博文
追求安全别过分, 用户心中有杆秤 --- 漫谈传输层安全协议TLS1.3
精选
|||
追求安全别过分,用户心中有杆秤
---漫谈传输层安全协议TLS1.3
曹正军
用户通过浏览器访问网站需要解决的安全问题是: (1)网站需要向用户证实自己是真实的,不是冒名的钓鱼网站.(2)网站和用户建立连接后,必须保证传输数据的机密性和完整性.传输层安全协议(Transport Layer Security Protocol,TLS)就是用来解决这些问题的.该协议最新的版本是TLS1.3(2018/3/20公布的草案).
TLS1.3的基本目标: 在发起连接请求的客户与接收连接请求的服务器之间建立安全信道,提供下列服务: (1)实体认证.服务器必须是经过认证的,客户端的认证是非强制性的. (2)机密性.敌手无法获得安全信道上传输的信息. (3)完整性.敌手无法篡改数据,欺骗用户.
TLS1.3协议分为两个部分:一个是握手协议(handshake protocol),进行实体认证,约定后续算法和使用的参数,建立共享密钥;另一个是记录协议(record protocol),对信道上传输的数据进行记录、分组、验证、解密、重组,然后把结果提交给更高层级的应用端.
下表列出了TLS1.3约定使用的算法.
HTTPS(Hyper Text Transfer Protocol over Secure Socket Layer)是加入了SSL(Secure Socket Layer)的HTTP协议.由于SSL本身存在漏洞,取而代之就是TLS.很多浏览器都支持TLS1.2协议,为什么有些网站还在使用http协议呢? 原因可能是:(1)网站不愿意购买公钥证书服务;(2)额外的加、解密运算影响速度,影响用户体验;(3)很多网页内容毫无机密性可言,急于推送一些广告,根本不需要安全措施.
下面的例子有助于读者增进对TLS协议的认识.打开搜狐视频https://tv.sohu.com/,点击https左侧的图标, 跳出的提示信息如下图.
点击“证书信息”,可以看到如下内容.
它描述的RSA模数长度是2048比特,实际情况如下:
十六进制长度是540位
3082010a0282010100bc64fb2445ddbba837f1d69d5a928169237ddc3f475fbf6e7de
620bc9a38e8de3a8e812b980a963a8d98039f5753d15fb43c06e124bcacf15fe933e9
c6ec99331f18c386664da827b624662a329c08a774697433ef01d9e5f0b8894f77d16
4a80eb348773172e1f7accf88b473a507c6148c8a68f4abb8d7421337f78567cdd433
727724d1ff5d5e9ea361cdd0b66d6ece5bb9f877e22797ab743b539d3ef0df803a000
5b6c469882d6f92ea987ae50feb57111a21295504afdc2b6e9dd5b69b0097abc7b75c
c2b810e51a95e7b9d3345e6befe82628ca913e70fbe8ce032e7df3183dc75d89f54d3
9771018343fc710caa4677147d5ff9298c0ac1c9d291e770203010001
十进制长度是650位
3179526881036662712546964484434970351401465707216726663917963898210510
3905835848720871748348641814253595861150941961326930497566508267510344
3063131591936303151716739943267482539823181296918724567338736308162667
8593209823931471454236791915912170215828483194700799819826496532944100
1262622651854297051165394677437239435573022340320718976762402551704031
3486677717553280432639146297231356478712868009106206543796364319428193
0202883410709942310628686542296813814235843612758841404900546918272136
4782242526145888080098481079248195919387744968172671744946370268238302
4671505443230291657582212388233392647376949619420168162893232639757810
�46546706449282695169
二进制长度是2158位
1100001000001000000001000010100000001010000010000000010000000100000000
1011110001100100111110110010010001000101110111011011101110101000001101
1111110001110101101001110101011010100100101000000101101001001000110111
1101110111000011111101000111010111111011111101101110011111011110011000
1000001011110010011010001110001110100011011110001110101000111010000001
0010101110011000000010101001011000111010100011011001100000000011100111
1101010111010100111101000101011111101101000011110000000110111000010010
0100101111001010110011110001010111111110100100110011111010011100011011
1011001001100100110011000111110001100011000011100001100110011001001101
1010100000100111101101100010010001100110001010100011001010011100000010
0010100111011101000110100101110100001100111110111100000001110110011110
0101111100001011100010001001010011110111011111010001011001001010100000
0011101011001101001000011101110011000101110010111000011111011110101100
1100111110001000101101000111001110100101000001111100011000010100100011
0010001010011010001111010010101011101110001101011101000010000100110011
0111111101111000010101100111110011011101010000110011011100100111011100
1001001101000111111111010111010101111010011110101000110110000111001101
1101000010110110011011010110111011001110010110111011100111111000011101
1111100010001001111001011110101011011101000011101101010011100111010011
1110111100001101111110000000001110100000000000000101101101101100010001
1010011000100000101101011011111001001011101010100110000111101011100101
0000111111101011010101110001000100011010001000010010100101010101000001
0010101111110111000010101101101110100111011101010110110110100110110000
0000100101111010101111000111101101110101110011000010101110000001000011
1001010001101010010101111001111011100111010011001101000101111001101011
1110111111101000001001100010100011001010100100010011111001110000111110
1111101000110011100000001100101110011111011111001100011000001111011100
0111010111011000100111110101010011010011100101110111000100000001100000
1101000011111111000111000100001100101010100100011001110111000101000111
1101010111111111100100101001100011000000101011000001110010011101001010
0100011110011101110000001000000011000000010000000000000001
实际长度比约定的长度多出110位,这是怎么回事? Symantec公司深谙商业之道,在兜售证书? 事实上,我们应该认识到安全是相对的,不是绝对的.别动不动就以安全为借口恫吓用户,他们心中有杆秤.
TLS1.3协议不是强制性的.网上交易一般都需要安装专用插件.金融机构远程自助服务还需要更为稳健的便携式的U盾.醉心于网购的同志们,下面这个插件是不是觉得很眼熟呀.
仔细瞧瞧有啥异样? 过期证书,我行我素.我们的企业就应该有这样的自信,不能跟着欧美的标准瞎折腾.
本文摘自作者的书稿《现代密码算法概论》
https://blog.sciencenet.cn/blog-3224443-1110963.html
上一篇:漫谈比特币和区块链
下一篇:Deutsch-Jozsa量子算法
