RE: Idea for making SSL more efficient

["Michael Howard" <mikehow () microsoft com>]

SSL provides many security features, including authentication, integrity
checking and confidentiality. This solution provides only an integrity
check, and weak one at that - only a hash, not a MAC.

So what threat(s) concern you?

[Writing Secure Code 2nd Ed]
http://www.microsoft.com/mspress/books/5957.asp
[Protect Your PC] http://www.microsoft.com/protect
[Blog] http://blogs.msdn.com/michael_howard

-----Original Message-----
From: Paul Johnston [mailto:paul () westpoint ltd uk] 
Sent: Thursday, July 15, 2004 2:12 AM
To: webappsec () securityfocus com
Subject: Idea for making SSL more efficient

Hi,

A disadvantage with SSL is that it places increased load on the server, 
in particular because client's ISP caches cannot be used. In most 
situations the images on an SSL site are not confidential. If they are 
included as HTTP links then the browser will display a "mixture of 
secure and insecure content" warning. That is sensible, because an 
attacker could potentially manipulate the images to deceive the user.

My idea is to include a MD5 hash of the image in the img tag, so in an 
https page you could do <img src="http://x.y.z/a.png"; md5="xyz789"/> to 
reference an HTTP image. Images protected by these integrity checks 
would then not cause a browser warning.

I expect roll-out would not be easy, and also there may be concerns 
about infering what is on the SSL page from what images are requested 
(e.g. whether "overdrawn.png" gets requested).

Anyone got thoughts on this?

Paul

-- 
Paul Johnston
Internet Security Specialist
Westpoint Limited
Albion Wharf, 19 Albion Street,
Manchester, M1 5LN
England
Tel: +44 (0)161 237 1028
Fax: +44 (0)161 237 1031
email: paul () westpoint ltd uk
web: www.westpoint.ltd.uk