HTTPS One-way bidirectional authentication Instructions _ digital certificate, digital signature, SSL (TLS), SASL

Turn from: HTTPS Unidirectional authentication Instructions _ digital certificate, digital signature, SSL (TLS), SASL

Because TLS + SASL is used in the project to do the security authentication layer. So read some online information, here to do a summary.

1. First recommend several articles:

Digital certificate: http://www.cnblogs.com/hyddd/archive/2009/01/07/1371292.html

Digital certificates and ssl:http://www.2cto.com/article/201203/121534.html

Digital Signature: http://www.ruanyifeng.com/blog/2011/08/what_is_a_digital_signature.html

2. Digital certificates

2.1 Introduction to digital certificates and CAS

A digital certificate is an authoritative electronic document. It provides a way to verify your identity on the internet, which acts like a driver's license or an identity card in everyday life. It is issued by a central authority----CA Certificate Authority (Certificate Authority), where people can use it to identify each other in Internet interactions. Of course, in the process of digital certificate certification, certificate Certification center (CA) as an authoritative, impartial, reliable third party, its role is crucial.

CA Certification Center is responsible for issuing , management , certification of digital certificates, is based on the Internet platform to establish a fair, authoritative, reliable third-party organizations.

There are many CA certification centers worldwide, the root CA certification Center represents authority, it can assign digital certificates (including subordinate CA digital certificate, user digital certificate).

Diagram of CA Certification Center:

2.2 Composition of digital certificates

The digital certificate is distributed by the CA and contains the contents of the F certificate (some information about the certificate, including the distribution unit, the certificate owner, etc.), a cryptographic algorithm , F ' digital signature (digital signature of the CA that distributed the certificate), the owner's public key

Here's the process of creating a digital signature:

For example, a digital signature generated by a CA that distributes the certificate, first, the hash algorithm generates a digest of the contents of the certificate (f) and uses the CA's own private key for RSA encryption (or another asymmetric cryptographic algorithm a) to generate a digital signature (f ').

2.3 How digital certificates are validated

The digital certificate verifies the authenticity and validity of the certificate by means of F, A, F ' three.

First we need to know the following features:

1. digital certificate mechanism by default, the owner's private key is secure

2. The public key of the root CA is considered legitimate by default and is known to most browsers, even inline. For example, the public key of a known root CA is embedded in the certificate manager of Firefox.

the process of validating a digital certificate that includes verifying the true validity of a ' certificate ' and ' holder ': (*******)

1. Use the public key of the CA that distributes the certificate (which can be requested by the CA) to get H1 (hash value) for F ' decryption

2. hash algorithm for certificate content F gets H2

3. If H1 = = h2, then the certificate is true and valid.

4. When a certificate proves to be true and valid, then we can assume that the public key contained in the digital certificate is the true public key of the person (the user or institution that requested the certificate).

(From this point we can know, in fact, the digital certificate is to ensure the correctness of the public key generated)

5. Use this public key to encrypt a piece of information sent to the holder of the certificate, if the holder can send back (can be encrypted by the private key, or it can be plaintext, no relationship) is encrypted this information is proof that the holder owns the certificate corresponding to the private key, that is, the holder is the owner of the certificate.

The above process (the first 3 steps) can be explained by:

Because a digital certificate is based on the upper level of the digital certificate for verification, the upper level of the digital certificate is legitimate?? This will appear to have been recursive to the phenomenon, the fact is that, to verify that a certificate is legitimate, you need to verify that the root of his top-level certificate is legal! The picture from the other articles is a good expression of the idea:

2.4 Digital Certificate Composition Information

1.Certificate (certificate):

(1). Common Name (certificate owner name, referred to as CN, is actually the name of the certificate, as seen in the first Picture: Aba.ecomroot ...)

(2). Version (now generally V3)

(3). Issuer (issuing authority)

(4). Validity (Effective date)

(5). Subject (certificate information, you will find it and issuer inside the content is the same)

(6). Subject's public key Info (certificate owner key, that's what the public key just said!)

(7). Extension (Extended information)

(8). Certificate Signature algorithm (public key encryption algorithm),

These are the above mentioned certificate content (F).

2.Certificate Signature algorithm:

This is the encryption algorithm describing the certificate, that is, the encryption Algorithm (A), see its Fireld Value, generally write: PKCS #1 SHA-1 with RSA encryption

3.Certificate Signature Value:

This record is the result of the certificate being encrypted, equivalent to the above-mentioned F '.

3. SSL (TLS)-Transport Layer Security protocol

Through the second section of the digital certificate description, I believe you can generally know the role of digital certificates (to ensure that the public key does belong to the certificate owner) and the process of validation.

Then you can see how SSL works with digital certificates:

3.1 Why SSL is introduced

We know that traditional cryptography has 2 types, one is symmetric encryption (for example, DES) and the other is asymmetric (for example, RSA).

The concept of private key and public key in asymmetric encryption is very suitable for verifying the authenticity and uniqueness of a particular object. However, the asymmetric encryption algorithm is complex, slow and consumes resources, so it is not suitable for the encryption of large data volume.

symmetric encryption because the two ends with a set of passwords, encryption and decryption algorithm is relatively simple, suitable for large data volume encryption.

The SSL full name is the Secure Sockets layer, which is a protocol between the transport layer (such as TCP/IP) and the application layer (such as HTTP). It addresses the issue of transport security through "handshake protocol" and "Transport Protocol".

The handshake protocol is based on asymmetric encryption, and the transport protocol is based on symmetric encryption. Depending on the application, the SSL requirements for the certificate are not the same, can be one-sided authentication (such as HTTP, FTP), can also be both authentication (such as online banking). Typically, the server-side certificate must be available, and the client's certificate is not required.

3.2 Handshake and transfer of SSL

The following two images show the SSL handshake process .

Figure 3.2.1 SSL handshake, unilateral server authentication

Figure 3.2.2 SSL handshake, mutual authentication

transfer Process : After the communication parties negotiate a symmetric key, they use this key to encrypt the transmitted data. A timestamp is generated for each message and a message authentication code (MAC) is generated with this key for the message and the corresponding timestamp. That is, each time the content is sent includes
Encrypt (message) + MAC (message + timestamp)

There are several benefits to doing so:
1. Preventing tampering with messages
The so-called message tampering is a third party in the communication between the two parties, tampering with the message. Because the message is encrypted, the third party cannot get the content of the message, but he can make a blind change with his eyes closed. Without a Mac, the recipient cannot tell if the message has been tampered with.
2. Prevent message Replay
The replay of a message is only a third party that records the messages sent by both sides of the communication, although he cannot get the content of the message. However, it can be installed as a client or server by resending the client or server information. If a timestamp is added to the MAC, the message receiver verifies that the timestamp can block the replay attack of the message.
The basic idea of SSL is to use asymmetric encryption to establish a link (handshake phase) and to transmit the data using symmetric encryption (transmission phase). This ensures the security of key distribution and the efficiency of communication.

4. SASL-Simple authentication and security layer

SASL is a mechanism authentication mechanism used to extend the verification ability of C/s mode, the full name Simple authentication and Security Layer.

When you set up SASL, you have to decide on two things; one is the authentication mechanism used to exchange "identity information" (or "Identity certificate"), and one is the validation schema that determines the identity information store method.

The SASL authentication mechanism regulates the response process between the client and server and the encoding method of the transmitted content, and the SASL authentication architecture determines how the server itself stores the client's identity certificate and verifies the password provided by the client.

If the client can successfully authenticate, the server can determine the user's identity and determine what permissions the user has.

A more common mechanism;

4.1 Plain (more commonly used)

Plain is the simplest mechanism, but it is also the most dangerous mechanism, because the identity certificate (login name and password) is in base64 string format through the network, without any encryption protection measures. Therefore, when you use the plain mechanism, you may want to combine TLS.

4.2 Login

Login is not a formal support mechanism, but some older versions of MUA Use this mechanism, so Cyrus SASL allows you to choose whether it supports the login mechanism. If your users are still using this kind of old-fashioned MUA, you must specify the support to include login when compiling the SASL function library. Login's certificate exchange process is similar to plain.

4.3 OTP

OTP is a verification mechanism that uses a "one-time password". This mechanism does not provide any encryption protection, because it is not necessary--each password can only be used once, each time you go online, use a new password. The SMTO client must be able to generate OTP certificates.

4.4 digest-md5 (more commonly used)

With this mechanism, the client shares the same hidden password with the server, and the password is not transmitted over the network. The verification process starts with a challenge (challenge) from the server, and the client uses this challenge to calculate a response (answer) with the implicit password. Different challenge, it is impossible to calculate the same response; any party with secret password can calculate the same challenge with the same response. Therefore, the server can know whether the client has the correct password as long as the response returned by the client is the same as the response it has calculated. Because the real password does not pass through the network, therefore does not fear the network monitoring.

4.5 Kerberos

Kerberos is a network-based authentication protocol. Unless your network is already using Kerberos, you should not use the Kerberos mechanism, and if your network already has a Kerberos authentication center, SASL will be able to seamlessly integrate SMTP validation into the existing system.

4.6 Anonymous

The anonymous mechanism does not make sense for SMTP because SMTP authentication is intended to restrict the use of the forwarding service object, rather than to form open RELAY,SASL, which provides this mechanism primarily to support other protocols.
When a client links to a mail server that supports SASL, the server lists the available mechanisms for the client to select at a priority level. If the client also supports a multi-clock mechanism, the client may continue to try the second mechanism until either validation or all mechanisms fail when the first mechanism fails to validate. If both parties are unable to coordinate a common mechanism at the outset, the verification process fails.
Once the two sides agree on which mechanism to use, the verification process begins. The actual interaction process varies depending on the mechanism, but usually contains one or more response processes. The authentication protocol itself also specifies the encoding format of the answer content.

5. Summary

Digital certificate, is the Cascade certification distributed, the top level is the root CA certification Center. The fundamental role of digital certificates is to ensure the security and authenticity of all public keys. The approximate authentication process is to use the public key of the CA to solve the public key (user or institution) contained in the certificate distributed by the CA. The public key is passed to verify the authenticity of the certificate holder. (because the holder is not necessarily the certificate owner)

Through the above analysis of SSL, we can see that SSL does not prevent others to obtain the data you transmit, but because you transmit the data are encrypted, others get useless, as can protect the information security. It is also important to emphasize that SSL does not depend on TCP, it can be built on any reliable Transport layer protocol (such as TCP). This means that SSL cannot be built on top of UDP. This is obvious, if the transmission is unreliable, occasionally lost two packets or the order of the package for a change, how to ensure security?

SASL is a user authentication mechanism that you can simply assume is used to authenticate whether the user's account/password is running into the system or using the system's services. Generally longer use DIGEST-MD5, this kind of mechanism, the password can not be transmitted on the network, also do not fear the password is bugged.

HTTPS One-way bidirectional authentication Instructions _ digital certificate, digital signature, SSL (TLS), SASL