caozhengjun的个人博客分享 http://blog.sciencenet.cn/u/caozhengjun

博文

追求安全别过分, 用户心中有杆秤 --- 漫谈传输层安全协议TLS1.3 精选

已有 11311 次阅读 2018-4-26 08:49 |个人分类:应用密码学|系统分类:科普集锦| 传输层安全协议, 公钥证书, 数字签名, 哈希函数, U盾

 

追求安全别过分,用户心中有杆秤

---漫谈传输层安全协议TLS1.3

曹正军

    用户通过浏览器访问网站需要解决的安全问题是: (1)网站需要向用户证实自己是真实的,不是冒名的钓鱼网站.(2)网站和用户建立连接后,必须保证传输数据的机密性和完整性.传输层安全协议(Transport Layer Security Protocol,TLS)就是用来解决这些问题的.该协议最新的版本是TLS1.3(2018/3/20公布的草案).

    TLS1.3的基本目标在发起连接请求的客户与接收连接请求的服务器之间建立安全信道,提供下列服务: (1)实体认证.服务器必须是经过认证的,客户端的认证是非强制性的. (2)机密性.敌手无法获得安全信道上传输的信息. (3)完整性.敌手无法篡改数据,欺骗用户.

    TLS1.3协议分为两个部分:一个是握手协议(handshake protocol),进行实体认证,约定后续算法和使用的参数,建立共享密钥;另一个是记录协议(record protocol),对信道上传输的数据进行记录、分组、验证、解密、重组,然后把结果提交给更高层级的应用端.

    下表列出了TLS1.3约定使用的算法.

1.JPG

    HTTPS(Hyper Text Transfer Protocol over Secure Socket Layer)是加入了SSL(Secure Socket Layer)HTTP协议.由于SSL本身存在漏洞,取而代之就是TLS.很多浏览器都支持TLS1.2协议,为什么有些网站还在使用http协议呢? 原因可能是:(1)网站不愿意购买公钥证书服务;(2)额外的加、解密运算影响速度,影响用户体验;(3)很多网页内容毫无机密性可言,急于推送一些广告,根本不需要安全措施.

    下面的例子有助于读者增进对TLS协议的认识.打开搜狐视频https://tv.sohu.com/,点击https左侧的图标, 跳出的提示信息如下图.

2.jpg

点击“证书信息”,可以看到如下内容.


3.jpg

4.jpg

它描述的RSA模数长度是2048比特,实际情况如下:

十六进制长度是540

3082010a0282010100bc64fb2445ddbba837f1d69d5a928169237ddc3f475fbf6e7de

620bc9a38e8de3a8e812b980a963a8d98039f5753d15fb43c06e124bcacf15fe933e9

c6ec99331f18c386664da827b624662a329c08a774697433ef01d9e5f0b8894f77d16

4a80eb348773172e1f7accf88b473a507c6148c8a68f4abb8d7421337f78567cdd433

727724d1ff5d5e9ea361cdd0b66d6ece5bb9f877e22797ab743b539d3ef0df803a000

5b6c469882d6f92ea987ae50feb57111a21295504afdc2b6e9dd5b69b0097abc7b75c

c2b810e51a95e7b9d3345e6befe82628ca913e70fbe8ce032e7df3183dc75d89f54d3

9771018343fc710caa4677147d5ff9298c0ac1c9d291e770203010001

十进制长度是650

3179526881036662712546964484434970351401465707216726663917963898210510

3905835848720871748348641814253595861150941961326930497566508267510344

3063131591936303151716739943267482539823181296918724567338736308162667

8593209823931471454236791915912170215828483194700799819826496532944100

1262622651854297051165394677437239435573022340320718976762402551704031

3486677717553280432639146297231356478712868009106206543796364319428193

0202883410709942310628686542296813814235843612758841404900546918272136

4782242526145888080098481079248195919387744968172671744946370268238302

4671505443230291657582212388233392647376949619420168162893232639757810

46546706449282695169

二进制长度是2158

1100001000001000000001000010100000001010000010000000010000000100000000

1011110001100100111110110010010001000101110111011011101110101000001101

1111110001110101101001110101011010100100101000000101101001001000110111

1101110111000011111101000111010111111011111101101110011111011110011000

1000001011110010011010001110001110100011011110001110101000111010000001

0010101110011000000010101001011000111010100011011001100000000011100111

1101010111010100111101000101011111101101000011110000000110111000010010

0100101111001010110011110001010111111110100100110011111010011100011011

1011001001100100110011000111110001100011000011100001100110011001001101

1010100000100111101101100010010001100110001010100011001010011100000010

0010100111011101000110100101110100001100111110111100000001110110011110

0101111100001011100010001001010011110111011111010001011001001010100000

0011101011001101001000011101110011000101110010111000011111011110101100

1100111110001000101101000111001110100101000001111100011000010100100011

0010001010011010001111010010101011101110001101011101000010000100110011

0111111101111000010101100111110011011101010000110011011100100111011100

1001001101000111111111010111010101111010011110101000110110000111001101

1101000010110110011011010110111011001110010110111011100111111000011101

1111100010001001111001011110101011011101000011101101010011100111010011

1110111100001101111110000000001110100000000000000101101101101100010001

1010011000100000101101011011111001001011101010100110000111101011100101

0000111111101011010101110001000100011010001000010010100101010101000001

0010101111110111000010101101101110100111011101010110110110100110110000

0000100101111010101111000111101101110101110011000010101110000001000011

1001010001101010010101111001111011100111010011001101000101111001101011

1110111111101000001001100010100011001010100100010011111001110000111110

1111101000110011100000001100101110011111011111001100011000001111011100

0111010111011000100111110101010011010011100101110111000100000001100000

1101000011111111000111000100001100101010100100011001110111000101000111

1101010111111111100100101001100011000000101011000001110010011101001010

0100011110011101110000001000000011000000010000000000000001

    实际长度比约定的长度多出110,这是怎么回事? Symantec公司深谙商业之道,在兜售证书? 事实上,我们应该认识到安全是相对的,不是绝对的.别动不动就以安全为借口恫吓用户,他们心中有杆秤.

    TLS1.3协议不是强制性的.网上交易一般都需要安装专用插件.金融机构远程自助服务还需要更为稳健的便携式的U.醉心于网购的同志们,下面这个插件是不是觉得很眼熟呀.

5.jpg

    仔细瞧瞧有啥异样过期证书,我行我素.我们的企业就应该有这样的自信,不能跟着欧美的标准瞎折腾.


本文摘自作者的书稿《现代密码算法概论》



http://blog.sciencenet.cn/blog-3224443-1110963.html

上一篇:漫谈比特币和区块链
下一篇:Deutsch-Jozsa量子算法

3 徐令予 黄永义 李红雨

该博文允许注册用户评论 请点击登录 评论 (1 个评论)

数据加载中...

Archiver|手机版|科学网 ( 京ICP备14006957 )

GMT+8, 2018-5-26 19:55

Powered by ScienceNet.cn

Copyright © 2007-2017 中国科学报社

返回顶部