Joshua Lee Index About Me Importance Classes Projects What I've Learned Essays
Fingerprints

Joshua Lee
Allen ISD STEAM Center
Advanced Computer Science II
David Ben-Yaakov
August 25, 2022

HTTPS Connection

    A secure HTTPS connection provides users privacy and security as it prevents other users from obtaining their personal information, such as credit card information and passwords, while making a connection between the user and a remote web server. This was all possible due to an unbreakable encryption that HTTPS connections provide (Gibson Research Corporation, 2020). The development of this new enhancement of user security and privacy came at a price during the early days of the Internet, so it was only used for sensitive information. However, as technology advanced and the cost of this new connection became more affordable, many websites switched from HTTP to HTTPS. A difference between HTTP and HTTPS was how HTTPS improved security through the implementation of "Certificate Authorities" (CA). CA's are organizations that check the legitimacy of webpages by verifying if the webpage was properly digitally signed by the owners. This transition led to the Going Dark Problem, where organizations and schools were forced into searching for new ways to monitor and filter information. In response to this issue, they developed a new technology known as HTTPS Proxy Appliances. This technology is a device that allows for organizations and schools to be between a user and their application, providing a bypass through the unbreakable security and privacy of HTTPS connections.

MITM

    Similar to HTTPS Proxy Appliances, there are MITM's (man-in-the-middle). MITM presents risks to an MITM attack, which is when a perpetrator positions himself in a conversation between a user and an application in order to eavesdrop or impersonate the user (Imperva, 2019). Almost like a version of MITM, SSL interceptions cannot be prevented directly. However, they can be reliably detected as impossible to completely spoof a security certificate, so they can be resolved rather than prevented. SSL interceptions are reliably detected by verifying the fingerprint of the certificate, as any alterations to the certificate will result in the creation of a new fingerprint/cryptographic hash.

Hash

    A hash is an algorithm that maps out data to a fixed-length output (. A good hash will almost completely differ from the original when a minor change is made, in order to easily distinguish between the certificates. However, there can be errors with detecting SSL interceptions as false-positives and false-negatives can occur.

False-positives & False-negatives

    False-positives occur when there are multiple certificates for large webpages. This leads to the possibility that a mismatch can occur as it will "detect" an interception when it was simply multiple certificates. False-negatives occur when alterations are masked, bypassing the detection system.

Right To Eavesdropping

    Despite the possibility of being able to monitor for illegal activities, I believe that schools and governments should not have the right to eavesdrop on your communications. This provides organizations power that can be easily abused such as selling your information.
References
Ajith, B. (1963, September 1). What exactly (and precisely) is hash?. Computer Science Stack Exchange. Retrieved August 24, 2022, from
https://cs.stackexchange.com/questions/55471/what-exactly-and-precisely-is-hash
Imperva. (2019). What s MITM (Man in the Middle) Attack | Imperva. Learning Center. Retrieved August 24, 2022, from
https://www.imperva.com/learn/application-security/man-in-the-middle-attack-mitm/
Steve Gibson, (n.d.). GRC : SSL TLS HTTPS web server certificate finderprints. GRC | SSL TLS HTTPS Web Server Certificate Fingerprints. Retrieved August 22, 2022, from
https://www.grc.com/fingerprints.htm#top
flowchart