Web Security

Web Security Considerations

Q1 . What is Web security ? Explain its need and requirements.
• The www is generally a client/server application running over an
internet.
o Internet involves two way communication. It has application
like voice response, fax-back etc. Web is vulnerable to attack
over Internet.
o The WEB is very highly visible outlet for corporate and product
information and as a platform for business transactions.
Repudations can damaged and money can be lost if the web
servers are subverted (destroy completely).
 Web Security
o Web browsers are easy to use, Web servers are easy to configure and
manage, also contents are easy to develop, but the underlying S/W are
very complex.

--- This complex S/W may hide many potential security flaws.
o Web server can be easily exploited in corporation’s or agencies. Once
the Server is subverted, an attacker can gain access to data and systems
which are not part of Web but connected to server at local level.
o Casual and untrained users are common clients for Web-based services.

--- Such users are not aware of security risks and not have tools or
knowledge to take counter-measures.
Q2. List different types of threats faced in using Web.
Q3. Explain traffic security approach.

• Threats are categorized in terms of passive and active attacks.

• passive attacks includes eavesdropping on network traffic
between browser and server and gaining access of information.
• Active attacks deals with impersonation another user, altering
messages in transit, and altering information on a website.
• Another way to classify Web security threats is in terms of
location of the threat : Web Server. Web Browser, and network
traffic between browser and server.
 Threats Consequences Countermeasures

Integrity • Modification of user data • Loss of information • Cryptographic checksums

• Trojan Horse browser • Compromise of resources
• Modification of memory
• Modification of message traffic in
transit

Confidentiality • Eavesdropping on Net • Loss of information • Encryption, Web proxies

• Theft of info from server • Loss of privacy
• from Client also
• Info about network configuration
• Info about communication
between client and server
DOS • Flooding Machines • Disruptive, Annoying Difficult to prevent
• Flooding of disk or memory • Prevent user from getting
work done

Authentication • Impersonation of legitimate users Cryptographic techniques.

• data forgery

Table1: Comparison of threats on Web

 Web Security

Web Traffic Security Approaches

• There are various approaches for Web security.

• They differ to their scope of applicability and their relative location in TCP/IP
protocol stack as shown.
 Web Security

o One way to provide Web security is to use IP security (IPSec), its

advantage is that it is transparent to end users and applications and
provide general-purpose solution (fig a) .
 It also includes filtering capability therefore only selected traffic
incur the overhead of IPSec processing.
o (Fig b) shows another general-purpose solution for implementing
security which is placed just above the TCP.
 Implemented by means of Secure sockets layer (SSL) and
Transport Layer Security (TSL).
 Web Security

• (Fig c ) Shows the Application specific security service.

 It is embedded within particular protocol.
 Advantage is service can be tailored according to needs of
application.
 In web security context, the best example of this approach is
Secure Electronic Transaction (SET).
 Web Security

Secure Socket Layer (SSL) and Transport Layer Security (TLS)

• SSL was originated by Netscape.
• Version 3 of protocol was designed with public review and I/p from industry.

• Version 3 was first published as an Internet draft document.

• When the turn came for Internet standardization, TLS working group was formed
within IETF for common standard.
 SSL Architecture

• SSL is designed to make use of TCP to provide a reliable end-to-end secure

service.
• SSL is not a single protocol but has two layers of protocols as shown in figure.

• It consist of SSL Record Protocol which provide basic security services to

various higher-layer protocol.
• Generally HTTP, which provide transfer service for web client/server interaction,
can operate on top of SSL.
• SSL uses Change Cipher Spec Protocol, and the Alert Protocol for management
of SSL exchanges.
 Web Security

Figure 1: SSL Protocol Stack

 SSL Architecture

SSL consist of two important concepts SSL session and SSL connection.
1. Connection : A connection is an transport that provide a suitable type of
service.
 For SSL such connection are peer-to-peer relationship.
 Connection are transient(Valid for specific time).
 Every connection is associated with one session.

2. Session : Session is an association between a client and a server.

 Sessions are created by the Handshake Protocol.
 SSL Architecture
• Session also defines set of security parameters, that are shared among multiple
connections.
 Each pair of parties may have multiple pair of connections.
 There are number of states associated with each session.
 Session state is defined by various parameters.
 Session identifier : Used to identify particular session.
 Peer Certificate : An X.509 certificate of Peer. It may be null.
Compression Method : Algorithm used for compression prior to encryption.
 Cipher, spec : Specifies data encryption algorithm and hash algorithm, also
defines cryptographic attributes.
 Master secret : 48-byte secret shared between client and server.

 Is resumble : Flag indicating whether the session can be used to

initiate new connection.
 Connection State Parameter

 A connection state also having parameters.

 Server and Client random : Byte sequence chosen by client and server for each
connection.
 Server write MAC secret : Secret key used in MAC, sent by the server.
 Client write MAC secret : Secret key used in MAC, sent by the client.

 Server write key : It is an conventional encryption key for data encrypted by

server and decrypted by client.
 Client write key : It is an conventional encryption key for data encrypted by
client and decrypted by server.
 Initialize Vector : When block cipher in CBC mode is used. Initialized by SSL
Handshake Protocol.
 Sequence Number : Each party maintain a separate sequence number. When
party sends or receive a change cipher spec message. Appropriate sequence
number is set to Zero.
 SSL Record Protocol

SSL Record protocol provides two services for SSL Connections.

o Confidentiality : The handshake protocol defines a shared key that is used for
conventional encryption of SSL payloads.
o Message Integrity : The handshake protocol also defines a shared secret key for
Message authentication code (MAC).
 Web Security
• Fig shows the overall operation of SSL Record Protocol.
 It takes an application message to be transmitted
 Fragments the data into manageable blocks,
 Optionally compress the data
 Applies a MAC
 Encrypts
 Add a header
 Transmits the resulting unit in a segment.
Figure 2: SSL Record Protocol
 SSL Record Protocol Fields
o First step is fragmentation.

o Each upper-layer message is fragmented into blocks of 214 bytes (16384 bytes)
or less.
o Next, Compression is optionally applied
o Compression may not increase the content length by more than 1024 bytes.

o In SSLv3 (and TLS), no compression algorithm is specified.

o Therefore default algorithm is null.

o MAC computation is performed over compressed data, for this shared secret
key is used.
• MAC calculation is given as,

hash(MAC_write_secret || pad_2 ||

hash(MAC_write_secret || pad_1|| seq_num ||

SSLCompressed.type ||
SSLCompressed.length || SSLCompressed.fragment ))
• || = Concatenation

• MAC_write_secret = shared secret key

• hash = cryptographic hash algorithm; either
MD5 or SHA-1
• pad_1 = byte 0x36 (00110110) repeated 48times
for MD5 and 40 times for SHA-1.
• pad_2 = byte 0x5C (0101 1100 ) is repeated 48
times for MD5 and 40 times for SHA-1
• seq_num = The sequence number for this message
• SSLCompressed.type = The higher-level protocol used to process
this fragment.
• SSL Compressed.length = The length of compressed fragment.
• SSL Compresed.fragment = The compressed fragment

( if compression is not used, the plaintext fragment)

Compressed message + MAC are encrypted using symmetric
encryption.
o Encryption may not increase the length by 1024 bytes
 SSL Record Header Format

o Algorithm such as AES, IDEA, RC2-40, DES,3DES,RC-40 where used.

o For Stream encryption, compressed message plus the MAC are encrypted.
o For Block encryption, padding may be added after the MAC prior to
encryption.
o Final step of SSL Record Protocol processing is to prepared a header
consisting of following fields.
• Content type (8 bits) : Higher layer protocol used to process the
enclosed fragment.
• Major Version (8 bits) : Indicate major version of SSL in use. For
SSLv3, the value is 3.
 Web Security

• Minor Version (8 bits) : Indicate minor version in use. For SSLv3 value is 0.

• Compressed Length (16 bits) : Length in bytes of plaintext fragment .

Maximum value is 214 + 2048.

Figure 3: SSL Record(Header) Format.