What come to the mind when you think of a secure web application? SSL. How does SSL work? Does SSL offer complete protection? This article tries to answer some of these questions. We'll discuss about how SSL works and what it actually protects against and what it does not
Secure Socket Layer (SSL) is a protocol used to ensure privacy of communications over the Internet. SSL also assures us of the authenticity of the server we are communicating with. Securing applications with SSL is not difficult since the implementation does not require any code change.
How SSL Works
When you are browsing a SSL-enabled site, for example www.sslexample.com , what happens exactly? Your browser sends a request for the SSL page ( https://www.sslexample.com/ ). The server replies with its SSL certificate which has the public key of the server. The public key is nothing but a random number generated by the server as part of a key pair. The other key of the pair is known as the private key. The interesting thing about this key pair is that any data encrypted by the public key can only be decrypted by the private key. The public key is known to all but the private is key is known to only the server. After verifying the certificate, the client generates a random number or the session key and encrypts it with the server's public key. This is sent to the server, where it is decrypted using the private key. Now both sides have a session key known only to the two of them. All communication to and fro is encrypted and decrypted with the session key.
There are different versions of SSL depending on the encryption algorithm used. To ensure both the server and client use the same version, the browser sends the versions it supports, along with the initial request. Once the version negotiation is done, the server sends the certificate. The certificate includes:
- The identity of the organization to which the web server belongs
- The certificate's expiration date
- The public key
- The identity of the organization that issued the certificate, known as a certification authority (CA)
Fig 1. A server certificate as viewed in Mozilla Firefox
Browsers have a certificate store and are configured to recognize certificates issued by a number of well-known CAs. If the CA is not on the browser's list, the browser will open a dialog box asking you to manually accept or decline installation of the certificate. This allows the user to determine whether the web server can be trusted in an HTTPS (HTTP over SSL) connection; everything which is transmitted is encrypted, including the data in the query string.
The protection SSL offers
SSL gives us two security assurances:
- That the data between the client and server is not seen or modified by a third party
- That the server is who it claims to be
SSL protects the web site and its users against a number of attacks. Let's look at some such attacks and how SSL thwarts them.
- Attacks based on network sniffing. SSL ensures all data is encrypted and cannot be seen or modified by anybody else.
- A bogus server posing as the actual server. The client can check the certificate to ensure it the actual server and that the certificate has been issued by a trusted CA.
And what it doesn't protect against
However, SSL does not provide complete protection. There are a number of attacks against which SSL is ineffective.
- Although the data on the wire is encrypted, SSL does not protect the data stored on the disk.
- Software vulnerabilities can still be exploited by attackers.
- Information getting stolen through pages cached on the browser. If the pages requested through SSL connection do not have cache control directives set, these pages can be accessed through cache.
- A variable manipulation attack in which the attacker captures the web page request and response through web proxy tools and edits the content. SSL is useful to prevent man-in-the-middle attacks where an attacker intercepts another user's session, sees its contents or modifies data. But it cannot prevent an attacker from intercepting his own connection and manipulating the variables.
- Stealing confidential information from the browser memory. Since in SSL data is encrypted only during transmission on the network, it is in clear text in the browser memory. An attacker can use memory reading tools to view the information. This was discussed in detail in a recent blog post .
- Social engineering attacks which are carried out outside the application can still be used.
Look out for the next article in this series on SSL that will discuss the implementation and user awareness issues.