I. Internet Security Protocol Overview 1.1 Internet Protocol System
Architecture of the TCP/IP protocol
IP datagram format and TCP/UDP message segment format
Web Technology composition: HTTP protocol, HTML markup Language.
The relative position of security mechanism in TCP/IP protocol stack: Network layer, Transport layer and application layer.
1.2 Internet Security Protocol
1. Place security on the network layer: such as the IPSec protocol, the benefits are transparent to end users and applications.
2. Place the security mechanism in the transport layer: such as the SSL protocol, the benefits are transparent to end users and applications.
3. Place security in the application layer: the benefit is that the security services associated with the application are embedded in a particular application, and security services can be established as needed.
4, the Network security protocol is the integration of various security services, through the design and programming of security protocols to achieve a higher security services, in the provision of security services at the same time to facilitate the use of users.
5, various network security protocols in the actual use, need to install related programs to set up.
Two, IP security protocol and VPN2.1 VPN concept and composition
VPN: The public open Network as a communication platform, by attaching a variety of security technologies (encryption, authentication and access control) to the relevant network level, to provide users with a network security technology similar to the performance of the private network.
Common application modes of 2.1.1 VPN
1, Intranet VPN: applicable to the same enterprise or the remote branch office LAN connection within the organization.
Features: Large data communication volume, long connection time.
2, Extranet VPN: applicable to different enterprises or organizations between the internal network connection.
Features: There is a large difference in security policy, which requires high access control.
3, remote access VPN: Remote mobile users, stand-alone access and so on.
2.1.2 VPN Features
1, data encapsulation: Through the construction of virtual private network tunnel, so that remote users can use the Internal network address and protocol to pass information.
2, Data encryption: Through the transmission of data encryption, hiding the internal network protocol, address and data.
3, message identification and identification: Provide message identification and identification.
2.1.3 Tunnel Protocol
1, Tunnel Technology: Its basic method is in the intranet and public network interface, the data will be transmitted as a load in a data format that can be transmitted on the public network, in the destination intranet and the public interface, the data package to remove the load.
2, tunnel technology is the main body of the tunnel protocol.
3, the tunnel, is essentially a kind of encapsulation, is to encapsulate one kind of protocol in another kind of protocol transmission, thus realizes the internal network protocol to the public network transparency.
4, Security Tunnel: the introduction of cryptography and identification technology in the tunnel, so that the public network with the internal network similar security.
5, the VPN uses the tunnel technology to involve three kinds of data format
(1) User packet format
(2) package format
(3) public network transmission format
6, three data format corresponding to the format of the data
(1) Passenger agreement: The protocol used by the intranet is called the passenger agreement in the VPN.
(2) Tunneling Protocol: The encapsulation protocol used to encapsulate the passenger agreement is called the Tunneling Protocol.
(3) Transmission protocol: In the VPN, the intranet data is used as the transmission carrier of the public network, so the user packet must be encapsulated in the transmission format of the public network after being encapsulated by the tunnel protocol. The protocol used by the public network is the transport protocol.
The IP protocol is currently the most common transport protocol. The IP protocol has the features of powerful router, which can run on different transmission mind, wide application surface and so on.
2.2 IPSec Overview
1, Internet interconnection, IP layer is suitable for setting security mechanism. Security mechanisms implemented at the IP layer are also known as IPSec.
2, the security of the IP layer contains three functional domains: authentication, confidentiality and key management.
(1) Identification: Provide message source identification and integrity identification.
(2) Confidentiality: Message encryption prevents third-party eavesdropping of messages.
(3) Key management: Handle the secure exchange of keys.
3. The IPSec protocol runs on a network device connected to an external network, such as a router or firewall.
4. IPSec network devices will generally encrypt and compress all traffic entering the WAN, and decrypt and decompress all traffic from the WAN. These operations are transparent to workstations and servers on the LAN.
5. IPSec Advantages:
(1) When IPSec is implemented in a firewall or router, IPSec can provide security against all traffic across the boundary. At the same time, it does not cause safety-related handling loads internally.
(2) IPSec inside the firewall can resist bypass, if all traffic coming in from the outside must use IP, and the firewall is the only entry from the Internet into the interior.
(3) IPSec is below the Transport layer (TCP,UDP), so it is transparent to the application.
(4) IPSec is transparent to the end user, there is no need to conduct security training for users, to assign a key to each user, or to remove the key when the user leaves the organization.
6. Security services provided by IPSec
(1) No connection integrity and access control.
(2) Identification of the data source.
(3) The group that rejects the replay.
(4) confidentiality (encryption).
(5) Limited amount of traffic confidentiality.
7. IPSec uses two protocols to provide the above security services: The first Authentication Protocol (AH) and the Encapsulated Security Payload Protocol (ESP).
First authentication protocol (AH): Provides authentication services for IP datagrams.
encapsulated Security Payload Protocol (ESP): Provides authentication and confidentiality services to IP datagrams. The protocol is an encryption/authentication hybrid protocol.
Ah and ESP can be used alone or in combination.
2.3 IPSec Protocol 2.3.1 Security Association SA
1. Security association is a one-way relationship between sender and pick-up party. Typically related to one or a set of network connections, providing security services for the hosted network traffic.
2. If a peer relationship is needed for a two-way secure exchange, there will be two security associations. An SA can be used for AH or ESP, but not both.
3. Each security association can be represented as a ternary group:
(1) Security parameter Index (SPI): SPI is a 32-bit value that distinguishes between different security associations for the same destination and protocol. The SPI appears in the header of AH and ESP, and the receiver determines the SA to be based on the SPI in the header.
(2) IP Destination Address (IPDA): Only unicast addresses are currently allowed; This is the address of the SA's destination endpoint, which may be an end-user system or a network system, such as a firewall or router.
(3) Security protocol Identification (SPR): Indicates that this association is a security association of an AH or esp.
2.3.2 Security Association Database
1. Security Policy Database (SPD): Defines the processing policy for IP traffic from the host or security gateway access points. The SPD contains a list of policies, each of which indicates how to handle the flow of information that matches the policy, and IPSec defines three processing methods: Bypass, discard, or IPSec security processing.
2. Security association Database (SAD): Contains various security parameters related to SA. Each SA has a corresponding table entry in the sad.
The main fields involved in the sad table entry are:
(1) Ordinal counter: The 32-bit value used to generate the ordinal field in the AH or ESP header.
(2) Serial number counter overflow: A token that indicates whether an overflow of an ordinal counter is an auditable event, and disables the continuation of the transport grouping on the SA.
(3) Anti-replay window: A 32-bit counter, used to determine whether the incoming AH or ESP packet is replayed.
(4) AH information: Ah uses the identification algorithm, key and other information.
(5) ESP encryption information: ESP encryption algorithm, key, initial vector mode, initial vector and other information.
(6) ESP identification information: ESP used by the identification algorithm, key and so on.
(7) SA lifetime: A period in which the SA must be terminated or replaced by a new SA after the time period expires.
(8) IPSec protocol mode: an AH or ESP mode that indicates traffic on the SA. Both AH and ESP have tunnel mode and transport mode.
(9) Path MTU: The maximum length of a packet that can be transmitted without fragmentation.
2.3.3 SA Selector
1. For each packet sent from the device providing the IPSec service, the device examines the corresponding field in the packet and the SPD lookup based on the selector, thereby determining the security association and then completing the corresponding IPSec processing based on the security association.
2, the selector is used to filter traffic flow, the purpose is to map the output of traffic to a specific security association.
3. Parameters that can be used by selectors: IP address, port number, protocol, etc.
4, the relationship between the SA selector, SPD, sad:
5. IPSec Workflow
(1) The user on host a sends a message to the user on Host B.
(2) The IPSec driver on host a checks the SA selector to see if the packet needs to be protected and what protection is required.
(3) The IPSec driver notifies IKE to begin security negotiation.
(4) Ike on Host B receives a request for security negotiation notification.
(5) Two hosts establish the first phase SA, each generating a shared master key. If the first phase SA has been established, it goes directly to the second phase of the SA negotiation.
(6) Negotiate the establishment of the second phase SA pair: Inbound sa and outbound SA.
(7) The IPSec driver on host a uses the outbound SA to securely handle the packets.
(8) The IPSec driver forwards the processed packet to the IP layer, and the packet is sent by the IP layer to host B.
2.3.4 Identify the first AH
1. Function: AH is used to provide non-connection integrity and data source authentication for IP datagram, and provide anti-replay protection. But it cannot prevent eavesdropping and is only suitable for transmitting unclassified data.
2, working principle: In each IP packet to add a identification header. This header contains a hash value with a key, and the hash value is calculated based on the entire packet, and any changes to the data will invalidate the hash value-integrity protection. Identification features enable the end system to identify the identity of the user or application.
3. AH header format
(1) Next header: 8 bits, which identifies the next payload after the AH header, with the value of the IP protocol number.
(2) Payload Length (Payload length): 8-bit, in 32-bit word, AH header to identify the length of the data.
(3) reserved (Reserved): 16 bits. Must be 0 for future use.
(4) Security parameter Index (SPI): 32-bit, used to identify a security association.
(5) Serial numbers (Sequence number): 32 bits, uniquely identifying each packet packet, providing anti-replay protection for the security association.
(6) Identification Data (authentication): variable length, but is the integer number of word lengths, when insufficient can be achieved by filling. The authentication data contains the integrity checksum value ICV.
Third, web security Protocol 3.1 Web security protocol overview
1. There are two protocols currently used to protect Web page transport security: HTTPS and S-http
(1) HTTPS: Indicates "hypertext Transfer Protocol over Secure Socket Layer". HTTPS is not a separate protocol, but a combination of the HTTP protocol and the SSL/TLS protocol. When you use HTTPS to access a page, the port number is 443.
(2) S-http: means "Secure hypertext Transfer Protocol". The S-http is an independent, secure Hypertext Transfer Protocol that can coexist with HTTP and is compatible with each other. Secure page transfer is only possible when both parties have negotiated to use s-http. Due to the advent of HTTPS, S-http has been largely unused.
2, SSL/TLS Secure Sockets Layer protocol: Work between the transport layer and the application layer, can provide security services for various application layer protocols.
3. SSL (Secure Socket Layer) is an Internet protocol that is used to secure the transport. The protocol enables the confidentiality of files to be transmitted over the Internet by establishing a secure channel between two entities (clients and servers).
3.2 SSL protocol concept and structure
1. SSL protocol concept and structure
2, SSL Handshake Protocol: The server side and the client before beginning to transfer data, mutual identification and exchange of necessary information to establish a secure session state.
3. SSL Record Protocol: Provides basic security services for different high-level protocols, especially Hypertext Transfer Protocol. The SSL logging protocol is built on a reliable transport protocol that is used to securely encapsulate high-level protocols.
4, modify the Redaction protocol: Modify the session ciphertext family.
5, Alarm protocol: The SSL alarm to send the other entity. The alarm level is not warning and fatal, and is used to describe the severity level of the event. If it is fatal, SSL terminates the connection immediately.
6. SSL session: The SSL session is the association between the client and the server, and the session is created by the handshake protocol. A session defines a collection of cryptographic security parameters that can be shared by multiple connections. Sessions can be used to avoid the negotiation of new security parameters for each connection.
7, SLL Connection: equivalent to the network connection, only increased security protection. For SSL, each connection is associated with a session.
8. Some parameters of Session state:
(1) session identifier: Any sequence of bytes selected by the server to identify the active or recoverable session state.
(2) The other party's certificate: The other's X509.v3 certificate. This element of the state can be empty.
(3) Compression method: The algorithm used to compress the data before encryption.
(4) Ciphertext specification: Specifies a large data encryption algorithm for Mac computing hash algorithm, it also defines the encryption properties.
(5) Master key: 48 bytes Shared key between client/server.
(6) Reusable No: A flag that indicates whether the session can be used to initialize a new connection.
9, the connection status of some parameters:
(1) Server and client random number: A sequence of bytes selected by the server and the customer for each connection.
(2) Mac key: The key to Mac operation for sending data.
(3) Write key: The regular encryption key that encrypts and decrypts the data.
(4) Initialization vectors: The initialization vectors maintained for each key when grouping encryption using CBC mode.
(5) Serial number: Each party maintains a separate serial number for each connected transmission and receiving message.
10. The relationship between the session master key and the key used in the connection:
(1) There is a session master key to generate encryption parameters for various connections.
(2) The client writes the MAC key, the server writes the MAC key, the client writes the key, the server writes the key, the customer writes IV, and the server writes IV.
3.3 SSL Logging Protocol
1. SSL logging protocol provides two kinds of services for SSL connection:
(1) Confidentiality: The handshake Protocol defines the shared session key, which is generated by the key that is used for regular encryption of the SSL payload. The logging protocol uses this key for encryption and decryption.
(2) Message integrity: The message Identification Code (MAC) key is generated using session key to identify the message.
2, the operation of the SSL recording protocol:
(1) The recording protocol receives the application message to be transmitted, shards the data, optionally compresses the data, applies the Mac, encrypts, increments the header, and then transmits the result unit in the TCP message segment.
(2) The received data is decrypted, verified, decompressed and reassembled, and then delivered to the high-level user.
3, SSL record protocol beginning text format
(1) Content type (8bit): Indicates the type of high-level protocol being carried (e.g., redaction, alarm, handshake, and application data).
(2) Major version (8bit): Indicates the major version using SSL. For SSLv3, the field is 0.
(3) compression length (16bit): The length of the plaintext data slice in bytes (if compression is the length of the compressed data slice).
3.4 SSL Handshake Protocol
1, the role of handshake protocol: enable the server and customers to identify each other's identity, negotiate encryption and MAC algorithm and encryption key. That is to establish a session between the exchange entities or to change the state of the session.
2. The Handshake Protocol message consists of three fields:
(1) Type field: Used to describe the type of message, the common types in the Handshake protocol message are described below.
(2) Length field: Indicates the length of the message in bytes.
(3) Newspaper style: The parameters used to carry different types of messages.
Iv. Secure Electronic Trading protocol set
The set protocol provides three types of services:
(1) Provide a secure communication channel between the parties involved in the transaction.
(2) Use X.509v3 digital certificate for identity identification.
(3) To ensure confidentiality, information is only necessary in the time, the necessary local dishes are available to the trading parties.
4.1 Set Protocol Overview
1, the characteristics of the SET protocol:
(1) Information confidentiality: The card user's account and payment information in the online transmission is always encrypted, set to prevent businessmen to get card user's credit card number, the value of this information is useful to the issuing bank.
(2) Data integrity: Payment information sent to merchants by card users includes ordering information, personal data, and payment prompts. The set protocol guarantees that the contents of this information are not modified at the time of transmission.
(3) card user account identification: Set protocol allows businessmen to verify whether the card user is a valid card account legitimate users.
(4) Identification of the merchant: set allows the card user to verify the relationship between the merchant and the financial institution and whether the merchant is allowed to accept payment of the credit card.
(5) Interoperability: This specification can be applied on different hardware and software platforms. Whether it is a cardholder or a merchant, as long as its set software complies with the standards and is compatible with the old can be secured transactions.
(6) Unlike IPSec and SSL/TLS, set provides only one choice for each cryptographic algorithm. This is because set is a single application that meets a single set of requirements, and IPSec and SSL/TLS are to support a range of applications.
2, set required sequence of events:
(1) Customer account opening. Consumers receive credit card accounts from banks that support e-payments and set-up.
(2) The consumer obtains the certificate. After proper authentication, the consumer receives a X.509v3 digital certificate that contains a summary of the account information. The certificate binds the consumer's key pair to the credit card (via the Extended field of the certificate).
(3) The merchant obtains the certificate. Merchants who accept a particular credit card must obtain two X.509v3 certificates: one for message signing and one for key exchange. The merchant also needs to pay the gateway's certificate.
(4) The consumer proposes an order. Consumers select items and determine prices by browsing the merchant's website. Then, the list of items to be purchased is sent to the merchant, and the merchant returns a table containing the list of items, price, total price, and order number.
(5) The merchant is verified. In addition to ordering forms, merchants also send their own certificates. Consumers can verify the legitimacy of the merchant.
(6) Send subscription and payment information. Consumers send orders, payment information, and certificates together to the merchant, order confirmation of the purchase of items in the order form, payment includes credit card details, payment information is encrypted so that the merchant cannot read, and the consumer's certificate enables the merchant to identify the consumer.
(7) Merchants request payment approval. The merchant sends the payment information to the payment gateway, requesting that the approved consumer's deposit is sufficient to cover the purchase.
(8) The merchant confirms the order. The merchant sends a confirmation of the order to the consumer.
(9) The merchant provides goods or services. The merchant delivers the goods to the consumer or serves the consumer.
(10) Merchant request payment. This request is sent to the payment gateway, which handles all payment details.
4.2 Bidirectional signature
1. The purpose of two-way signature: Connect two messages sent to different receivers.
2, two-way signature construction process: The consumer obtains PI's hash code and the OI's hash code, the two hash codes together, then obtains the stitching result the hash code. A two-way signature is created after the last hash code is signed with its private key. namely: ds= e SKc [H (PI) | | H (OI))]
3, two-way signature verification process:
(1) Merchant authentication Bi-directional signature: Suppose the merchant obtains the two-way signature (DS), Oi and Pi Digest (PIMD), and the public key obtained from the consumer certificate. The merchant can then calculate these two values: H (pimd| | H (OI)), D PKc [DS], if two values are equal, the merchant verifies the signature.
(2) Bank verification Two-way signature: If the bank obtains the DS, Pi and Oi's Digest to (OIMD) and the consumer's public key, then the bank can calculate the following value: H (pi) | | OIMD), D PKc [DS], if two values are equal, the bank validates the signature.
4.3 Transaction processing 4.3.1 purchase Request
The purchase request phase involves exchanging four messages: initiating a request, initiating a response, purchasing a request, and purchasing a response.
1. Initiating Request message: (card user → Merchant)
Purpose: Request a certificate from the merchant and the payment Gateway (identification).
Clear text transmission.
Message main content: {request/Response to ID, current C, credit card trademark, Issuer line identification}
2. Initiating response message: (merchant → card user)
The merchant generates a response and signs it with its own private key.
Message main content: {request/Response to ID, current C, current m, transaction ID, merchant certificate, payment gateway certificate}
3. Purchase Request: (card user → Merchant)
After receiving the response message, the card user first verifies the legality of the message, and then validates the merchant certificate and the payment gateway certificate through the corresponding CA signature.
Create Oi and pi (the merchant-assigned transaction ID is placed in Oi and pi). Next, the card user prepares to purchase the request message. For this purpose, the card user generates a one-time symmetric encryption key KS 。
4. Purchase response: (merchant → card user)
When the merchant receives the purchase request message, the following processing is done:
Verify the certificate of the card user.
Use the public key in the consumer certificate to verify the two-way signature.
Process the ordering information and transfer the payment information to the payment gateway.
Wait for confirmation from the payment gateway, and then send the purchase response message to the card user.
4.3.2 Payment Recognition
1. Approval Request: (merchant → payment gateway)
The merchant sends an acknowledgement request message to the payment gateway, which consists of the following parts:
Information related to purchase: (from the consumer)
PI: Payment information.
Bidirectional signature DS: signed with the consumer's private key.
Oi Newspaper Digest to (OIMD)
Digital Envelopes: Encapsulates session keys.
2. Acceptable response: (payment gateway → Merchant)
After the payment gateway receives the merchant approval request, the following work is done:
Verify all the certificates.
Decrypt the merchant digital envelope, and then decrypt the approved data block and verify the signature of the merchant in the approved data block.
Decrypt the card user digital envelope, then decrypt the payment data block and verify the two-way signature of the payment data block.
Verify that the Merchant transaction ID matches the transaction ID in the consumer pi.
Request and receive an endorsement from the issuing bank.
4.3.3 Payment Acquisition
1. Get request: (merchant → payment gateway)
The merchant generates, signs, and encrypts the request data block, which includes the number of payments and the transaction ID.
The message also includes previously received cryptographic acquisition token (in an approved response) about the transaction.
Merchant Certificate.
2. Get Response: (payment gateway → Merchant)
After the payment gateway receives the request message, the following processing is done:
Decrypts and validates the fetch request data block.
Decrypts and validates the fetch token block.
Check the GET request and get token consistency.
Create a liquidation request and send it to the issuing bank via a private payment network, which causes the funds to be transferred to the merchant's account.
3. Message interaction of Set protocol
Information security technology and application Internet Security protocol