Does it make sense to fully popularize HTTPS?

I remember when I was a kid, the open-top truck pulled a cart of apples from the orchard, transported it to the dock, and then loaded it onto a 10,000-ton freighter and shipped it to Shanghai. But the last mile to the pier, the roads are bumpy, and the truck will slow down. At this time, some teenagers will climb on the truck and take the apples from the bag to eat. Every time, one or several bags will be unpacked for this purpose. The company is very distressed.

Later, in order to reduce losses, the transportation company used closed containers, loaded the apples and then locked the car, arrived at the destination and then opened, so that even if someone wanted to take the apple from the car, they could not start.

The above convertible truck corresponds to TCP, and Apple corresponds to HTTP. Since the convertible truck cannot guarantee whether Apple is stolen or transferred on the transmission path, how much goods will eventually arrive at the destination depends on the mood of the boy. If the bad guy just inserts some advertisements, the user's browser will pop up some advertisement pages at most.

Even further, steal user cookies and log in to user accounts for illegal activities. Trojans can also be implanted through plaintext http, which can remotely control user computers and steal sensitive user information.
The container represents TCP + TLS (Transport Layer Security). Ten tons of apples transported from the orchard can reach their destination intact, neither more nor less.

Plaintext HTTP gives bad guys a chance

In order to achieve high security of the network, many links are required to work together. As long as there is a loophole in a link, it may be exploited. In order to improve the relative security of the network, the highest priority should start with HTTP, because this user uses the most frequently.
At present, almost all personal computers are under the protection of router NAT. If the user does not actively access the Internet, others cannot start the personal computer after NAT.
Once the user actively accesses the Internet, it is equivalent to pecking a small hole on the NAT gate. This small hole is a NAT mapping table. If there is no traffic refresh, the small hole will be closed after 300 seconds.

Within 300 seconds of Xiaodong's survival, an external host is allowed to access the personal computer, and plaintext HTTP is the best carrier. Once the personal computer is implanted with a Trojan, the Trojan program will actively send periodic messages to the Internet control terminal, so that the NAT hole will always open the door (periodical message refresh timer), which provides convenience for remote control.

HTTPS provides end-to-end secure encryption

Not only provide data confidentiality (encryption), but also provide data integrity (do not tamper with the data) protection, anti-replay (resend the captured message again invalid), so it is difficult for bad boys to start, it is difficult to go without a session key Peeping and tampering with user data cannot even rely on HTTPS as a carrier for Trojan horses.
Some students will have questions. Why can HTTP transmitted in plaintext be hijacked and the content of the webpage tampered, but not HTTPS encrypted?

That's because HTTP was hijacked and tampered with the page, and the TCP checksum was recalculated. The user's computer could not tell whether it was tampered with, and had to receive it passively.

After the encrypted transmission, with HMAC protection, any attempt to tamper with the page, because there is no session key, the HMAC that is consistent with the tampered web page cannot be calculated, so the SSL / TLS at the data receiving end will easily recognize that the web page has been tampered with, and then discarded Since there is no impulse to hijack, there is no impulse to tamper, so HTTPS can handle web hijacking well.


HTTPS is not 100% absolutely reliable

Snowden revealed that the Diffie-Hellman algorithm attack on the key exchange against IPsec and TLS is to pre-calculate a large number of public and private key pairs through an offline supercomputer. Once the private key is tried, the Master will be obtained. Key, and then derive the session key, so that historical data, current and future data can all be decrypted.

The above is a passive attack method, and it is an active attack against digital certificate spoofing, which can decrypt user data in real time. However, all kinds of active and passive attacks are very difficult. They are often driven by the will of the country rather than some small groups.

Some readers will definitely be puzzled. Since HTTPS is not absolutely reliable, is online banking safe to rely on HTTPS? Safe and safe to use!

When the bank transfers money, it usually needs the user's private key to sign and confirm, and the private key is embedded in the USB Token, similar to the hardware device in the following figure. As long as the user does not lend this to others, the transfer can ensure safety.


Computer online banking users generally have a USB Token, which contains the user's digital certificate private key (Private Key), online banking transfer must be confirmed by the user's digital certificate private key signature transfer, and this private key is only owned by the user's Token, and the bank With the user's digital certificate public key (Public Key), you can successfully decrypt the transfer confirmation signed by the user's private key (Private Key), so as to be sure that the transfer instruction is issued by the user with the USB Token, which will further improve the security of online banking Sex.

Mobile banking is generally an APP, and it is possible to force the use of (Public Key Pinning) specific root certificate as the top of the certificate trust chain, which can avoid the use of falsely installed fake certificates by the client, so the APP will not establish a TLS connection with the fake server, only Establish a secure tunnel with a real server. Once the tunnel is successfully established, the communication is secure, even when transferring money. Confirm by mobile phone verification code before transfer, and another layer of security protection.

The above is the news sharing from the PASSHOT. I hope it can be inspired you. If you think today' s content is not too bad, you are welcome to share it with other friends. There are more latest Linux dumps, CCNA 200-301 dumps and CCNP Written dumps waiting for you.

Comments

Popular posts from this blog

How to choose Cisco dumps?

What is proxy communication?

What are CCNP Data Center jobs in Dubai?