WebPerformance

WebPerformance - Lecture Secure Web Communication Proxy...

Info icon This preview shows pages 1–8. Sign up to view the full content.

View Full Document Right Arrow Icon
Copyright © Ellis Horowitz 1999-2009 1 Lecture Secure Web Communication, Proxy Servers, and Web Server Performance
Image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
Copyright © Ellis Horowitz 1999-2009 2 Implementing Secure Communication Secure web communication – Public Key Cryptography • Public and private key encryption – Digital Certificates and Certifying Authorities – Secure Sockets Layer Protocol (SSL) and https Web Server Performance – Popular platforms – Web Server Farms – Load Balancing • Switches • DNS redirection Web Server as Proxy Server – Caching – Using Apache as a proxy server
Image of page 2
Copyright © Ellis Horowitz 1999-2009 3 Private Key Encryption: sender/receiver share private key Public Key Encryption: for authentication Receiver has private and public keys: for privacy RPR = receiver private key SPR = sender private key RPU = receiver public key SPU = sender public key Public vs. Private key Cryptography
Image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
Copyright © Ellis Horowitz 1999-2009 4 RSA Public Key Encryption • The most popular algorithm for public key encryption is the RSA algorithm • Determining the private key from the public key involves factoring very large numbers – there is no efficient algorithm for factoring large numbers • In 1999, an RSA key of 512 bits was cracked using 292 computers, 8000 MIPS-years of CPU effort and 5.2 months of time – current wisdom is that 1024 bit keys are unbreakable – Certificate Authorities use 2048 bit keys
Image of page 4
Copyright © Ellis Horowitz 1999-2009 5 Cryptographic Hash Functions • A hash function or hash algorithm is a function that maps a domain of values into a range of numbers. • Given a data item X (X could be a word or a file), H is called a cryptographic hash function if it is computationally infeasible to find another data item Y, not equal to X, such that the hash value H(X) is equal to the hash value H(Y). – H(X) is called the message digest or digital signature of X under the hashing algorithm H. • Two well known cryptographic hash functions are MD5 and SHA
Image of page 5

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
Copyright © Ellis Horowitz 1999-2009 6 Bulk Cipher Methods • public/private key encryption methods are not suitable for general purposes, e.g. – the RSA method can only encrypt blocks of data which are 11 bytes less than the key size; each decryption involves complex mathematical calculations • therefore, secure communication on the web uses a different encryption method for encrypting the data • a bulk cipher is one in which the same keys are used to encrypt and decrypt the data; they are fast • some sample bulk ciphers: RC2, RC4-40, RC4-56, DES40-CBC
Image of page 6
Copyright © Ellis Horowitz 1999-2009 7 Using Cryptographic Hashing • Even using public key encryption, data can be stolen and decrypted using the public key • A message digest is a way to produce a unique number from a message • Sender produces a message digest using a known hashing algorithm • Message digest is encrypted and sent with the message • Receiver decrypts the digest and then computes the message digest from the actual message to make sure they are identical
Image of page 7

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
Image of page 8
This is the end of the preview. Sign up to access the rest of the document.

{[ snackBarMessage ]}

What students are saying

  • Left Quote Icon

    As a current student on this bumpy collegiate pathway, I stumbled upon Course Hero, where I can find study resources for nearly all my courses, get online help from tutors 24/7, and even share my old projects, papers, and lecture notes with other students.

    Student Picture

    Kiran Temple University Fox School of Business ‘17, Course Hero Intern

  • Left Quote Icon

    I cannot even describe how much Course Hero helped me this summer. It’s truly become something I can always rely on and help me. In the end, I was not only able to survive summer classes, but I was able to thrive thanks to Course Hero.

    Student Picture

    Dana University of Pennsylvania ‘17, Course Hero Intern

  • Left Quote Icon

    The ability to access any university’s resources through Course Hero proved invaluable in my case. I was behind on Tulane coursework and actually used UCLA’s materials to help me move forward and get everything together on time.

    Student Picture

    Jill Tulane University ‘16, Course Hero Intern