The in-depth development of Internet communication technology, with instant messaging and real-time audio and video as the core, has enabled people to communicate with each other beyond the limits of space and time, enabling information to reach far and wide, connectivity to occur at any time, and diversified communication. Pay attention to rongyun Global Internet Communication Cloud for more information
However, while the Internet brings great convenience to our life, the problems of user privacy and communication security also follow.
For developers, the openness of the Internet also means risk; The high degree of freedom with which users use networks and terminal devices also provides opportunities for criminals.
Therefore, the security of Internet communication needs to be improved throughout the system construction. This series of articles focuses on the security of Internet communication. The first article focuses on “link security”.
The security problem of Internet communication system and main attack means
Security problems of Internet communication system
1. Steal content
If the content of Internet communication is unencrypted or weakly encrypted during the whole process, the message can be read directly after being intercepted.
This will lead to the disclosure of personal privacy, and may even endanger the user’s property security. If in an office setting, what may have been stolen is a company trade secret, it can cause even greater financial damage.
2. Tamper with content
If the communication content is intercepted and modified before being sent, the correctness and integrity of the information will be damaged.
3. Fake content
If the user’s communication credentials are stolen or other information is interspersed in the communication process, it may create a possibility and lay a hidden danger for fraudulently using the user’s identity to get the trust of the communicator.
4. Spreading illegal content
Based on the message push capability of instant communication system, criminals may spread information related to pornography, gambling, violent terrorism or endanger national security, but also may spread computer Trojan virus.
Common Means of attack
1. Transplant the Trojan horse
Intercept or tamper with information by porting Trojan horses on terminals.
2. Fake apps
By forging the APP or adding a back door in the APP, the end user mistakenly thinks it is a normal application to use, so as to achieve the illegal purpose.
3. Network packet capture
Packets are captured on network devices to obtain user communication content.
4. Man-in-the-middle attack
By hijacking DNS and other means, the user communication connection through the attacker’s device, so as to achieve stealing, tampering and other purposes.
5. Vulnerability mining
The server or terminal in addition to its own program also contains a variety of tripartite components or middleware, through the mining of its loopholes, to achieve illegal purposes.
(Common attacks)
As can be seen from the figure above, information can be used at any point in the process from the application to the server through the network. Therefore, in the “crisis-prone” Internet, the construction of communication system needs to regard “security” as the first criterion, and ensure communication security through various means.
The application of cryptography to Internet communication system connections
In view of the above security problems and attack means, it is particularly important to encrypt communication data when cryptography is applied to the connection of Internet communication system.
Cryptography solves the three elements of information security (CIA), namely:
Confidentiality Guarantees that information will not be disclosed to unauthorized users.
Integrity (Integrity) ensures that information is transmitted from the real sender to the real receiver without being added, deleted or replaced by illegal users.
Availability Ensures that authorized users can access data in a timely and reliable manner.
In addition to CIA, other attributes are also required, such as Controllability and non-repudiation.
As a key component of Internet communication, instant messaging system generally needs a long connection between the client and the server to quickly deliver messages to the client.
In common C/S mode, the client establishes a connection with the server in TCP or UDP mode, and obtains or submits some information from the server in HTTP mode in some scenarios.
In the whole process, all data needs to be encrypted. Simple data encryption can be summarized as follows: the sender inputs plain text, encrypts it, generates ciphertext, transmits ciphertext, and the receiver decrypts it to obtain plain text.
It will involve symmetric encryption algorithm, asymmetric encryption algorithm, information summary algorithm. China also put forward a set of its own cryptography algorithm – national encryption algorithm.
The National Cryptography algorithm, also known as the national commercial cryptography algorithm, is a cryptography algorithm standard and its application standard recognized and published by the State Cryptography Administration, some of which have become international standards. For example, SM commercial series of passwords: symmetric encryption algorithm SM4, asymmetric encryption algorithm SM2, information summary algorithm SM3.
Connection session encryption
For link level encryption, link encryption based on SSL/TLS protocol should be considered first, which is the cornerstone of modern Internet communication security.
Many people think of SSL/TLS as an add-on to HTTP and part of HTTPS. SSL/TLS is independent of application-layer protocols, and high-level protocols can be transparently distributed on top of SSL/TLS. Therefore, long connection messaging protocols based on im can also be built on top of SSL/TLS.
(SSL/TLS is independent of application layer protocols)
SSL/TLS can be summarized as follows: The asymmetric encryption algorithm based on the public and private key system is used to transmit the key of the symmetric encryption and decryption algorithm, and the subsequent communication packets are encrypted and transmitted based on the same symmetric encryption and decryption algorithm and key of both parties, so as to ensure secure data communication.
In asymmetric encryption algorithms, the public and private keys are mathematically related, so that one can be encrypted and the other decrypted. But even though it’s relevant, there’s no way to go from one key to the other with the existing mathematical algorithms.
In addition, it is important to emphasize that in the system, do not use self-certification, but use certificates with CA authentication, which can effectively prevent man-in-the-middle attacks.
Quick Session Recovery
To establish an SSL/TLS handshake between the client and server, you need to complete many steps: key negotiation to the session key, digital signature authentication, message verification code MAC, and so on.
Key negotiation is time-consuming in the whole handshake phase, which requires intensive CPU processing. When the client and server disconnect the session, the session key they negotiated when they connected disappears. The next time a client connects to the server, a new full handshake phase may seem fine, but when a large number of connection requests are submitted at any one time in the system, it takes up a lot of server resources, resulting in increased network latency.
To solve the above problem, the TLS/SSL protocol provides a session recovery mode, which allows the client and server to recover the previous session connection after a connection is closed. Session recovery can be performed based on the Session ID or by using the Session Ticket TLS extension.
1. Session ID The Session is restored
After a complete handshake, both the Client and the server keep the Session ID. When the Session is closed, the Client attaches the Session ID to the Client Hello sub-message when the server receives the request. Matches the Session ID with the Session ID stored in the Server Cache.
If the match is successful, the server restores the previous TLS connection and uses the previously negotiated key. The key negotiation is not resumed. After receiving the Client Hello with the Session ID and the match is successful, the server directly sends the ChangeCipherSpec. Tell the TLS recording layer to switch the connection state to readable and writable to complete session recovery.
(Session ID Session recovery)
Using the Session ID for Session recovery can reduce time-consuming steps. However, the Session ID is mainly stored in the Server Cache. If the request is redirected to another Server due to load balancing, In this case, the Server Cache of the new Server does not contain the Session ID matching the client. As a result, the Session cannot be recovered. Therefore, you are not advised to use the Session ID mode for Session recovery.
2. The SessionTicket session is restored
After a complete handshake, the server encrypts the session data (session id, certificate, password suite, and master key), generates a ticket, and sends the ticket to the client through a NewSessionTicket sub-message. The client saves the ticket. On the next connection, the client sends the ticket to the server. After the server decrypts the ticket correctly, the last session can be resumed.
(SessionTicket session resumes)
Because encryption and decryption are performed in a closed loop on the Server, multiple services can complete the process only with the shared key. Compared with the Session ID mode, SessionTicket mode does not rely on the Server Cache. Therefore, Session recovery mode is more conducive to large-scale distributed systems.
This paper mainly shares two aspects. First, using SSL/TLS certificate with CA authentication in Internet communication system can ensure transmission security, prevent the transmission process from being monitored, prevent data from being stolen, and confirm the authenticity of the connection. Secondly, using SessionTicket to quickly restore sessions can improve the overall system performance and reduce the connection delay.
Please stay tuned for more in-depth sharing of other aspects of Internet communication security that are of great concern to developers.