Link Security of Rongyun Internet Communication Security

The in-depth development of Internet communication technology with instant messaging and real-time audio and video as the core has made the communication between people break through the limitations of space and time, making information far-reaching, making connections happen at any time, and making communication rich and diverse. Follow [Rongyun Global Internet Communication Cloud] to learn more

But while the Internet brings great convenience to our lives, user privacy and communication security issues also follow.

For developers, the openness of the Internet also means risks; the high degree of freedom for users to use the network and terminal devices also provides opportunities for criminals.

Therefore, improving the security of Internet communication needs to be carried out throughout the construction of the system. This series of articles mainly discusses the security of Internet communication, and the first one focuses on "link security".

Security Issues and Main Attack Means of Internet Communication System

1. steal content

If the communication content is unencrypted or weakly encrypted during the entire Internet communication process, the information can be read directly after being intercepted.

This will lead to the disclosure of personal privacy, and may even endanger the safety of the user's property. If in the office scenario, the stolen company's trade secrets may cause greater economic losses.

2. Tampering with content

If the communication content is intercepted and then modified and then sent, the correctness and integrity of the information will be destroyed.

3. fake content

If the user's communication credentials are stolen or other information is interspersed in the communication process, it may create the possibility to use the user's identity to defraud the trust of the correspondent and bury hidden dangers.

4. disseminate illegal content

Based on the message push capability of the instant messaging system, criminals may not only spread information related to pornography, gambling, violence or terrorism or endanger national security, but also computer Trojan viruses.

Common attack methods

1. transplant trojan

Intercept or tamper with information by transplanting Trojans in the terminal.

2. fake app

By forging APPs or adding backdoors to APPs, end users mistakenly think that they are normal applications to use, so as to achieve their illegal purposes.

3. network packet capture

Obtain user communication content by capturing packets on network devices.

4. man-in-the-middle attack

By hijacking DNS and other means, the user's communication connection passes through the attacker's device, so as to achieve the purpose of stealing and tampering.

5. Vulnerability Mining

In addition to its own programs, the server or terminal also includes various third-party components or middleware, and illegal purposes can be achieved by mining loopholes in it.

(Common attack methods)

As can be seen from the above figure, the information reaches the server from the application through the network, and any link during this period may be used by people. Therefore, in the "crisis-ridden" Internet, the construction of a communication system needs to regard "security" as the first criterion, and ensure communication security through various means.

The Application of Cryptography in the Connection of Internet Communication System

In view of the above security problems and attack methods, it is particularly important to encrypt the communication data by applying cryptography to the connection of the Internet communication system.

Cryptography addresses the three elements of information security (CIA) namely:

Confidentiality guarantees that information is not leaked to unauthorized users.
Integrity ensures that the information is transmitted from the real sender to the real recipient, and is not added, deleted, or replaced by illegal users during the transmission process.
Availability ensures that authorized users can access data in a timely and reliable manner.

In addition to CIA, some attributes are also required, such as controllability and non-repudiation (Non-Repudiation).

As a key component of Internet communication, an instant messaging system generally requires the client to establish a long connection with the server to quickly deliver messages to the client in order to deliver messages quickly.

In the common C/S mode, the client will establish a connection with the server by means of TCP or UDP, and in some scenarios, it will also use HTTP to obtain or submit some information from the server.

In the whole process, all data needs to be encrypted. Simple data encryption can be summarized as: the sender inputs the plaintext, encrypts, generates the ciphertext, transmits the ciphertext, and the receiver decrypts to obtain the plaintext.

Which will involve symmetric encryption algorithm, asymmetric encryption algorithm, information digest algorithm. my country has also proposed a set of its own cryptographic algorithms - the national secret algorithm.

The national cryptographic algorithm, namely the national commercial cryptographic algorithm, is the cryptographic algorithm standard and its application specification recognized and published by the State Cryptography Administration, and some cryptographic algorithms have become international standards. Such as SM commercial series of passwords: symmetric encryption algorithm SM4, asymmetric encryption algorithm SM2, message digest algorithm SM3.

Connection session encryption

For link-level encryption, the first thing to consider is link encryption based on the SSL/TLS protocol, which is the cornerstone of modern Internet communication security.

Many people think that the SSL/TLS protocol is an addition to the HTTP protocol and is part of HTTPS. In fact, this understanding is not completely correct. SSL/TLS is independent of the application layer protocol, and the high-level protocol can be transparently distributed on the SSL/TLS protocol. Therefore, the message communication protocol based on instant messaging and persistent connection can also be built on the SSL/TLS protocol.

(SSL/TLS is an application layer protocol independent)

SSL/TLS can be simply summed up as: using the asymmetric encryption algorithm based on the public-private key system, transmitting the key of the symmetric encryption and decryption algorithm, and encrypting the data packets of the subsequent communication based on the same symmetric encryption and decryption algorithm and key of both parties And transmission, so as to achieve the purpose of ensuring data security communication.

The public and private keys in an asymmetric encryption algorithm are mathematically related, so that one can encrypt and the other can decrypt. However, although it is related, with the existing mathematical algorithm, there is no way to calculate another key from one key.

In addition, it should be emphasized that do not use self-signed certificates in the system, but use certificates with CA certification, which can effectively prevent man-in-the-middle attacks.

fast session recovery

When the client and the server establish the SSL/TLS handshake, many steps need to be completed: key negotiation to obtain the session key, digital signature authentication, message verification code MAC, etc.

The most time-consuming part of the entire handshake phase is key negotiation, which requires intensive CPU processing. When the client and server disconnect from this session, the session key they negotiated when they connected before disappears. The next time the client connects to the server, a new complete handshake phase is required, which seems to be no problem, but when a large number of connection requests are submitted in a certain period of time in the system, it will take up a lot of server resources and cause the network Latency increases.

In order to solve the above problems, the TLS/SSL protocol provides a session recovery method, which allows the client and the server to restore the previous session connection when the client accesses the next time after closing the connection for a certain time. There are two types of session recovery, one is based on the Session ID, and the other is to use the Session Ticket TLS extension.

1. Session ID session recovery

After a complete handshake phase, both the client and the server save the Session ID. When the session is closed and the next connection is made again, the client attaches the Session ID value to the Client Hello sub-message, and the server receives the Session ID value. After the request, match the Session ID with the Session ID saved in the Server Cache.

If the match is successful, the server will resume the last TLS connection, use the previously negotiated key without re-key negotiation, and the server will directly send the ChangeCipherSpec sub-protocol after receiving the Client Hello with the Session ID and the match is successful. , which tells the TLS record layer to switch the connection state to readable and writable to complete session recovery.

(Session ID session recovery)

Although the use of Session ID for session recovery can reduce the time-consuming steps, since the Session ID is mainly stored in the Server Cache, if the request is relocated to another server due to the load balancing setting when connecting the request again, the new server will The Server Cache does not cache the Session ID that matches the client, which will cause the session to be unrecoverable and unable to proceed. Therefore, it is not recommended to use the Session ID method for session recovery.

2. SessionTicket session recovery

After a complete handshake process, the server encrypts the session data (session identifier, certificate, cipher suite and master key, etc.), generates a ticket after encryption, and sends the ticket to the client through the NewSessionTicket sub-message , which is saved by the client. The client will send the ticket to the server when the next connection is made. After the server decrypts and verifies that it is correct, the last session can be restored.

(SessionTicket session recovery)

Since encryption and decryption are performed in a closed loop on the server side, multi-services only need to share the key to complete this process. Compared with the Session ID method, it can not rely on the Server Cache. Therefore, the SessionTicket session recovery method is more conducive to large-scale distributed systems. use.

This article mainly shares two aspects. First, the use of SSL/TLS certificates with CA certification in the Internet communication system can ensure transmission security, prevent the transmission process from being monitored, prevent data from being stolen, and confirm the authenticity of the connection; second, use SessionTicket Fast session recovery can improve overall system performance and reduce connection latency.

For the Internet communication security topics closely related to developers, this series of articles will also share in-depth from other aspects, please continue to pay attention.