Beruflich Dokumente
Kultur Dokumente
Henric Johnson
Blekinge Institute of Technology, Sweden http://www.its.bth.se/staff/hjo/ henric.johnson@bth.se Henric Johnson
1
Outline
Web Security Considerations Secure Socket Layer (SSL) and Transport Layer Security (TLS) Secure Electronic Transaction (SET) Recommended Reading and WEB Sites
Henric Johnson
Henric Johnson
SSL...
SSL Architecture: >SSL runs on the top of TCP to provide reliable and secure end-to-end service.
>Consists of two layers (shown in next Slide).
Henric Johnson 9
SSL Architecture
Henric Johnson
10
Henric Johnson
13
Henric Johnson
14
Handshake Protocol
The most complex part of SSL. Allows the server and client to - authenticate each other. - negotiate encryption, MAC algorithm and cryptographic keys. Used before any application data are transmitted.
Henric Johnson 16
Henric Johnson
17
An SSL Session
1. Negotiation of cryptographic parameters //Two computers probably dont know each others capabilities.// 2. Key Agreement. //C & S generate shared secret key.// 3. Authentication (client authenticates server). 4. Confidentiality and integrity. //private messages Johnson exchanged between C & Henric 18 S.//
After responding to the hello message, the server sends the client its digital certificate. //A trusted CA signed this certificate.// The client uses the trusted CAs public key to decrypt the certificate and obtains servers public key and verifies the server.
Henric Johnson 21
The client generates a 48byte random value (called pre-master secret), encrypts it with servers public RSA key, and sends it to server. The server decrypts this message and generates six keys.
Henric Johnson
22
3. Authentication
The client authenticates the server: The clients sends the server a message that is encrypted with the generated secret keys. //called the finished handshake message// The server responds with its own encrypted finished handshake message. <> The clients is now convinced that it is communicating with right server. //pre-master secret could only be decrypted with the servers private key.//
Henric Johnson 24
3. Authentication
Does server need to authenticate the client? In general yes, but in this situation it may not be necessary: Reasons: 1. It is not necessary because it will be done when the client gives his/her CC number. 2. A client may not have information to authenticate itself to the server. Henric Johnson 25
SET Services
Provides three services: 1. Provides a secure communication channel among all parties involved in a transaction. 2. Provides trust by the use of X.509v3 digital certificates. 3. Ensures privacy: information is only available to involved parties.
Henric Johnson 28
SET Overview
Key Features of SET: Confidentiality of information Integrity of data Cardholder account authentication Merchant authentication
Henric Johnson
29
SET Participants
Henric Johnson
30
1. The customer opens an account. 2. The customer receives a certificate. (contains customers public key) 3. Merchants have their own certificates. (Two certificates: one for signing messages and the other for key exchange.) 4. The customer places an order. 5. The merchant is verified. (merchant sends a copy of its certificate; the customer can verify it.)
Henric Johnson 31
6. The order and payment are sent. >The payment information is encrypted in such a way that it can not be read by the merchant. > Customers certificate enables the merchant to verify the customer. 7. The merchant requests payment authorization. >Merchant sends the payment information to payment gateway, requesting authorization. 8. The merchant confirms the order. >Merchant sends confirmation to customer.
Henric Johnson 32
9. The merchant provides the goods or service. >Merchant ships goods to customer. 10. The merchant requests payments. >Merchant sends payment request to the payment gateway, which handles payment processing.
Henric Johnson
33
Dual Signature
Objective: to link two messages that are intended for two different recipients. Customer wants to send: 1. Order Information (OI) to merchant. 2. Payment information (PI) to bank. >Customer wants to link these two items and also wants to keep them separate. Henric Johnson 34
Dual Signature
>Merchant need not know about CC#. >Bank need not know the details of customers order. >> However, these two items must be linked to resolve any dispute. >>Customer can prove that this payment was intended for this order. //protects customer and merchant.//
Henric Johnson 35
Dual Signature
DS E KRc [ H ( H ( PI ) || H(OI))]
Henric Johnson
37
Dual Signature
Merchant has DS, OI, and PIMD. >Merchant computers H(PIMD||H(OI)). >Merchant decrypts DS using customers public key. >If both these items are equal, the merchant has verified the DS. //Merchant is never sent the PI//
Henric Johnson 38
Dual Signature
The bank has DS, PI, and OIMD. >The bank computers H(H(PI)||OIMD). >The bank decrypts DS using customers public key. >If both these items are equal, the merchant has verified the DS. //The bank is never sent the OI.//
Henric Johnson 39
Payment Processing
Look at three steps:
1. Purchase request 2. Payment authorization 3. Payment capture
Henric Johnson
40
Payment Processing
1. Purchase request: Cardholder prepares a purchase request message and sends it to merchant. The message has following information: A. Purchase-Related Information: //Forwarded to payment gateway by the merchant.//
Henric Johnson 41
Payment Processing
A. Purchase-Related Information: >PI >Dual signature (DS) >OIMD (needed to verify the DS) //all above items encrypted with a secret key Ks.// //Ks is not known to merchant. It is known to payment gateway.// >Digital envelope: formed by encrypting Henric Johnson 42 Ks by the public key of payment GTW.
Payment Processing
B. Order-Related Information: >OI //sent in clear// >Dual signature (DS) >PIMD (needed to verify the DS) C. Cardholder certificate: >Contains cardholders public key. >Needed by merchant and payment GTW.
Henric Johnson 43
Payment processing
Payment Processing
The merchant processes the message in the following way: 1. Verifies cardholder certificate with the CAs key. 2. Verifies the dual signature. Insures: >Message integrity >Message authentication.
Henric Johnson 45
Payment Processing
3. Processes the order and forwards the payment information to payment GTW for authorization. 4. Sends a purchase response message to the cardholder.
Henric Johnson
46
Payment processing
Payment processing
Payment Authorization: >Mercahnt authorizes the transaction with payment GTW. > Guarantees that the merchant will receive payment. > Consists of two messages: Authorization Request Authorization Response
Henric Johnson 48
Payment processing
Authorization Request: >Merchant to payment GTW. >Consists of the following three items: 1. Purchase-Related Information: //Obtained from the customer.// >PI >Dual Signature >OIMD Henric Johnson 49 >The digital envelope
Payment processing
2. Authorization-Related Information: //generated by the merchant.// >An authorization block //consists of transaction ID signed with merchants private key and encrypted with one time symmeric key.// >A digital envelope //Formed by encrypting one time key with the payment GTWs public key.//
Henric Johnson 50
Payment processing
3. Certificates: The following certificates are sent: >Cardholders certificate //to verify DS.// >The Merchants certificate //to verify merchants signatures.// >The merchants key-exchange cert. //needed in the payment GTWs response.//
Henric Johnson 51
Payment processing
Authorization Response: -Payment GTW processes the received information. -Obtains authorization from issuer. -Returns an authorization response to merchant. -Authorization response contains three items.
Henric Johnson 52
Payment processing
Authorization Response: 1. Authorization-related information: >Authorization block signed by payment GTWs private key and encrypted with a one-time symmetric key. >A digital envelop that contains the one time symmetric key (encrypted with merchants public key).
Henric Johnson 53
Authorization Response: 2. Capture token information: //Used to affect the payment later.// >A signed, encrypted capture token. //Returned with payment request later.// >A digital envelope. //contains the one time symmetric key encrypted with merchants public key.// 3. Certificate: Henric Johnson 54 Gateways signature key certificate.
Payment processing
Payment processing
Payment Capture: To obtain payment from payment GTW. Capture Request //Merchant sends this message to payment GTW.// //Merchant generates, signs, and encrypts a capture block that consists of the following items.//
Henric Johnson 55
Payment processing
Capture Request... >Payment amount >Transaction ID >Capture token received earlier for this transaction. >Merchants certificate. >Merchants key-exchange certificate.
Henric Johnson 56
Payment processing
Payment Capture: >The Payment GTW verifies the information in the capture request. >Sends a clearing request to the issuer over the private payment network. >The funds are transferred to merchants account. >The GTW notifies the merchant of the payment in a Capture Response msg.
Henric Johnson 57