I am looking for a library that can generate RSA keys programmaticly on login within my angular app,
The angular public key will be used to request data from the server and the server will convert its AES encrypted saved data to public key encrypted RSA data and send it to the angular app where the user can decrypt select data on request.
I have tried the 'kepair' node module but it does not conform to x.509 standards for public key that my Java Spring boot app requires for RSAPublicKey creation for encryption.
If anyone has some suggestions to help me solve this it would be greatly appriciated
Related
I have client-side generated a digital signature(JavaScript). The signature is then verified on Java back end. To verify the signature I am passing to the backend - (signature value, public key and message for verification). So far so good, but then the question arises - What if someone performs a man in the middle attack? He can easily generate a signature and send his - (signature value, public key and message.). So in a sense, this makes my current implementation not secure enough.
How can I avoid this? As far as I researched I have to verify that the public key sent is coming from the appropriate client and this is done through CA (Certificate Authority). However, in my case, I am doing this as a final project in university and I am not sure how to approach this problem.
Should I generate the public key certificate on the client side and send them along with the public key? Is it possible to generate self-signed-certificates on client-side and then verify it on the back-end?
What if someone performs a man in the middle attack
A MITM could replace the signature and the public key
How can I avoid this?
Mainly use SSL/TLS and/or...
As far as I researched I have to verify that the public key sent is coming from the appropriate client and this is done through CA (Certificate Authority)
If you use a Certificate Authority, each certificate is signed with the private key of the root CA certificate (or a subCA), so a MITM can not create a valid certificate because he does not own the root private key.
At server side, you can validate that the signature has been performed with a private key that corresponds to a certificate issued by the CA. Note that in this case you are working with certificates, not just with public keys ( a certificate envelopes a public key).
I am doing this as a final project in university and I am not sure how to approach this problem.
You have explained your solution but not the background. I mean why do you decided you need a digital signature? without that information I can not advise you.
Should I generate the public key certificate on the client side and send them along with the public key?
Read my previous comment
Is it possible to generate self-signed-certificates on client-side and then verify it on the back-end?
Yes, of course. You can generate a key pair at client side and associate the public key with the user's account during the registration process (using a secure channel)
This way you do not even need a password. The digital signature with the private key is the authentication proof. Using a CA is optional. The CA could issue a certificate containing the public key, but fot this scenario is not required
The server is sending data to the client and the client is using the public key to de-crypt the data. Simple enough. However, if someone with the public key is spoofing the line or gets his hands on the encrypted message packets, cant he/she steal the data using the public key?
What is wrong with my thought process.
Thank you
When using SSL/TLS the data transferred between the client and server is not encrypted using the public/private keys. Each connection uses its own set of encryption keys which are generated during connection setup. These keys are generated based on a shared secret that is provided by the client and protected by encrypting it with the public key before sending it to the server. As long as proper precautions have been taken to protect the private key this means that only the server will be able to decrypt the shared secret.
For more detailed information you can read the Wikipedia entry on TLS Handshake
We are developing a banking mobile application using MobileFirst V7.1. As it is a banking mobile application security matters more the sensitive data from mobile client to MobileFirst server trasnferred securely. hence the data should be encrypted from the mobile client/App side and sent to the MobileFirst Server and at the server side we have to decrypt the data and call the backend webservice. As per the client requirement the following are the steps to be implemented for encryption logic:
Step 1: Generate a symmetric key
A 32 bit random key will be generated
Step 2: Encrypt the data with this key, using a symmetric algorithm like AES.
The sensitive data is encrypted with the above generated key using AES algorithm
Step 3: Encrypt the symmetric key with the public key, using a asymmetric algorithm like RSA.
The key (32 bit random key generated in step1 an used for encryption of sensitive data in step2) is encrypted using the asymmetric algorithm RSA public key
Step 4: Bundle the encrypted symmetric key with the encrypted data
Bundle both the encrypted sensitive data and encrypted random key in an object and sent it to the server. At the worklight server end, from step4 to step1 is performed in reverse to decrypt and get the original data
The problem is I'm able to achieve the encryption logic from step1 to stpe4 at the application end, but when I use the same RSA alogorithm java script libraries in the MobileFirst HTTP adapter side to decrypt the data, I'm getting many errors stating that "window" is undefined, "navigator" is undefined. The RSA javascript libraries consists of navigator, window, at the mobilefirst adapter javascript file these navigaotr or window is unavailable, hence I'm getting this errors and I'm unable to move forward. Can anyone please help me to resolve this or help me in implementing the Enctyprtion logic as mentioned in the above step1 to step4 in my MobileFirst application.
Thanks in adavance.
Check this older response form stackoverflow:
I don't see issues on encrypting you adapter request/response payload(the data you send and receive inside of an adapter call).
Worklight adapter calls are not encrypted (WL.Client.invokeProcedure)
Although, if you encrypt the entire request(or response) used by this will confuse the adapter Client/Server internal communication protocol.
If you want extra protection on on the transport layer(Like HTTP/HTTPS) and maybe an extra layer. I would check if in your case, a IBM DataPower would not what you are searching for: https://en.wikipedia.org/wiki/IBM_WebSphere_DataPower_SOA_Appliances
Application Layer: https://en.wikipedia.org/wiki/Application_layer
You can use also the adapter mash up technic at the adapter calls in a single adapter endpoint to prevent unwanted eyes to try ton reverse engineer this call by its name, and this 1st adapter can decrypt the payload at the server-side and send to the wanted adapter internally(inside the server-side).
https://mobilefirstplatform.ibmcloud.com/tutorials/en/foundation/8.0/adapters/advanced-adapter-usage-mashup/
I hope this helps,
You have to write own code for encryption or decryption, I think you are using third party library to do encryption/decryption which is browser based. As worklight adpater does not recognize window/navigator.
Please help me fill out the blanks here -
The server keeps its private key and the public key is shared to the users. So the client trusts the content thats coming from the server using the public key. How does the client encrypt the contents he is sending back to the server ?. Using the public key of the server ? or does the client send a autogenerated private key and encrypts it using the public key which is then decypted by the server along with the message and used for furthter communication by both parties.
A Public and a Private key is required to do ssl communication. This Key pair is generated using a self signed certificate ?. How can a single self signed certificate contain both public and private keys.
One more thing On message level security -- im looking at a current configuration and am pulling my hair out -- Using IBM Ikeyman to look at the producer and Consumer JKS files-- for Message level security(Digital Signing) there is a Personal certificate at the Consumer and a Signer certificate at the Producer ... Isnt this the other way around? Is this current configuration incorrect --- Both the keys are same by the way.
The server keeps its private key and the public key is shared to the users.
Correct.
So the client trusts the content thats coming from the server using the public key.
No. There is no 'so' about it. The client trusts the server certificate because it is signed by someone he trusts, and he knows it belongs to the server because the server provides a digital signature that the client can verify, which only the private key owner can do. Therefore he knows that the server owns that public key.
How does the client encrypt the contents he is sending back to the server ?.
The client and server negotiate a shared session key independently using techniques described in RFC 2246. For the most part they don't involve PKI at all.
Using the public key of the server? or does the client send a autogenerated private key and encrypts it using the public key which is then decypted by the server along with the message and used for furthter communication by both parties.
Neither, see above. This is quite a large subject.
A Public and a Private key is required to do ssl communication.
No. One of the parties must have a private key and a corresponding certificate that the other party trusts, otherwise the communication is insecure.
This Key pair is generated using a self signed certificate
No. The statement doesn't even make sense. Key pairs are generated first, nothing to do with certificates yet. The certificate is a wrapper for the public key.
How can a single self signed certificate contain both public and private keys.
It can't, and it doesn't. Self-signing doesn't have anything to do with it either.
Public-key encryption 101:
The public and private keys form a pair: each key in the pair can decrypt messages encrypted with the other, but cannot decrypt messages encrypted with itself. If the client can decrypt a message with the public key, it knows the message was encrypted by the owner of the public key. Conversely, a message encrypted with the public key can only be decrypted by the owner of the private key.
The basic idea is that the client generates a key for a symmetric-key cypher, encrypts it with the public key, and sends that to the server. Both sides then use that symmetric key and cypher for the majority of the communication.
In SSL communication,when the client wants to interact with some server, the server sends its public key. Always remember a certificate is nothing but a public key with a bunch of supporting information.
The problem here is any hacker can masquerade as a server and can block the communication between server and client. So the server certificate must be signed by some certificate authority. The client only believes the server certificate if it is signed by a certificate authority.In that case the hacker in between can not masquerade as a server because its certificate will not be authenticated by the certificate authority.
So client accepts the certificate and gets the public key of server. Now the client can send its public key encrypted by the public key of the server. Since this encrypted message can only be decrypted by the private key of the server so only server can decrypt it.
But the use of public key and private key over the ssl communication can slow down the connection very much because these keys lengths are 1024 or 2048 bits.
So practically what happens is instead of sending its own public key, the client sends the symmetric key encrypted by the public key of the server. Server decrypts it with its private key and it gets to know the symmetric key. Now the further communication happens with this symmetric key encryption and decryption.Since no third party gets to know the symmetric key, the communication will be secure.
Remember symmetric key lengths are generally 64-128 unlike public keys hence less the time for encryption and decryption.
This question already has answers here:
How does browser generate symmetric key during SSL handshake
(2 answers)
Closed 2 years ago.
I have been reading on HTTPS, trying to figure out how exactly it works. To me it doesn't seem to make sense, for example, I was reading this
https://ssl.trustwave.com/support/support-how-ssl-works.php
And notice it says this in the page
Step 4: xyz.com will next create a
unique hash and encrypt it using both
the customer's public key and
xyz.com's private key, and send this
back to the client.
Step 5: Customer's browser will decrypt the hash. This process shows
that the xyz.com sent the hash and
only the customer is able to read it.
What I don't understand is, couldn't a hacker just intercept the public key it sends back to the "customer's browser", and be able to decrypt anything the customer can?
Thanks for any response
Why is HTTPS required?
To verify whether the website is authenticated/certified or not (uncertified websites can do evil things). An authenticated website has a unique personal certificate purchased from one of the CA’s.
Who are CA’s (Certificate Authorities)?
CA’s are globally trusted companies like GoDaddy, GeoTrust, VeriSign etc who provide digital certificates to the websites.
What are public keys and private keys?
Keys are nothing but long random numbers used to encrypt/decrypt data.
Public keys are keys which can be shared with others. Private keys are meant to be kept private.
Suppose Jerry generates a private key and public key. He makes many copies of that public key and shares with others.
Now, others can only encrypt the data using the public key and that data can only be decrypted by the private key of Jerry.
Another approach is to use public keys to only decrypt the data and private keys to only encrypt the data.
How does a company get a certificate?
Website owner first generates a public key and private key, keeping the private key secret.
He gives a Certificate Signing Request file (CSR) and his public key to the CA.
CA then creates a personal certificate based on CSR including domain name, owner name, expiry date, serial no. etc and also adds an encrypted text (= digital signature) to the certificate and finally encrypts the whole certificate with the public key of the server and sends it back to the website owner.
This certificate is then decrypted with the private key of the website owner and finally, he installs it on the website.
Note: That encrypted text is the digital signature of the CA. That
text is encrypted by the private key of the CA and can only be
decrypted by a public key of CA.
When you install your operating
system or Browser, root-certificates from many trusted CA's like
GeoTrust, VeriSign, GoDaddy etc. come with it. These root-certificates
contain the public key of that CA provider which helps decrypt the
signature.
HTTPS security can be split into 2 parts (Handshakes):
1. To validate the certificate of a website:
1) When you enter the URL www.Google.com, Google’s server gives its public key and certificate (which was signed by GeoTrust) to the Browser.
2) Now browser has to verify the authenticity of the certificate i.e. it’s actually signed from GeoTrust or not.
As browsers come with a pre-installed list of public keys from all the major CA’s, it picks the public key of the GeoTrust and tries to decrypt the digital signature of the certificate which was encrypted by the private key of GeoTrust.
3) If it’s able to decrypt the signature (which means it’s a trustworthy website) then it proceeds to the next step else it stops and shows a red cross before the URL.
2. To create a secure connection (encrypts outgoing and incoming data) so that no one else can read it:
1) As I mentioned, Google sends its public key when you enter www.Google.com . Any data encrypted with this public key can only be decrypted by Google’s private key which Google doesn’t share with anyone.
2) After validating the certificate, browser creates a new key let’s call it Session Key and make 2 copies of it. These keys can encrypt as well as decrypt the data.
3) The browser then encrypts (1 copy of session key + other request data) with the Google's public key . Then it sends it back to the Google server.
4) Google’s server decrypts the encrypted data using its private key and gets the session key , and other request data.
Now, see, server and browser both have got the same copies of session
key of the browser. No one else has this key, therefore, only server
and browser can encrypt and decrypt the data. This key will now be
used for both to decrypt and to encrypt the data.
5) When Google sends the data like requested HTML document and other HTTP data to the browser it first encrypts the data with this session key and browser decrypts the data with the other copy of the session key.
6) Similarly, when browser sends the data to the Google server it encrypts it with the session key which server decrypts on the other side.
Note: This session key is only used for that session only. If the user
closes the website and opens again, a new session key would be
created.
can't get enough of web? behind the scenes when u type www.google.com in browser
What I don't understand is, couldn't a hacker just intercept the public key it sends back to the "customer's browser", and be able to decrypt anything the customer can.
First, understand that there are generally two steps of HTTPs communication.
1) Generate a shared symmetric key which can only be known between client and server, no one else knows it
2) With this shared symmetric key, client and server is able to safely communicate with each other without worrying about information being intercepted and decrypted by others.
So the question becomes, how can the client and server generate a secret shared key without being known by others in this open internet? This is the asymmetric algorithm coming to play, a demo flow is like below:
-- Client receives public key from server.
-- Client generates a key string "DummySharedKey" which will be later used as shared key, and encrypt it into "7$&^^%####LDD!!#" with server's public key, Man-in-the-middle may have the public key and might be able to intercept the encrypted data, but the data is useless to him as the data can only be decrypted by sever's private key.
-- Server receives the encrypted key string "7$&^^%####LDD!!#", and decrypt it into "DummySharedKey" with its private key
Above key exchange steps makes sure that only Client and Server can know the shared key is "DummySharedKey", no one else knows it.
So it's critical to understand that it is Client's responsibility to generate the shared key, NOT SERVER! (i think this is what confused you)
I also recommend you to take a look at this video which explains HTTPs very well.
https://www.youtube.com/watch?v=JCvPnwpWVUQ&list=FLt15cp4Q09BpKVUryBOg2hQ&index=3
What I don't understand is, couldn't a hacker just intercept the public key it sends back to the "customer's browser", and be able to decrypt anything the customer can.
Public/private key encryption is based on modulo arithmetics using prime numbers.
Such asymmetric encryption was only discovered in the mid-1970s. It is credited to Diffie and Hellman, and to Rivest, Shamir and Adleman. (Though, both actually rediscovered things already known by the British secret services.)
The wikipedia page on Diffie-Hellman has a detailed example of a secret key exchange through a public channel. While it does not describe SSL itself, it should be handy to make sense of why knowing a public key doesn't reveal the contents of a message.
You might also find this simple RSA example interesting.
I'm studying related topics and read several blogs like how-https-works and how-does-https-work-rsa-encryption-explained/.
I have summarized a sequence diagram based on my study and hope it can be helpful to someone who comes to this thread.
For more details, you can check the blog mentioned.
I have written a small blog post around SSL Handshake between the server/client. Please feel free to take a look.
SSL Handshake
A small snippet from the same is as follows:
"Client makes a request to the server over HTTPS. Server sends a copy of its SSL certificate + public key. After verifying the identity of the server with its local trusted CA store, client generates a secret session key, encrypts it using the server's public key and sends it. Server decrypts the secret session key using its private key and sends an acknowledgment to the client. Secure channel established."
It also describes the symmetric/asymmetric encryption which is used for SSL certificates and data transfer once secure transport is established.
For detailed explanation of SSL, see https://www.ietf.org/rfc/rfc2246.txt
Here are the brief ideas of SSL to answer your question:
1) Using certificates to authenticate. Server certificate is a must and client certificate is optional (only when the server requests it). A certificate is like something to prove who you are and it also contains a public key for asymmetric encryption.
2) Using asymmetric encryption (with public key in the server certificate) to establish a shared symmetric key which is used to transfer data between client and server securely by symmetric encryption (for performance reason because symmetric encryption is faster than asymmetric encryption).
The shared symmetric key is established by exchanging a premaster secret from client side (encrypted with server public key) and is derived from the pre-master secret together with client random and server random (thanks #EJP for pointing this out in the comment):
master_secret = PRF(pre_master_secret, "master secret",
ClientHello.random + ServerHello.random)
We need the server random and client random to prevent replay attacks that an attacker can capture the previous session and replay it for the new session.
What I don't understand is, couldn't a hacker just intercept the
public key it sends back to the "customer's browser", and be able to
decrypt anything the customer can.
The hacker cannot decrypt the message since he does not know the server private key. Be aware that public key cannot be used to decrypt the message.