Contents
Overview 1
Lesson: Introduction to Cryptography 3
Lesson: Working with Digital Certificates 15
Lab 8.1: Obtaining a Server Certificate 35
Lesson: Using the Secure Sockets
Layer/Transport Layer Security Protocols 39
Lesson: Using Internet Protocol Security 58
Review 63
Lab 8.2: Protecting Communication
Privacy and Data Integrity 65
Course Evaluation 76
Module 8: Protecting
Communication Privacy
and Data Integrity
Information in this document, including URL and other Internet Web site references, is subject to
change without notice. Unless otherwise noted, the example companies, organizations, products,
domain names, e-mail addresses, logos, people, places, and events depicted herein are fictitious,
completing this module, students will be able to protect the portions of a Web
application that require private communications through Secure Sockets Layer
(SSL) security.
After completing this module, students will be able to:
!
Define the basic elements of cryptography.
!
Describe the purpose of digital certificates and obtain one through a
Certificate Authority (CA).
!
Validate user and Web server identity through the use of SSL/Transport
Layer Security (TLS).
!
Protect communications between Web application resources through the use
of Internet Protocol security (IPSec).
To teach this module, you need the following materials:
!
Microsoft
®
PowerPoint
®
file 2300A_08.ppt
!
Hypertext Markup Language (HTML) and Flash animation files
2300A_08_A05_1619.htm and 2300A_08_A05_1619.swf
To prepare for this module:
!
Read all of the materials for this module.
30 minutes
Required materials
Preparation tasks
iv Module 8: Protecting Communication Privacy and Data Integrity !
Read the MSDN article, “The Evolution of Security on the Web: An
Introduction to Cryptosystems on the Internet,” which is available at
!
Read the VeriSign article, “Implementing Web Site Client Authentication
Using Digital IDs,” which is available at
clientauth/kit/details.html.
!
Read the VeriSign article, “Guide to Securing Your Web Site For
Business,” which is available at
gd/secureBusiness/secureBusiness.html.
Module 8: Protecting Communication Privacy and Data Integrity v How to Teach This Module
Begin this module with a discussion of the types of attacks that are possible on
the communication link between the browser and the Web server.
Lesson: Introduction to Cryptography
It is an interesting sidebar to mention the role that cryptographic code breaking
played in World War II. “Enigma,” “Purple,” and “Magic” are the code names
of some of the more well-known cryptographic systems. You can find more
information about cryptography during wartime by searching for “cryptography
certificates, not everyone who generates certificates is a trusted CA. Trust is
based on many factors, including the length of time that the CA is in business,
the CA’s reputation, and the process that the CA uses to verify those who
request certificates.
What Is Cryptography?
How Does Symmetric
Encr
y
ption Work?
How Does Asymmetric
Encryption Work?
Exchanging and Storing
Ke
y
s
Verifying Data Integrity
with Hashes
Using Digital Signatures
Practice: Using
Cr
y
pto
g
raph
y
What Are Digital
Certificates?
Practice: Viewing Digital
Certificates
You will need to lead this practice and also get a personal certificate; make sure
to enter Research for your department, because this field will be used in the
client certificate mapping demonstration.
As the students submit their requests for personal certificates, you need to issue
the certificates. The issuing of certificates should be done with little explanation
and with the screen blanked so that the students do not get confused between
the request and issue processes.
!
To process the certificate requests with Microsoft Certificate Services
for Microsoft Windows
®
2000
1. On the Start menu, click Programs, click Administrative Tools, and then
click Certification Authority.
During setup, the instructor computer was set up with Certificate Services
and was created as a stand-alone root CA.
2. Expand the nwtraders.msft CA, and then click Pending Requests.
There will be one certificate request from each student.
3. To accept the request and issue a certificate, right-click the request, click All
Tasks, and then click Issue.
The request is moved from the Pending Requests node to the Issued
Certificates node.
Multimedia: Using
Digital Certificates
Certificate Chains and
Hierarchies
Certificate Stores
Obtaining a Personal
Certificate
3. To accept a request and issue a certificate, right-click the request, click All
Tasks, and then click Issue.
The request is moved from the Pending Requests folder to the Issued
Certificates folder.
Lesson: Using the Secure Sockets Layer/Transport Layer Security
Protocols
Students may have heard of both SSL and TLS. It is important to note that TLS
is the most recent version of the protocol and that although SSL is the more
commonly referred-to protocol, it is most likely TLS that is being used.
Mention that SSL/TLS are the protocols that enable the secure communications
that are described in the animation “Using Digital Certificates.” You might
consider showing this animation here instead of in the previous lesson.
Mention the steps that are required before SSL can be enabled in IIS. You will
demonstrate the process of enabling SSL in the demonstration that follows this
topic.
Show how SSL is enabled in IIS. Discuss the various options that are available
for client certificates.
Obtaining a Server
Certificate
Demonstration:
Obtaining a Server
Certificate
Overview of Security
Protocols
How Does SSL/TLS
Work?
Enabling SSL for an IIS
Web Application
Demonstration:
the labs.
SSL should be used only for those portions of the Web application that require
secure communications. There is a performance cost that is associated with
using SSL, and care should be taken to ensure that SSL is used only when
necessary. Discuss the guidelines for using SSL.
Run this practice as a group brainstorming session where students determine
which pages in the TailspinToys and TailspinToysAdmin Web applications
should be protected with SSL.
Lesson: Using Internet Protocol Security
Note that although IPSec is not commonly used for securing communications
between client computers and Web applications on the IIS Web server, IPSec
does have a role in protecting communications between the IIS Web server and
the other computers and resources that are on the organization’s network.
Briefly discuss the process of implementing IPSec.
Understanding how IPSec and SSL/TLS differ is important when deciding
where to apply each protocol. Discuss each difference between IPSec and
SSL/TLS.
Lab 8.2: Protecting Communication Privacy and Data Integrity
In Lab 8.2, students will turn on SSL for portions of the TailspinToys and
TailspinToysAdmin Web applications.
Verifying the
Authenticity of Client
Certificates
Instructor-Led Practice:
Verifying the
Authenticity of Client
Certificates
Using Client Certificate
Mappin
g
2300, Developing Secure Web Applications, you must do it now.
To complete this lab, students can continue working in the Tailspin Toys
Visual Studio .NET projects that they used in previous labs, or they can start
with new files.
To start with new files, students must complete the following steps.
!
Create the Web applications for the ASP exercises
1. Copy all of the contents of the ASP starter folder install_folder\Labfiles\
Lab08_2\ASP\Starter\TailspinToys to the TailspinToys IIS virtual directory
at C:\Inetpub\wwwroot\TailspinToys.
2. Copy all of the contents of the ASP starter folder install_folder\Labfiles\
Lab08_2\ASP\Starter\TailspinToysAdmin to the TailspinToys IIS virtual
directory at C:\Inetpub\wwwroot\TailspinToysAdmin.
!
Create the Web applications for the ASP.NET exercises
1. Copy all of the contents of the ASP.NET folder install_folder\Labfiles\
Lab08_2\ASPXVB\Starter\TailspinToys.NET to the TailspinToys.NET IIS
virtual directory at C:\Inetpub\wwwroot\TailspinToys.NET.
2. Copy all of the contents of the ASP.NET folder install_folder\Labfiles\
Lab08_2\ASPXVB\Starter\TailspinToysAdmin.NET to the
TailspinToysAdmin.NET IIS virtual directory at C:\Inetpub\wwwroot\
TailspinToysAdmin.NET.
3. Edit the file c:\Inetpub\wwwroot\TailspinToysAdmin.NET\Web.config and
change the <allow roles="London\TailspinAdmins"/> tag to be <allow
roles="machineName\TailspinAdmins"/>, where machineName is the name
of your computer.
x Module 8: Protecting Communication Privacy and Data Integrity
in IIS to require SSL:
• TailspinToys
• TailspinToys.NET
• TailspinToysAdmin
• TailspinToysAdmin.NET
Module 8: Protecting Communication Privacy and Data Integrity 1 Overview
!
Introduction to Cryptography
!
Working with Digital Certificates
!
Using the Secure Sockets Layer/Transport Layer
Security Protocols
!
Using Internet Protocol Security
*****************************
ILLEGAL FOR NON
-
TRAINER USE
******************************
By using Internet Information Services (IIS), you can validate user and resource
identities, as well as protect data and communications between the Web
browser and the Web server. The communication link between the browser and
the server is susceptible to a number of security-related attacks, including:
!
Introduction
Note
2 Module 8: Protecting Communication Privacy and Data Integrity After completing this module, you will be able to:
!
Define the basic elements of cryptography.
!
Describe the purpose of digital certificates and obtain one through a
Certificate Authority (CA).
!
Validate user and Web server identity through the use of Secure Sockets
Layer (SSL)/Transport Layer Security (TLS).
!
Protect communications between Web application resources through the use
of Internet Protocol security (IPSec).
Objectives
Module 8: Protecting Communication Privacy and Data Integrity 3 Lesson: Introduction to Cryptography
!
What Is Cryptography?
!
How Does Symmetric Encryption Work?
!
How Does Asymmetric Encryption Work?
!
Explain the purpose of hashing and digital signing.
Introduction
Lesson objectives
4 Module 8: Protecting Communication Privacy and Data Integrity What Is Cryptography?
!
Cryptography is the science of protecting data
" Protects a user's identity or data from being read
" Protects data from being altered
" Verifies that data originates from a particular user
!
Encryption is the process of scrambling data
!
Encryption is only as strong as the key
Data
Data
Encryption algorithm
Encryption algorithm
Key
Key
*****************************
ILLEGAL FOR NON
-
TRAINER USE
******************************
raph
y
?
What is encryption?
Module 8: Protecting Communication Privacy and Data Integrity 5 An encryption algorithm, also called a cipher, is used with secret data, which is
called a key, to encrypt data. The key prevents the message from being
decoded—even if the algorithm is publicly known.
However, if the keys are compromised, even the strongest levels of
cryptographic algorithms are worthless. For cryptography to work securely, the
generation, storage, and exchange of keys must be protected. If the keys are
exchanged in plain text, it is easy for an attacker to intercept an e-mail message
or other forms of communication to obtain the keys.
For more information about encryption algorithms, see the topic
“Supported Algorithms” in the Microsoft MSDN
®
online documentation.
How is data encrypted?
Note
6 Module 8: Protecting Communication Privacy and Data Integrity How Does Symmetric Encryption Work?
Encrypt
!
Same encryption algorithm and key are used to both
Advantages and
disadvantage of
symmetric encryption
Module 8: Protecting Communication Privacy and Data Integrity 7 How Does Asymmetric Encryption Work?
!
Each user has both a private and a public
key
!
Messages encrypted with the public key
can be decrypted only by using the
private key
!
When messages are encrypted with the
private key, anyone with a public key can
verify that the owner of the private key
sent it
!
More secure than symmetric encryption,
but not as efficient
Private
key
Public
key
User A
Private
key
Public
million keys per
second)
Time to check all
keys (at 10 billion
keys per second)
40 1,099,511,627,776 8 days 109 seconds
56 72,057,594,037,927,900 1,427 years 83 days
64 18,446,744,073,709,600,000 365,338 years 58.5 years
128 3.40282E+38 6.73931E+24 years 1.07829E+21 years
Using asymmetric encryption, users can be assured that:
!
Messages that are encrypted with the public key can be decrypted only by
using the private key.
!
When messages are encrypted with the private key, any user with a public
key can verify that only the owner of the private key could have sent the
message.
Introduction
8 Module 8: Protecting Communication Privacy and Data Integrity Asymmetric encryption provides a much higher level of security than
symmetric encryption. This higher level of security, however, comes at a
performance cost. Asymmetric encryption is not typically used to transmit large
streams of data because it is not as fast and efficient as symmetric encryption.
Advantages and
User A
User A
Private
key
Private
key
User A
User A
Public
key
Encrypt
*****************************
ILLEGAL FOR NON
-
TRAINER USE
******************************
Due to the security issues that are associated with symmetric encryption and the
performance issues that are associated with asymmetric encryption, most real-
world scenarios use a combination of these two technologies.
Asymmetric encryption is often used to transfer a session key between users,
thereby taking advantage of the stronger security that is provided by
asymmetric encryption. After the session key is transmitted between users,
symmetric encryption is then used for the remainder of the session.
The most challenging aspect of cryptography is the secure storage of private
keys.
You can store a key in a resource that can be secured through access control
lists (ACLs), such as the registry, and then you can define an ACL only on the
resource that allows your application to read it. A typical ACL contains only
Creator/Owner Full Control and Administrators Full Control.
LsaStorePrivateData and LsaRetrievePrivateData. LSA can store only a
fixed (small) number of keys, however, so this option should be used carefully.
Keys that are protected by LSA can still be viewed by administrators on the
computer by using tools such as LSADump2.exe.
Key management is one of the most challenging parts of designing a
secure system. Ultimately, the best practice is to avoid storing keys, if at all
possible. Storing keys is not covered in this course.
For more information about storing keys, see the Microsoft Press
®
book,
Writing Secure Code, by Michael Howard and David LaBlanc (Redmond:
Microsoft Press), 2001. Important
Module 8: Protecting Communication Privacy and Data Integrity 11 Verifying Data Integrity with Hashes
User A
User B
Data
Data
Hash value
Hash value
Hash value
Hash value
Hash algorithm
Hash algorithm
subsequent hash will produce a different value. It is computationally
improbable to find two distinct inputs that hash to the same value.
A hash value is derived by applying a mathematical algorithm on arbitrary-
length binary data. These mathematical algorithms are called hash functions.
The result is a fixed-length hash value, which is then associated with the
original data.
When the hash value and the original data are sent to a recipient, the recipient
can verify the validity of the data by applying the same hash algorithm to the
data and then comparing the resulting hash value to the hash value that was sent
with the data. If the hash values match, the recipient is guaranteed that the data
has not been tampered with since it was first sent.
A Web application can hash passwords and store them in a database without the
original password. When the user enters his or her password, the application
hashes it, and then compares the new hash value with what is saved in the
database to determine whether the hash values are the same, thus verifying the
password.
Introduction
What is a hash value?
Verifying the validity of
data by using hash
values
12 Module 8: Protecting Communication Privacy and Data Integrity Using Digital Signatures
User A
User B
Hash value
Hash value
If hash values
3
2
2
Private
key
User B
User B
Public
key
*****************************
ILLEGAL FOR NON
-
TRAINER USE
******************************
Digital signatures combine hash values with encryption to guarantee the
integrity of a message and to authenticate the identity of the sender.
The following steps are completed when data is signed with a digital signature:
1. A hash algorithm is applied to the data to create a hash value.
2. The hash value is encrypted with a user’s private key, thereby creating the
digital signature.
3. The digital signature and the data are sent to the recipient.
The following steps are completed when digitally signed data is decrypted:
1. The recipient decrypts the signature by using the sender’s public key and
then recovers the hash value.
If the signature can be decrypted, the recipient is assured that the data came
from the sender (or the owner of the private key).
2. The hash algorithm is applied to the data to create a second hash value.
3. The two hash values are compared.
password in a database.
The password should not be kept in clear text anywhere. Store a hash of
the password. Then, when you need to validate the password the next
time, hash what is entered and compare it with what is stored in the
database.
____________________________________________________________
____________________________________________________________
2. You compute an employee's bonus based on his or her salary and the
amount of sales that he or she has made for the last year. Then, you store the
bonus amount in a database.
Encrypt the bonus value before storing it in the database.
____________________________________________________________
____________________________________________________________
3. You want to send a file to a user and have the user be sure that the file came
from you.
Sign the file by using a digital signature before sending it.
____________________________________________________________
____________________________________________________________
Introduction
14 Module 8: Protecting Communication Privacy and Data Integrity 4. You want to send data to a user and have the user be sure that the file is
from you and has not been changed en route.
Create a hash of the file and sign the hash to send along with the file.
____________________________________________________________
____________________________________________________________
5. You want to send a broadcast message with important data.
You do not necessarily want to encrypt the message, because in this
case, the content is not a secret; however, clients still need to make sure
*****************************
ILLEGAL FOR NON
-
TRAINER USE
******************************
Digital certificates use asymmetric encryption to provide an extra layer of
security for your Web applications. In this lesson, you will learn what digital
certificates are and how they work.
After completing this lesson, you will be able to:
!
Explain the purpose of digital certificates.
!
Describe the role of a CA.
!
Define certificate chains and hierarchies.
!
Define the role of a certificate store.
!
Obtain a personal certificate.
!
Obtain a server certificate.
Introduction
Lesson ob
j
ectives
Copyright: Tài liệu đại học ©