The Model of Payload Authentication for HTTP Protocol Family

• Published in: 2021 IEEE 12th International Conference on Electronics and Information Technologies (ELIT) pp. 134 - 137
• Main Author: Surkov, Sergei
• Format: Conference Proceeding
• Language: English
• Published: IEEE 19.05.2021
• Subjects: Adaptation models; Authentication; authorization; Browsers; communication; Encryption; payload; Protocols; Security; signature; Software libraries; web
• DOI: 10.1109/ELIT53502.2021.9501111

During transmission of the data, it can be intercepted and modified. Such behavior is called the MITM (Man In The Middle) attack. Despite the usage of encryption in public networks, such attacks may happen because of the botnets. They pose a particular threat to local networks, where the data is usually transmitted in an unencrypted form. During the previous studies, the "chunking" model and method have been developed for payload authentication. They have been proven to have increased performance in comparison to the widely used methods, such as "Buffering to File" or "Buffering to Memory". The support of the ECDSA algorithm has been added to the "chunking" method. The most widespread protocol for data transmission is HTTP, which is used in a wide variety of applications. Previously, the "Chunking" method was implemented for every version of the HTTP protocol. However, because of the structure of the HTTP/1 protocol, not all the benefits of the "chunking" method could be used. The new model of payload authentication for HTTP/2 and HTTP/3 protocols has been developed. The modified method for HTTP/2(3) has been implemented in the software library. The new library has been further tested on the subject of compatibility with the existing HTTP/2 client libraries and web-browsers. The new method may be used in web browsers, but modification of the source code is required.