CN102932350B - A kind of method and apparatus of TLS scanning - Google Patents
A kind of method and apparatus of TLS scanning Download PDFInfo
- Publication number
- CN102932350B CN102932350B CN201210428047.9A CN201210428047A CN102932350B CN 102932350 B CN102932350 B CN 102932350B CN 201210428047 A CN201210428047 A CN 201210428047A CN 102932350 B CN102932350 B CN 102932350B
- Authority
- CN
- China
- Prior art keywords
- algorithm
- server
- message
- client
- rsa
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
- Computer And Data Communications (AREA)
Abstract
The embodiment of the present invention provides a kind of Transport Layer Security TLS method of scanning, relates to coded communication field, when server end scans, it is possible to support various algorithm and/or client certificate efficiently. Described method includes: agency receives the initial message of server that server sends, and includes the algorithm selected by described server in the initial message of described server; Described agency algorithm selected by described server, correspondingly selects mode of operation, and wherein said mode of operation includes monitoring mode and proxy mode, to support algorithm selected by described server and/or client certificate; Wherein, any message is not modified by described agency under described monitoring mode, under described proxy mode, message is modified. The embodiment of the present invention also provides for the corresponding network equipment.
Description
Technical field
The present invention relates to coded communication field, particularly relate to the method and apparatus that a kind of TLS (TransportLayerSecurity, Transport Layer Security) is scanned.
Background technology
TLS is a kind of widely used authentication and secure transfer protocol. Obtain both sides by authentication and share ground session key, for encryption and the certification of subsequent communications content.
TLS is increasingly used to now and the application on network is encrypted. TLS is while protecting the confidentiality and integrity of these application, but brings some problems. Some application layer attack flows are encrypted by TLS, make IPS (IntrusionPreventionSystem, intrusion prevention system) equipment cannot it be detected. Such as one attack for encryption website, IPS is helpless to this.
Prior art is when carrying out server end scanning, it is possible to does not support certain algorithm, or is likely to not support client certificate, although or algorithmically can be supported, but inefficient.
Summary of the invention
Embodiments of the invention provide a kind of TLS method and apparatus of scanning, when server end scans, it is possible to support various algorithm and/or client certificate efficiently.
According to an aspect of the present invention, it is provided that a kind of TLS scanning method, including:
Agency (proxy) receives initial (ServerHello) message of server that server sends, and includes the algorithm selected by described server in the initial message of described server;
Described agency algorithm selected by described server, correspondingly selects mode of operation, and described mode of operation includes monitoring mode and proxy mode, to support algorithm selected by described server and/or client certificate;
Wherein, any message is not modified by described agency under described monitoring mode, under described proxy mode, message is modified.
According to a further aspect in the invention, it is provided that a kind of network equipment, including:
Receive unit, for receiving the initial message of server that server sends, the initial message of described server includes the algorithm selected by described server;
Processing unit, for the algorithm selected by the described server in the initial message of described server that receives according to described reception unit, correspondingly selecting mode of operation, described mode of operation includes monitoring mode and proxy mode, to support that algorithm selected by described server and/or client authorize.
After adopting technique scheme, the method of a kind of TLS scanning that the embodiment of the present invention provides and network equipment, when the initial message of the server receiving server transmission, algorithm selected by described server and be dynamically selected and work in monitoring mode or proxy mode, rather than it is constantly under a certain pattern, due in the monitoring mode, any message is not modified, improve process performance, when being applied to server end scanning, it is possible to support various algorithm and/or client certificate efficiently.
Accompanying drawing explanation
In order to be illustrated more clearly that the embodiment of the present invention or technical scheme of the prior art, the accompanying drawing used required in embodiment or description of the prior art will be briefly described below, apparently, accompanying drawing in the following describes is only some embodiments of the present invention, for those of ordinary skill in the art, under the premise not paying creative work, it is also possible to obtain other accompanying drawing according to these accompanying drawings.
Fig. 1 is the schematic diagram of main a kind of TLS server authentication;
The flow chart of the method for the TLS scanning that Fig. 2 provides for the embodiment of the present invention;
The schematic diagram of the method for the TLS scanning that Fig. 3 provides for the embodiment of the present invention;
Fig. 4 is when supporting without the outlet RSA Algorithm of ServerKeyExchange or the standard RSA algorithm without ServerKeyExchange, the schematic diagram that client, agency and server three are mutual;
Fig. 5 and Fig. 6 is when supporting DH algorithm, the schematic diagram that client, agency and server three are mutual;
Fig. 7 is when supporting containing the outlet RSA Algorithm of ServerKeyExchange or the non-standard RSA Algorithm containing ServerKeyExchange, the schematic diagram that client, agency and server three are mutual;
Fig. 8 is when carrying out client certificate, the schematic diagram that client, agency and server three are mutual;
One structured flowchart of the network equipment that Fig. 9 A provides for the embodiment of the present invention;
Another structured flowchart of the network equipment that Fig. 9 B provides for the embodiment of the present invention.
Detailed description of the invention
Below in conjunction with the accompanying drawing in the embodiment of the present invention, the technical scheme of the embodiment of the present invention is clearly and completely described, it is clear that described embodiment is only a part of embodiment of the present invention, rather than whole embodiments. Based on the embodiment in the present invention, all other embodiments that those of ordinary skill in the art obtain under the premise not making creative work, broadly fall into the scope of protection of the invention.
Fig. 1 is the schematic diagram of main a kind of TLS server authentication. In order to be more fully understood that the present invention, with reference to Fig. 1, first the flow process of main a kind of TLS server authentication is carried out described briefly below below.
(1) user end to server sends ClientHello (client is initial) message, including the algorithm list that described client is supported.
(2) described server checks described ClientHello (client is initial) message, selects a kind of AES and respond in described server is initial from algorithm list;
(3) described server sends its RSA public key certificate in Certificate (certificate) message;
(4) described server transmission ServerHelloDone (server initially terminates) shows that this stage terminates;
(5) the RSA PKI of pre-master key server is encrypted by described client, sends in ClientKeyExchange (client key exchange) message;
(6) described client transmission ChangeCipherSpec (amendment ciphertext stipulations) shows message below, will protect with the option activated
(7) described client sends Finished (completing) message, makes described server can check the option of activation.
(8) described server transmission ChangeCipherSpec (amendment ciphertext stipulations) shows message below, will protect with the option activated
(9) described server sends Finished (completing) message, makes described client can check the option of activation.
The embodiment of the present invention provides a kind of TLS method of scanning, it would be preferable to support various algorithms and/or client certificate. Wherein, described various algorithm can include the interim DH algorithm of certification, outlet RSA ((RSA_EXPORT)) algorithm and RSA Algorithm. Described outlet RSA Algorithm includes containing the outlet RSA Algorithm of ServerKeyExchange and the outlet RSA Algorithm without ServerKeyExchange; Described RSA Algorithm includes the standard RSA algorithm without ServerKeyExchange and the RSA Algorithm of the non-standard realization containing ServerKeyExchange.
It is pointed out that, hereinafter mention that DH algorithm each means the interim DH algorithm of certification, the interim DH algorithm of described certification specifically includes DHE_DSS, DHE_DSS_EXPORT, DHE_RSA, DHE_RSA_EXPORT, and all using the DH (the non-DH certificate mode) algorithm as key exchange method.
Simultaneously it is noted that TLS has each version in evolution, including SSL (SecureSocketsLayer, SSL) v2, SSLv3, TLS1.0, TLS1.1, TLS1.2 etc. TLS herein refers to all these versions. For new version, as long as it comprises Diffie-Hellman herein, this programme is equally applicable.
The flow chart of the method for a kind of TLS scanning that Fig. 2 provides for the embodiment of the present invention. With reference to Fig. 2, the embodiment of the present invention provides a kind of TLS method of scanning, and described method comprises the steps that
11, agency receives the initial ServerHello message of server that server sends, and includes the algorithm selected by described server in described server initial ServerHello message;
12, agency's algorithm selected by described server, correspondingly selects mode of operation, and described mode of operation includes monitoring mode and proxy mode, to support algorithm selected by described server and/or client certificate;
Wherein, any message is not modified under described monitoring mode, under described proxy mode, message is modified.
In embodiments of the present invention, the algorithm selected by server can be classified, for instance be divided into first kind algorithm and Equations of The Second Kind algorithm. When the algorithm selected by described server belongs to first kind algorithm, factorage is in the monitoring mode; When the algorithm selected by described server belongs to Equations of The Second Kind algorithm, factorage is under proxy mode; Wherein, described first kind algorithm and Equations of The Second Kind algorithm can set as required. Such as, with reference to Fig. 3, RSA without ServerKeyExchange and the outlet RSA Algorithm without ServerKeyExchange are classified as in first kind algorithm, DH algorithm, the RSA Algorithm containing ServerKeyExchange and the outlet RSA Algorithm containing ServerKeyExchange are classified as Equations of The Second Kind algorithm, in the case, if the algorithm that agent discovery server selects is first kind algorithm, then factorage is in monitoring mode; If the algorithm that agent discovery server selects is Equations of The Second Kind algorithm, then factorage is in proxy mode. Certainly, the invention is not restricted to this, can as required first kind algorithm and Equations of The Second Kind algorithm be sorted out.
The method of the TLS scanning that the embodiment of the present invention provides, when the initial message of the server receiving server transmission, algorithm selected by described server and be dynamically selected and work in monitoring mode or proxy mode, rather than it is constantly under a certain pattern, owing in the monitoring mode, any message not modified, improve process performance, when server end scans, it is possible to support various algorithm and/or client certificate efficiently.
For a better understanding of the present invention, for specific embodiment, the present invention is further described below. Wherein, embodiment 1 illustrates, the method for the TLS scanning when supporting without the outlet RSA Algorithm of ServerKeyExchange or the standard RSA algorithm without ServerKeyExchange. Embodiment 2 illustrates, the method for the TLS scanning when supporting DH algorithm. Embodiment 3 illustrates, the method for the TLS scanning when supporting containing the outlet RSA Algorithm of ServerKeyExchange and the non-standard RSA Algorithm containing ServerKeyExchange. Embodiment 4 illustrates, the method for TLS scanning during client certificate.
It is noted that the numeral 1,2,3... in each embodiment represents step below this part; And the numeral 1,2,3... in Fig. 4 to Fig. 8 represents the order of message, as 1 represents first message, 2 represent second message etc., and the rest may be inferred.
It should be noted that set forth below for embodiment be a part of embodiment of the present invention, those skilled in the art, by content of the present invention, can be easy to expect other embodiments, and they are within.
Embodiment 1
Fig. 4 is when supporting without the outlet RSA Algorithm of ServerKeyExchange or the standard RSA algorithm without ServerKeyExchange, the schematic diagram that client, agency and server three are mutual. With reference to Fig. 4, the method for the TLS scanning that the present embodiment provides comprises the steps that
The certificate of arrangement server on agency.
Agency, when receiving ServerHello message, checks cipher_suite (algorithm set) field in ServerHello, it is determined that whether Diffie-Hellman is RSA or outlet RSA (RSA_Export) algorithm.
If described agency determines that Diffie-Hellman is RSA Algorithm or outlet RSA Algorithm, and does not receive ServerKeyExchange message, then described factorage is in monitoring mode, does not revise any message. Now, the idiographic flow that client, agency and server three are mutual is as shown in Figure 4.
Agency is when receiving ClientKeyExchange message, it is possible to deciphering ClientKeyExchange message, it is thus achieved that pre-master key, and extrapolates session key. Agency, when receiving coded communication message, can use session key that message is decrypted, and then the plaintext after deciphering is issued scanning equipment (such as IPS) and processes. Meanwhile, the encrypted message received from a side is directly transmitted to the opposing party by agency, need not perform twice at encryption and decryption.
It is noted that in the present embodiment, if described agency determines that Diffie-Hellman is not, without the outlet RSA Algorithm of ServerKeyExchange or the standard RSA algorithm without ServerKeyExchange, then described factorage is in proxy mode. Concrete situation is with reference to the following examples.
The method of the TLS scanning that the present embodiment provides, when the initial ServerHello message of the server receiving server transmission, algorithm selected by described server and be dynamically selected and work in monitoring mode or proxy mode, rather than it is constantly under proxy mode, due in the monitoring mode, any message is not modified, improve process performance.
Embodiment 2
Fig. 5 and Fig. 6 is when supporting DH algorithm, the schematic diagram that client, agency and server three are mutual. The method of the TLS scanning that the present embodiment provides comprises the steps that
The certificate of arrangement server on agency.
Described agency, when receiving ServerHello, is confirmed whether it is RSA Algorithm or outlet RSA Algorithm.
If RSA Algorithm or outlet RSA Algorithm, and not receiving ServerKeyExchange message, then described factorage is in monitoring mode, does not revise any message. Act on behalf of by deciphering ClientKeyExchange message, it is thus achieved that pre-master key, and according to the standard derived session key of TLS, decipher follow-up TLS and note down message. Flow process terminates.
If being DH algorithm, then described factorage is in proxy mode, regenerates new ServerHello or ServerKeyExchange message. Described agency can carry out this selection according to local strategy.
Specifically, described agency is when being continuing with DH algorithm, it is possible to do not revise ServerHello message, but resends the DH parameter of oneself in ServerKeyExcahnge to client, is connected setting up Transport Layer Security according to DH algorithm with client. Or, DH algorithm selected in ServerHello message is revised as RSA Algorithm or outlet RSA Algorithm by described agency, and amended ServerHello message is sent to client, it is connected setting up Transport Layer Security according to amended algorithm with described client.
Afterwards, agency and client and server are respectively completed TLS and shake hands, and maintain TLS session information respectively with them. After the handshake be complete, a side being mail to after the information of the opposing party is decrypted, then re-encrypted mails to the opposing party.
In the present embodiment, when the algorithm that server selects is DH algorithm, client by regenerating new ServerHello message or can regenerate ServerKeyExchange message and supports DH algorithm. Respectively both of these case is specifically described referring to Fig. 5 and Fig. 6.
With reference to Fig. 5, the flow process regenerating new ServerHello message is as follows:
1. client sends ClientHello message.
2. agency forwards ClientHello message.
3. agency receives the 3rd message in figure, knows that server have selected DH algorithm.
4. agency presses face flow processing message 3:
A) Certificate in message 3 is checked, if support RSA or outlet RSA key exchange algorithm? if it is not, then turn " regenerate ServerKeyExchange flow process ";
B) ClientHello in message 1 is checked, wherein include RSA or outlet RSA key exchange algorithm? if it is not, then turn " regenerate ServerKeyExchange flow process ";
C) ClientHello in message 1 is checked, whether can find out a RSA or outlet RSA Algorithm, with the RSA key strength matching in certificate in message 3, and identical with the AES (including algorithm title, encryption mode, Cipher Strength) of selection algorithm in message 3 and MAC algorithm? if it is not, then turn " regenerate ServerKeyExchange flow process ";
You need to add is that: when the algorithm selected in message 3 is DHE_RSA_EXPORT, and when in message 3, the RSA in certificate is 1024 bit, step is poly-c) cannot find RSA_EXPORT algorithm to mate with Certificate in ClientHello.
Such as: the algorithm selected in message 3 is TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA, and the RSA in certificate is 1024 bits in message 3, ClientHello includes TLS_RSA_WITH_3DES_EDE_CBC_SHA algorithm simultaneously, then this RSA Algorithm meets the requirements.
The algorithm and for example selected in message 3 is TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, and the RSA in Certigicate is 512 bits in message 3, ClientHello includes TLS_RSA_EXPORT_WITH_DES40_CBC_SHA algorithm simultaneously, then this outlet RSA Algorithm meets the requirements.
The algorithm and for example selected in message 3 is TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA, and the RSA in certificate is 1024 bits in message 3, at this moment Cipher Strength is the DES of 40 bits, can only search outlet RSA Algorithm in the ClientHello of message 1. Assume to find TLS_RSA_EXPORT_WITH_DES40_CBC_SHA algorithm, then now according to standard, need server end to produce an interim RSA key less than or equal to 512 bits, and PKI therein is sent in a ServerKeyExchange message. Being realized this algorithm by agency, not as still using DHE_RSA_EXPORT algorithm, therefore agency encounters this situation, it is believed that ineligible, turns " regenerating ServerKeyExchange flow process "
D) constructing new ServerHello_p, algorithm therein is set in c) RSA or the outlet RSA Algorithm selected.
E) agency sends ServerHello_p, Certificate and ServerHelloDone to client.
5. client sends ClientKeyExchage_c, ChangeCihperSpec, Finished_c. wherein ClientKeyExchage_c and uses the pre-master key of RSA public key encryption in Certificate. Proxy decryption ClientKeyExchane_c, it is thus achieved that the pre-master key between it and client.
6. agency generates the DH parameter of oneself, generates ClientKeyExchange_p, Finished_p1 message, is sent to server end. At this moment agency can calculate the pre-master key obtaining between it and server.
7., after server receives message 6, calculate the pre-master key obtained between it and agency. Send ChangeCihperSpec and Finisn_s message. Act on behalf of the TLS with server to be connected.
8. agency sends ChangeCipherSpec and Finished_p2 message, is connected with completing TLS between client.
9. so far, agency sets up independent TLS respectively with client and server and is connected and session. Agency and client end are encrypted communication. Agency receives the message of client, detects expressly mailing to IPS equipment after deciphering. Plaintext after simultaneously the ciphertext from server end being deciphered, re-encrypted issues client.
10. agency and server end are encrypted communication. Agency receives the message of server, detects expressly mailing to IPS equipment after deciphering. Plaintext after simultaneously the ciphertext from client end being deciphered, re-encrypted issues server end.
It should be understood that 1,2,3 step needs order performs above, and 6,7 and 4,5,8 can executed in parallel.
Referring to Fig. 6, illustrate to regenerate the flow process of ServerKeyExchange message. The flow process regenerating ServerKeyExchange message is roughly the same with the flow process regenerating new serverhello shown in Fig. 5, is different in that:
3. agency receives the 3rd message in Fig. 6, it has been found that server have selected DH algorithm. Agency generates the DH parameter of oneself.
4. agency uses the DH parameter that the 3rd step generates, and constructs new ServerKeyExchange_p. Agency sends ServerHello, Certificate, ServerKeyExchange_p and ServerHelloDone.
5. client send ClientKeyExchage_c, ChangeCihperSpec, Finished_c. simultaneously client calculate and act on behalf of between pre-master key. Agency receives ClientKeyExchange_c, calculates and pre-master key between client.
6. the DH parameter (can use the DH parameter generated in the 3rd step, or regenerate new DH parameter) that agency generates according to oneself, generates ClientKeyExchange_p, Finished_p1 message, is sent to server end.At this moment agency can calculate the pre-master key obtaining between it and server.
7., after server receives message 6, calculate the pre-master key obtained between it and agency. Send ChangeCihperSpec and Finish_s message.
8. agency sends ChangeCipherSpec and Finished_p2 message, is connected with completing TLS between client.
9. so far, agency sets up independent TLS respectively with client and server and is connected and session. Agency and client end are encrypted communication. Agency receives the message of client, detects expressly mailing to IPS equipment after deciphering. Plaintext after simultaneously the ciphertext from server end being deciphered, re-encrypted issues client.
It should be understood that 1,2,3 step needs order performs above, and 6,7 and 4,5,8 can executed in parallel.
The method of the TLS scanning that the present embodiment provides, when the initial ServerHello message of the server receiving server transmission, algorithm selected by described server and be dynamically selected and work in monitoring mode or proxy mode, rather than it is constantly under proxy mode, due in the monitoring mode, any message is not modified, improve process performance.
Embodiment 3
Fig. 7 is when supporting containing the outlet RSA Algorithm of ServerKeyExchange or the non-standard RSA Algorithm containing ServerKeyExchange, the schematic diagram that client, agency and server three are mutual. With reference to Fig. 7, the method for the TLS scanning that the present embodiment provides comprises the steps that
The certificate of arrangement server on agency.
Described agency, when receiving ServerHello, is confirmed whether it is RSA Algorithm or outlet RSA Algorithm.
If RSA Algorithm or outlet RSA Algorithm, and do not receive the then described factorage of ServerKeyExchange message in monitoring mode, do not revise any message. Act on behalf of by deciphering ClientKeyExchange message, it is thus achieved that pre-master key, and according to the standard derived session key of TLS, decipher follow-up TLS and note down message. Flow process terminates.
If what agency received in ServerHello is outlet RSA Algorithm or RSA Algorithm, and receive the ServerKeyExchange message that server sends, now, act on behalf of the thinking that equally possible employing is similar to DH algorithm in embodiment 2, replacing the interim RSA PKI in ServerKeyExchange message is that agency controls oneself the interim RSA PKI (identical with the RSA PKI figure place in ServerKeyExchange) generated, and issues client with privacy key this message of signing. Subsequent client uses the interim pre-master key of RSA public key encryption of agency, therefore agency can decipher the pre-master key of acquisition, and replace the ClientKeyExchage message of client, by the interim RSA public key encryption of pre-master key server, and issue server end in new ClientKeyExchange.
Concrete interaction is basic roughly the same with Fig. 6, with reference to Fig. 7, difference is only described here.
3. agency receives the 3rd message, it has been found that server have selected outlet RSA Algorithm or RSA Algorithm, includes serveHello message and ServerKeyExchange_s message in described 3rd message.
4. agency generate oneself interim RSA PKI (identical with the RSA PKI figure place in ServerKeyExchange_s), construct new ServerKeyExchange_p. Agency sends ServerHello, Certificate, ServerKeyExchange_p and ServerHelloDone.
5. client sends ClientKeyExchange_c, ChangeCihperSpec, Finished_c. Wherein ClientKeyExchage_c uses the interim pre-master key of RSA public key encryption in ServerKeyExchange_p. Proxy decryption ClientKeyExchane_c, it is thus achieved that the pre-master key between it and client.
6. the pre-master key that the 5th step is obtained by agency, uses the interim RSA public key encryption in ServerKeyExchange_s to generate ClientKeyExchange_p, then ClientKeyExchange_p, Finished_p1 message is sent to server end.
7., after server receives message 6, deciphering obtains the pre-master key between it and agency. Send ChangeCihperSpec and Finish_s message.
8. agency sends ChangeCipherSpec and Finished_p2 message, is connected with completing TLS between client.
After 8th step completes, act on behalf of and between client and server, use identical session key.
Agency, when receiving coded communication message, can use session key that message is decrypted, and then the plaintext after deciphering is issued scanning equipment (such as IPS) and processes. Meanwhile, the encrypted message received from a side is directly transmitted to the opposing party by agency, need not perform twice at encryption and decryption. Namely after the handshake be complete, agency is in monitoring mode.
It should be understood that requirements of process order above performs.
Alternatively, 6th step agency oneself can generate pre-master key, re-use the interim RSA public key encryption in ServerKeyExchange_s and generate ClientKeyExchange_p, then ClientKeyExchange_p, Finished_p1 message is sent to server end. At this moment, agency from maintain different session key between client and server respectively.
Agency and client are encrypted communication: agency receives the message of client, detect expressly mailing to IPS equipment after deciphering. Plaintext after simultaneously the ciphertext from server end being deciphered, re-encrypted issues client.
Agency and server end are encrypted communication. Agency receives the message of server, detects expressly mailing to IPS equipment after deciphering. Plaintext after simultaneously the ciphertext from client being deciphered, re-encrypted issues server end.
In suc scheme, above 1,2,3 step needs order perform, and 6,7 and 4,5,8 can be parallel.
The method of the TLS scanning that the present embodiment provides, when the initial ServerHello message of the server receiving server transmission, algorithm selected by described server and be dynamically selected and work in monitoring mode or proxy mode, rather than it is constantly under proxy mode, due in the monitoring mode, any message is not modified, improve process performance.
Embodiment 4
Fig. 8 is when carrying out client certificate, the schematic diagram that client, agency and server three are mutual. With reference to Fig. 8, using the standard RSA algorithm without ServerKeyExchange, or during outlet RSA Algorithm without ServerKeyExchange, owing to agency is completely in monitoring mode, it is not revising any message, so at this moment directly supporting client certificate.
Using DH algorithm, or the outlet RSA Algorithm containing ServerKeyExchange message, or during non-standard RSA Algorithm containing ServerKeyExchange, factorage is under proxy mode, revised owing to now message is proxied, if at this moment to support client certificate, agency must regenerate CertificateVerify and Finish message.Concrete scheme is as follows:
Agency receives the Certificate of client transmission, ClientKeyExchange, CertificateVerify, ChangeCipherSpec and Finished_Client message;
Agency replaces server that the message of described reception is carried out client certificate;
It is the certificate that oneself generates temporarily that agency replaces client certificate in certificate;
Agency uses the private key controlled oneself to sign in CertificateVerify;
Agency replaces user end to server to send CertificateVerify and finish message to carry out client certificate.
In the present embodiment, agency can replace these messages of server authentication after receiving the Certificate of client, ClientKeyExchange, CertificateVerify, ChangeCipherSpec and Finished_Client message, performs client certificate simultaneously. Agency replaces client certificate in certificate simultaneously is the certificate that oneself generates temporarily. And in CertificateVerify, use the private key controlled oneself to sign. Relevant finish message, according to standard, is recalculated by agency.
It is noted that in the present embodiment, server has been previously charged into the root certificate (or trusting this root certificate) of letter of attorment, agency has been carried out client certificate, and believes the identity in certificate.
It addition, agency can some certificates oneself temporarily generated for client of buffer memory, the expense that every time Generates Certificate of reduction.
The method of the TLS scanning that the present embodiment provides, it is also possible to support client certificate.
The TLS provided by the invention method scanned is illustrated by each embodiment above. In sum, technical scheme is adopted can to obtain following technique effect:
1) DH algorithm, outlet RSA Algorithm containing ServerKeyExchange message are supported, and the realization of some the non-standard RSA Algorithm containing ServerKeyExchange, avoid assailant to adopt this kind of algorithm to walk around TLS and scan equipment, it is to avoid the particular algorithm configuration of server. For existing equipment, if not supporting these algorithms, scanning equipment can only select to let slip these messages. And adopt this programme, it is possible to achieve the scanning to these messages, it has been found that wherein attack that may be present.
2) various client certificate method is supported. For standard RSA algorithm and the outlet RSA Algorithm without ServerKeyExchange, directly support client certificate. For DH algorithm, outlet RSA Algorithm containing ServerKeyExchange message, and the RSA Algorithm containing ServerKeyExchange, by signing and issuing a certificate representing client identity temporarily, to support client certificate.
3) when supporting at 2 above, performance is better relative to other single alternative. By analyzing ServerHello message and association message, according to the algorithm of server selection and correlative factor, it is dynamically determined mode of operation (monitoring or proxy mode). In the monitoring mode, it is not necessary to data are performed twice at encryption and decryption (i.e. deciphering after again re-encrypted). Thus reaching performance preferably, support again the effect of various function simultaneously.
Corresponding with the method for TLS scanning described in the embodiment of the present invention above, as shown in Figure 9 A, the embodiment of the present invention also provides for a kind of network equipment 90, and described network equipment 90 includes receiving unit 91 and processing unit 92. Wherein:
Receive unit 91, for receiving the initial message of server that server sends, the initial message of described server includes the algorithm selected by described server;
Processing unit 92, for the algorithm selected by the described server in the initial message of described server that receives according to described reception unit 91, correspondingly select mode of operation, described mode of operation includes monitoring mode and proxy mode, to support algorithm selected by described server and/or client certificate.
The network equipment of a kind of TLS scanning that the embodiment of the present invention provides, when the initial message of the server receiving server transmission, algorithm selected by described server and be dynamically selected and work in monitoring mode or proxy mode, rather than it is constantly under certain pattern, owing in the monitoring mode, any message not modified, improve process performance, when being applied to server end scanning, it is possible to support various algorithm and/or client certificate efficiently.
Further, the algorithm selected by described server can be divided into first kind algorithm and Equations of The Second Kind algorithm, and when the algorithm selected by described server belongs to first kind algorithm, described network equipment works in the monitoring mode; When the algorithm selected by described server belongs to Equations of The Second Kind algorithm, described network equipment is operated under proxy mode; Wherein, described first kind algorithm and Equations of The Second Kind algorithm set as required.
In one embodiment of the invention, algorithm selected by described server is DH algorithm, described network equipment works in proxy mode, and now, described processing unit 92 is additionally operable to: the DH algorithm selected in initial for described server message is revised as RSA Algorithm or outlet RSA Algorithm;
As shown in Figure 9 B, described network equipment may also include that
Transmitting element 93, for will be sent to client through the described processing unit 92 initial message of amended server, is connected setting up Transport Layer Security according to amended algorithm with described client.
In another embodiment of the present invention, the algorithm selected by described server is DH algorithm, and described network equipment works in proxy mode, and described transmitting element 93 can be additionally used in:
When DH algorithm can be continuing with, sends server key exchange serverKeyExchange message to client, described server key exchange message includes the DH parameter of described agency, be connected setting up Transport Layer Security according to DH algorithm with client.
Further, described processing unit 92, it is additionally operable to, according to the DH parameter generated, generate client key exchange ClientKeyExchange message;
Described transmitting element, is additionally operable to the client key exchange message of described generation is sent to described server, is connected setting up Transport Layer Security according to DH algorithm with described server.
In one embodiment of the invention, algorithm selected by described server is outlet RSA Algorithm or RSA Algorithm, and described network equipment also have received server key exchange message, described network equipment works in proxy mode, now, described reception unit 91 can be used for: receives the server key exchange message that server sends, includes the interim RSA PKI of described server in described server key exchange message;
Described processing unit 92 is used for: the interim RSA PKI of the described server in the server key exchange message received by described reception unit 91 replaces with the interim RSA PKI oneself generated; And exchange message with the privacy key described server key of signature;
Described transmitting element 93 is used for: the described server key exchange message that described processing unit 92 is signed with described privacy key is sent to client;
Described reception unit 91 is used for: receives the first client key exchange message that described client sends, includes the pre-master key with the interim RSA public key encryption of described agency in described first client key exchange message;
Described processing unit 92 is additionally operable to: decipher the described first client key exchange message that described reception unit 91 receives, it is thus achieved that described pre-master key;
Described transmitting element 93 is additionally operable to: send the second client key exchange message to server, includes the pre-master key with the interim RSA public key encryption of described server in described second client key exchange message.
Wherein, the pre-master key that the pre-master key in described second client key exchange message can obtain for the first client key exchange message described in described proxy decryption, or the pre-master key being autonomously generated for described agency.
In another embodiment of the present invention, described network equipment is operated in proxy mode,
Described reception unit 91 is used for: receives the certificate Certificate of client transmission, client key exchange ClientKeyExchange, certification authentication CertificateVerify, amendment ciphertext stipulations ChangeCipherSpec and client and completes Finished_Client message;
Described processing unit 92 is used for: replace described server that described message is carried out client certificate; Replacing described client certificate in described certification authentication is the certificate that oneself generates temporarily; Described certification authentication message use the private key controlled oneself to sign;
Described network equipment also includes:
Transmitting element, is used for replacing described client send certification authentication to described server and complete message to be authenticated.
It is pointed out that, the network equipment that the embodiment of the present invention provides is corresponding with the method for the TLS scanning that the embodiment of the present invention above provides, owing to the method for TLS scanning being described in detail above, therefore not repeating them here, corresponding contents can refer to the embodiment of the method for TLS scanning above.
The network equipment that the embodiment of the present invention provides has following technical effect that
1) DH algorithm, outlet RSA Algorithm containing ServerKeyExchange message are supported, and the realization of some the non-standard RSA Algorithm containing ServerKeyExchange, avoid assailant to adopt this kind of algorithm to walk around TLS and scan equipment, it is to avoid the particular algorithm configuration of server. For existing equipment, if not supporting these algorithms, scanning equipment can only select to let slip these messages. And adopt this programme, it is possible to achieve the scanning to these messages, it has been found that wherein attack that may be present.
2) various client certificate method is supported. For standard RSA algorithm and the outlet RSA Algorithm without ServerKeyExchange, directly support client certificate. For DH algorithm, outlet RSA Algorithm containing ServerKeyExchange message, and the RSA Algorithm containing ServerKeyExchange, by signing and issuing a certificate representing client identity temporarily, to support client certificate.
3) when supporting at 2 above, performance is better relative to other single alternative. By analyzing ServerHello message and association message, according to the algorithm of server selection and correlative factor, it is dynamically determined mode of operation (monitoring or proxy mode). In the monitoring mode, it is not necessary to data are performed twice at encryption and decryption (i.e. deciphering after again re-encrypted). Thus reaching performance preferably, support again the effect of various function simultaneously.
It should be noted that in above-mentioned network equipment embodiment, included unit is carry out dividing according to function logic, but is not limited to above-mentioned division, as long as being capable of corresponding function;It addition, the concrete title of each functional unit is also only to facilitate mutually distinguish, it is not limited to protection scope of the present invention.
One of ordinary skill in the art will appreciate that all or part of step realizing in above-described embodiment method can be by the hardware that program carrys out instruction relevant and completes. Described program can be stored in a kind of computer-readable recording medium, and described storage medium can be read only memory, disk or CD etc.
The above; being only the specific embodiment of the present invention, but protection scope of the present invention is not limited thereto, any those familiar with the art is in the technical scope that the invention discloses; change can be readily occurred in or replace, all should be encompassed within protection scope of the present invention. Therefore, protection scope of the present invention should be as the criterion with scope of the claims.
Claims (15)
1. the method for a Transport Layer Security TLS scanning, it is characterised in that described method includes:
Agency receives the initial ServerHello message of server that server sends, and includes the algorithm selected by described server in the initial message of described server;
Described agency algorithm selected by described server, correspondingly selects mode of operation, to support algorithm selected by described server and/or client certificate;
Wherein, if the algorithm selected by described server is RSA Algorithm or outlet RSA Algorithm, and ServerKeyExchange message is not received, then described agent selection monitoring mode; If the interim DH algorithm that the algorithm selected by described server is certification, then described agent selection proxy mode; Any message is not modified by described agency under described monitoring mode, under described proxy mode, message is modified; The interim DH algorithm of described certification includes DHE_DSS, DHE_DSS_EXPORT, DHE_RSA, DHE_RSA_EXPORT, and all using the DH of the non-DH certificate mode algorithm as key exchange method.
2. method according to claim 1, it is characterised in that
When the algorithm selected by described server belongs to first kind algorithm, described factorage is in the monitoring mode;
When the algorithm selected by described server belongs to Equations of The Second Kind algorithm, described factorage is under proxy mode;
Wherein, described first kind algorithm is the standard RSA algorithm without ServerKeyExchange or the outlet RSA Algorithm without ServerKeyExchange, and described Equations of The Second Kind algorithm is the interim DH algorithm of described certification, the non-standard RSA Algorithm containing ServerKeyExchange or the outlet RSA Algorithm containing ServerKeyExchange.
3. method according to claim 2, it is characterised in that the algorithm selected by described server is the interim DH algorithm of described certification, and described factorage is in proxy mode, and described method also includes:
The interim DH algorithm of the described certification selected in initial for described server message is revised as described RSA Algorithm or described outlet RSA Algorithm by described agency, and initial for amended server message is sent to client, it is connected setting up Transport Layer Security according to amended algorithm with described client.
4. method according to claim 2, it is characterised in that the algorithm selected by described server is the interim DH algorithm of described certification, and described factorage is in proxy mode, and described method also includes:
Described agency is when being continuing with the interim DH algorithm of described certification, server key exchange ServerKeyExchange message is sent to client, described server key exchange message includes the DH parameter of described agency, sets up Transport Layer Security with the interim DH algorithm according to described certification with described client and be connected.
5. the method according to claim 3 or 4, it is characterised in that described method also includes:
Described agency, according to the DH parameter generated, generates client key exchange ClientKeyExchange message and is sent to described server, setting up Transport Layer Security with the interim DH algorithm according to described certification with described server and be connected.
6. method according to claim 2, it is characterized in that, the algorithm selected by described server is described outlet RSA Algorithm or described RSA Algorithm, and described agency also have received server key exchange message, described factorage is in proxy mode, and described method includes:
Described agency receives the server key exchange message that server sends, and includes the interim RSA PKI of described server in described server key exchange message;
The server key received is exchanged the interim RSA PKI of the described server in message and replaces with the interim RSA PKI oneself generated by described agency;
Described agency exchanges message with the privacy key described server key of signature, and is sent to client;
Described agency receives the first client key exchange message that described client sends, and includes the pre-master key with the interim RSA public key encryption of described agency in described first client key exchange message;
First client key exchange message described in described proxy decryption, it is thus achieved that described pre-master key;
Described agency sends the second client key exchange message to server, includes the pre-master key with the interim RSA public key encryption of described server in described second client key exchange message.
7. method according to claim 6, it is characterized in that, pre-master key in described second client key exchange message is the pre-master key that the first client key exchange message described in described proxy decryption obtains, or the pre-master key being autonomously generated for described agency.
8. method according to claim 2, it is characterised in that described factorage is at proxy mode, and described method also includes:
Described agency receives the certificate Certificate of client transmission, client key exchange ClientKeyExchange, certification authentication CertificateVerify, amendment ciphertext stipulations ChangeCipherSpec and client and completes Finished_Client message;
Described agency replaces described server that the message of described reception is carried out client certificate;
It is the certificate that oneself generates temporarily that described agency replaces described client certificate in described certification authentication;
Described agency uses the private key controlled oneself to sign in described certification authentication message;
Described agency replaces described client send certification authentication to described server and complete message to carry out client certificate.
9. a network equipment, it is characterised in that described network equipment includes receiving unit and processing unit, wherein:
Receive unit, for receiving the initial message of server that server sends, the initial message of described server includes the algorithm selected by described server;
Processing unit, for the algorithm selected by the described server in the initial message of described server that receives according to described reception unit, correspondingly selects mode of operation, to support algorithm selected by described server and/or client certificate;
Wherein, if the algorithm selected by described server is RSA Algorithm or outlet RSA Algorithm, and do not receive ServerKeyExchange message, then described processing unit selects monitoring mode; If the interim DH algorithm that the algorithm selected by described server is certification, then described processing unit selects proxy mode;Any message is not modified by described network equipment under described monitoring mode, under described proxy mode, message is modified, the interim DH algorithm of described certification includes DHE_DSS, DHE_DSS_EXPORT, DHE_RSA, DHE_RSA_EXPORT, and all using the DH of the non-DH certificate mode algorithm as key exchange method.
10. network equipment according to claim 9, it is characterised in that when the algorithm selected by described server belongs to first kind algorithm, described network equipment works in the monitoring mode; When the algorithm selected by described server belongs to Equations of The Second Kind algorithm, described network equipment is operated under proxy mode; Wherein, described first kind algorithm is the standard RSA algorithm without ServerKeyExchange or the outlet RSA Algorithm without ServerKeyExchange, and described Equations of The Second Kind algorithm is the interim DH algorithm of described certification, the non-standard RSA Algorithm containing ServerKeyExchange or the outlet RSA Algorithm containing ServerKeyExchange.
11. network equipment according to claim 10, it is characterised in that the algorithm selected by described server is the interim DH algorithm of described certification, and described network equipment works in proxy mode,
Described processing unit is additionally operable to: the interim DH algorithm of the described certification selected in initial for described server message is revised as described RSA Algorithm or described outlet RSA Algorithm;
Described network equipment also includes:
Transmitting element, for will be sent to client through the described processing unit initial message of amended server, is connected setting up Transport Layer Security according to amended algorithm with described client.
12. the network equipment according to claim 10 or 11, it is characterised in that the algorithm selected by described server is the interim DH algorithm of described certification, and described network equipment works in proxy mode,
Described network equipment, also includes:
Transmitting element, for when the interim DH algorithm of described certification can be continuing with, server key exchange ServerKeyExchange message is sent to client, described server key exchange message includes the DH parameter of described agency, sets up Transport Layer Security with the interim DH algorithm according to described certification with client and be connected.
13. network equipment according to claim 12, it is characterised in that
Described processing unit, is additionally operable to, according to the DH parameter generated, generate client key exchange ClientKeyExchange message;
Described transmitting element, is additionally operable to the client key exchange message of described generation is sent to described server, sets up Transport Layer Security with the interim DH algorithm according to described certification with described server and be connected.
14. network equipment according to claim 13, it is characterised in that the algorithm selected by described server is described outlet RSA Algorithm or described RSA Algorithm, and described network equipment works in proxy mode,
Described reception unit is used for: receives the server key exchange message that server sends, includes the interim RSA PKI of described server in described server key exchange message;
Described processing unit is used for: the interim RSA PKI of the described server in the server key exchange message received by described reception unit replaces with the interim RSA PKI oneself generated; And exchange message with the privacy key described server key of signature;
Described transmitting element is used for: the described server key exchange message that described processing unit is signed with described privacy key is sent to client;
Described reception unit is additionally operable to: receives the first client key exchange message that described client sends, includes the pre-master key with the interim RSA public key encryption of described agency in described first client key exchange message;
Described processing unit is additionally operable to: decipher the described first client key exchange message that described reception unit receives, it is thus achieved that described pre-master key;
Described transmitting element is additionally operable to: send the second client key exchange message to server, includes the pre-master key with the interim RSA public key encryption of described server in described second client key exchange message;
Wherein, the pre-master key in described second client key exchange message is the pre-master key that the first client key exchange message described in described proxy decryption obtains, or the pre-master key being autonomously generated for described agency.
15. network equipment according to claim 10, it is characterised in that described network equipment is operated in proxy mode,
Described reception unit is used for: receives the certificate Certificate of client transmission, client key exchange ClientKeyExchange, certification authentication CertificateVerify, amendment ciphertext stipulations ChangeCipherSpec and client and completes Finished_Client message;
Described processing unit is used for: replace described server that described message is carried out client certificate; Replacing described client certificate in described certification authentication is the certificate that oneself generates temporarily; Described certification authentication message use the private key controlled oneself to sign;
Described network equipment also includes:
Transmitting element, is used for replacing described client send certification authentication to described server and complete message to be authenticated.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210428047.9A CN102932350B (en) | 2012-10-31 | 2012-10-31 | A kind of method and apparatus of TLS scanning |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210428047.9A CN102932350B (en) | 2012-10-31 | 2012-10-31 | A kind of method and apparatus of TLS scanning |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN102932350A CN102932350A (en) | 2013-02-13 |
| CN102932350B true CN102932350B (en) | 2016-06-15 |
Family
ID=47647052
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201210428047.9A Active CN102932350B (en) | 2012-10-31 | 2012-10-31 | A kind of method and apparatus of TLS scanning |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102932350B (en) |
Families Citing this family (9)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105991622A (en) * | 2015-03-05 | 2016-10-05 | 阿里巴巴集团控股有限公司 | Message authentication method and device |
| CN106464603B (en) * | 2015-05-07 | 2020-07-10 | 深圳市环讯通科技有限公司 | Request transmission method and client |
| GB2542175B (en) * | 2015-09-10 | 2019-12-04 | Openwave Mobility Inc | Intermediate network entity |
| CN107172001B (en) * | 2016-03-07 | 2020-09-01 | 阿里巴巴集团控股有限公司 | Control method and device of website proxy server and key proxy server |
| CN106302391B (en) * | 2016-07-27 | 2019-09-13 | 上海华为技术有限公司 | A kind of enciphered data transmission method and proxy server |
| CN107566473A (en) * | 2017-08-28 | 2018-01-09 | 南京南瑞继保电气有限公司 | A kind of electric power secondary system equipment check method |
| CN108200104A (en) | 2018-03-23 | 2018-06-22 | 网宿科技股份有限公司 | The method and system that a kind of progress SSL shakes hands |
| CN109902515B (en) * | 2019-01-10 | 2021-07-20 | 西安纸贵互联网科技有限公司 | True data verification method and system |
| WO2023216275A1 (en) * | 2022-05-13 | 2023-11-16 | 北京小米移动软件有限公司 | Authentication method, apparatus, communication device, and storage medium |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101325519A (en) * | 2008-06-05 | 2008-12-17 | 华为技术有限公司 | Content auditing method, system based on safety protocol and content auditing equipment |
| CN101695038A (en) * | 2009-10-27 | 2010-04-14 | 联想网御科技(北京)有限公司 | Method and device for detecting SSL enciphered data safety |
| CN102340828A (en) * | 2010-07-15 | 2012-02-01 | 中兴通讯股份有限公司 | Method for improving terminal processing performance through base station and base station thereof |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101686235B (en) * | 2008-09-26 | 2013-04-24 | 北京神州绿盟信息安全科技股份有限公司 | Device and method for analyzing abnormal network flow |
-
2012
- 2012-10-31 CN CN201210428047.9A patent/CN102932350B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101325519A (en) * | 2008-06-05 | 2008-12-17 | 华为技术有限公司 | Content auditing method, system based on safety protocol and content auditing equipment |
| CN101695038A (en) * | 2009-10-27 | 2010-04-14 | 联想网御科技(北京)有限公司 | Method and device for detecting SSL enciphered data safety |
| CN102340828A (en) * | 2010-07-15 | 2012-02-01 | 中兴通讯股份有限公司 | Method for improving terminal processing performance through base station and base station thereof |
Also Published As
| Publication number | Publication date |
|---|---|
| CN102932350A (en) | 2013-02-13 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN102932350B (en) | A kind of method and apparatus of TLS scanning | |
| CN102833253B (en) | Set up method and server that client is connected with server security | |
| US8327143B2 (en) | Techniques to provide access point authentication for wireless network | |
| WO2016107319A1 (en) | Method for loading secure key storage hardware, and browser client device | |
| EP3065334A1 (en) | Key configuration method, system and apparatus | |
| CN107105060A (en) | A kind of method for realizing electric automobile information security | |
| CN102036230B (en) | Method for implementing local route service, base station and system | |
| CN101567784B (en) | A kind of method, system and equipment obtaining key | |
| US11736304B2 (en) | Secure authentication of remote equipment | |
| WO2016107322A1 (en) | Implementation method for secure browser, and secure browser device | |
| CN101304310B (en) | Method for reinforcing network SSL service | |
| CN105307165A (en) | Communication method based on mobile application, server and client | |
| CN103036880A (en) | Network information transmission method, transmission equipment and transmission system | |
| CN104219217A (en) | SA (security association) negotiation method, device and system | |
| CN113542428B (en) | Vehicle data uploading method and device, vehicle, system and storage medium | |
| CN112422560A (en) | Lightweight substation secure communication method and system based on secure socket layer | |
| CN112968778A (en) | Block chain state encryption algorithm conversion method and system, computer equipment and application | |
| WO2023083170A1 (en) | Key generation method and apparatus, terminal device, and server | |
| CN103716280B (en) | data transmission method, server and system | |
| CN101697522A (en) | Virtual private network networking method, communication system and related equipment | |
| CN103281324A (en) | Safety communication method for Android client side | |
| US10972912B1 (en) | Dynamic establishment of trust between locally connected devices | |
| CN109428868B (en) | Method, encryption device, encryption equipment and storage medium for encrypting OSPFv3 | |
| CN112995140B (en) | Safety management system and method | |
| JP2009071481A (en) | Communication control system, terminal, and program |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant |