with you as they might be used as a basis for
discussion during the oral exam
The exam will cover all the content presented in the
lectures as well as any additional information from the
exercise sessions includes the videos shown in some of the lectures
Beat Signer - Department of Computer Science - [email protected] 45December 23, 2016
Exam …
Remember to read the following paper as it forms part of
the course material Vannevar Bush, As We May Think, Atlanic Monthly, July 1945
Make sure that you can sketch basic architectures of
web information systems possible roles of different technologies
know how the things presented in different lectures fit together
- e.g. security applied to varying architectures
- e.g. web search for RIAs
- …
Make sure that you understand the basic concepts however, we might ask questions at any level of detail to evaluate
your knowledge
Beat Signer - Department of Computer Science - [email protected] 46December 23, 2016
References
David Gourley et al., HTTP: The Definitive
Guide, O'Reilly Media, September 2002
Google Analytics Video http://www.youtube.com/watch?v=rHeKRvo6OhI
R.L. Rivest, A. Shamir and L. Adleman, A Method for
Obtaining Digital Signatures and Public-Key
Cryptosystems Authentication, Communications of the
ACM, February 1978
2 December 2005
The End
Good Luck with the Exam!