<< Back to Networking Main Page   
 

WEEK 12

WWW Browsers - Chapters 29, 30, and 31.

Document Encryption

DES (Data Encryption Statement)

  • uses private key
  • uses same algorithm to encrypt and decrypt

RSA

  • Uses both public and private keys. Encrypt with one and decrypt with the other.
  • Based on the fact that factoring big numbers is hard.
    1. Pick 2 big primes (p and q)
      • Let n = p*q
      • Choose e so it is relatively prime to (p-1)(q-1) <OR>1b. gcd(e, (p-1)(q-1) = 1
      • (e,n) is the public key.
      • Choose d so that d = e^-1mod(p-1)(q-1) <OR> 1d. de = 1mod (p-1)(q-1)
      • 1e. (d,n) is the private key
    2. To encrypt a message m: c = m^e mod n
    3. To decrypt a message m: m = c^a mod n

MD5 (Message Digest)

  • MESSAGE -> MD%(hash) -> 128 bit NUMBER
  • Provides integrity

Documents

Dynamic Documents

A dynamic document is created on the web server. When a request for a new document arrives, the server runs an application porogram that creates a dynamic document. For example HTTP!

Static Documents

A regular web page. Document is created by the author and it resides on the server. For example Servlets!

Active Documents

This document is not specified by the server, but rather is a program that knows how to compute and display the values. When a browser requests an active document, the server returns the program that must be run locally. For example Java!

CGI

The Standard

The Common Gateway Interface in which provides general guidlines. Any programming language will work with CGI.

Output

  • Not restricted to HTML
  • CGI program places header on its output

EXAMPLE: Content-type: text/html

  • Can also be used for re-direction if http:// address is in the header

Example Code

#!/bin/sh

#
#CGI script that prints out the date and time at which it was run
#

# Output the document header followed by a blank line

echo Content-type: text/plain
echo

# Output the date

echo This document was created on 'date'

Parameters and Environment Variables

EXAMPLE OF ENVIRONMENT VARIABLES PASSED TO A CGI PROGRAM
NAME OF VARIABLE
MEANING
SERVER_NAME The domain name of the computer running the server
GATEWAY_INTERFACE The version of the CGI software the server is using
SCRIPT_NAME The path in the URL after the server name
QUERY_STRING Information following "?" in the URL
REMOTE_ADDR The IP address of the computer running the browser that sent the request

 

State Information (information that a program saves between invocations)

Long: To be kept among different invocations of diffrent browser instances. Saved on file or disk.

Short: While the browser is running. Encoded into URLs.

Forms and Interaction

Public Key Distribution

CA Certification Agencies

  • Certificates - Binding of a name with a public key
    • Reliablility
  • Certificat (What is):
    1. Entities name (URL or Email)
    2. Entities Public Key
    3. Name of CA
    4. Digital signature
    5. Code used for encryption
    6. TTL
  • Distribution
    • Any Friend of yours is a friend of mine. I'll just keep checking your key and the keys up to the one I trust

HTTPS

  • Run on top of SSL (w/handshaking)
    1. Runs on top of TCP
      • Runs on top of IP
        • Runs on top of Physical layer
    2. Session ID
    3. Session keys
    4. Init sector
    5. Exchange certificate
    6. Compression algorythm
  • Port 443

Security

Firewalls

  • Proxies - Sit between the client and the server. The server thinks that the proxie is the client and the client thinks that the proxie is a cerver. The proxie may have a cache and be able to respond without consulting the other.
  • Packet Filters - Protects an organization from unwanted internet traffic.

  • Classical verses Transparent proxies
    • Classical - The proxie is seen as addresable
    • Transparent - The proxie is transparent and just intercepts messages