14

I haven't done lot of research on HTTPS yet so I have a question about it.

Is data integrity preserved using HTTPS or only confidentiality? For example on file upload, does HTTPS guarantee that no one can change the data on upload, or it only guarantees that no one can read it?

Brian Tompsett - 汤莱恩
  • 5,753
  • 72
  • 57
  • 129
Nebojsa Veron
  • 1,545
  • 3
  • 19
  • 36
  • I think this question was already answered: http://stackoverflow.com/questions/3655516/does-encryption-guarantee-integrity – kojiro Mar 01 '11 at 00:24
  • @kojiro: The two are related, but I think might merit having two separate questions given that this one is specific to HTTPS. – andersoj Mar 01 '11 at 00:28
  • @kojiro: Also the answer in the linked question is the exact opposite of what is answered to this one. – martin Aug 31 '16 at 10:17

2 Answers2

5

Short answer: Yes

Requirements:

  • The cipher suite uses a digest algorithm like SHA, SHA-2 (256 or 394) or MD5 (please avoid it !) to compute a Hash-based Message Authentication Code (HMAC). This message is then used to check data integrity for each record.

Example: TLS_RSA_WITH_AES_128_CBC_SHA256

  • The cipher suite supports Authenticated Encryption with Additional Data (AEAD) like AES-GCM (AES-CCM, AES-EAX exist but are less common) or CHACHA20-POLY1305 (recommended).

Example: TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256

Regarding the second example, it is important to note that SHA256 is NOT the HMAC algorithm but it is used as PRF (check this answer for more details).

ATo
  • 279
  • 3
  • 7
-2

For the most part yes, but for maximum security, I would recommend in addition to using HTTPS, I would recommend configuring your server's SSL configuration to use a signed certificate and use the following SSL configurations:

SSLProtocol -ALL +SSLv3 +TLSv1
SSLCipherSuite ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:!LOW:!SSLv2:!EXPORT

Also, use SSL Version 3 if possible.

Eli
  • 716
  • 1
  • 6
  • 12
  • +1, good answer. I deleted mine and hang my head in shame. ;-) – andersoj Mar 01 '11 at 00:35
  • I need this for some kind of key management system (private keys would be stored on a server), so that's why I'm asking this. Do you think that should be safe enough for that? Thanks! – Nebojsa Veron Mar 01 '11 at 12:56
  • I would highly recommend using the SSL method I mentioned above, if you use that, you should be good to go and safe. – Eli Mar 01 '11 at 13:18
  • From reading the answer, I am not sure which part of the proposed configuration guarantees data integrity. @Eli: Can you elaborate? – Raj Aug 29 '12 at 18:59
  • Here are some resources that explain SSL/mod_SSL ability to protect both confidentiality and integrity: http://www.mpipks-dresden.mpg.de/~mueller/docs/suse10.1/suselinux-manual_en/manual/sec.apache2.ssl.html http://www.modssl.org/docs/ossc1999/ossctutor.pdf (The configuration that I included in my above post simply further strengthen the SSL connection. – Eli Aug 30 '12 at 22:40
  • This configuration (for Apache) is obsolete and will restrict you to TLS 1.0 which is deprecated. – artbristol Sep 09 '19 at 13:41