CS 105 Introduction to the World Wide Web

1
CS 105 Introduction to the World Wide Web

• HTTP Request
• Domain Name Translation
• Routing
• HTTP Response
• Privacy and Cryptography
• Email
• Adapted from Kurose Ross, Computer Networking,
  Addison-Wesley, 2001.

2
An HTTP Request

• GET index.html HTTP/1.1
• Host www.kzoo.edu
• Connection close
• User-agent Mozilla/4.0
• Accept-languageen

3
Domain Name Translation

• What is www.kzoo.edus address???
• Look it up!
• Use a Domain Name Server
• Translates a host name into an IP address

4
Routing

• Routers
• Internet post offices
• Look at address, and send message in the right
  direction
• Messages often take several hops to get to
  their destination

5
HTTP Response

• HTTP/1.1 200 OK
• Connection close
• Date Mon, 30 Sep 2002
• Last-Modified Mon, 23 Sep 2002
• Content-Length 6821
• Content-Type text/html
• data data data

6
Kinds of Messages

• HTTP requests / responses
• E-mail
• Instant Messages
• Telnet sessions
• Transactions (shopping, etc.)

7
Privacy

• Any machine (router) along the path of the
  message can read it.
• Message more like a postcard than a letter
• Is this good???
• Of course not!
• What can we do???
• Encrypt the messages

8
Cryptography

• Need to figure out a way so the recipient can
  read the message, but nobody else.
• Most common technique today public key
  cryptography

9
Public Key Cryptography

• Each person has a public key and a private key
• The two keys un-do each other
• More on this in a minute
• Public keys are publicly available on Key Servers
  (anyone can see / get them)

10
Sending a Message

• Alice wants to send Bob a message
• Alice gets Bobs public key
• Alice uses the key to encrypt her message
• Bob gets the message, and uses his private key to
  decrypt it

11
Basic Idea

• For a message encrypted using a given public key,
  the ONLY way to decrypt it is to use the
  corresponding private key
• So, as long as Bob is the only one with his
  private key, hes the only one that can read the
  message

12
Implementation

• We want
• Efficient
• Encrypting with public key
• Decrypting with private key
• Intractable
• Decrypting without private key

13
RSA Algorithm

• One way to do this
• Modular Exponentiation
• Modular arithmetic remainder stuff
• 13 3 (mod 10)
• Modular exponentiation
• 43 64 4 (mod 10)
• This can be done efficiently

14
RSA Algorithm

• Now, we need to pick numbers that un-do each
  others exponentiation
• For a mod of 10, 2 undoes itself

15
RSA Algorithm

• So, our public key is 10, 3
• Private key is 2
• Encrypting a message Lets send 472
• Exponentiate each digit 438
• Decrypting a message
• Exponentiate again 472

16
RSA Algorithm

• Breaking RSA know exponent, know modulus just
  take the root
• E.g. find cube root of 4 (mod 10)
• Most public keys have very large numbers 150
  digits.
• Finding these roots is an intractable problem
  bigger keys, harder problem!

17
Security and Email

• Many products with built-in cryptographic
  protection
• Outlook Express S/MIME (Secure/Multipurpose
  Internet Mail Extension) Support
• Other add-ons (choices for secret key methods,
  size of key, etc)
• Pretty Good Privacy (PGP)

18
(No Transcript)
19
(No Transcript)
20
Encryption and Signatures

• Encryption encodes the message so that other
  users cannot read it
• Signatures let you emulate written signatures

21
(No Transcript)
22
To see more about getting a certificate
https//certs.netscape.com/client.html
23
(No Transcript)
24
(No Transcript)
25
(No Transcript)
26
Encrypting vs. Signing

• Encrypt first, sign second
• Verify signatures before decrypting
• Useful in automated verification systems
• Sign first, encrypt second
• Decrypt before verifying signatures
• Useful when plaintext is essence of the message.

27
(No Transcript)
28
(No Transcript)
29
(No Transcript)
30
(No Transcript)
31
(No Transcript)