How https works, Server certificates, Client certificates – Linksys BUSINESS SPA922 User Manual

Linksys SPA9x2 Phone Administration Guide

60

Using HTTPS

Provisioning Basics

How HTTPS Works

HTTPS encrypts the communication between the client and the server, protecting the message
contents from other intervening network devices. The encryption method for the body of the
communication between client and server is based on symmetric key cryptography. With
symmetric key cryptography, a single secret key is shared by the client and the server over a
secure channel protected by Public/Private key encryption.

Messages encrypted by the secret key can only be decrypted using the same key. HTTPS
supports a wide range of symmetric encryption algorithms. The SPA9x2 implements up to 256-
bit symmetric encryption, using the American Encryption Standard (AES), in addition to 128-bit
RC4.

HTTPS also provides for the authentication of the server and the client engaged in a secure
transaction. This feature ensures that the provisioning server and an individual client cannot be
spoofed by other devices on the network. This is an essential capability in the context of remote
endpoint provisioning.Server and client authentication is performed using public/private key
encryption, using certificates containing the public key. Text encrypted with a public key can
be decrypted only by its corresponding private key (and vice versa). The SPA9x2 supports the
Rivest, Shamir, and Adelman (RSA) algorithm for public/private key cryptography.

Certificates are authenticated in the context of a certificate chain. A certificate authority lies at
the root of the chain, with all other certificates depending on the root authority for authority.

Server Certificates

Each secure provisioning server is issued an secure sockets layer (SSL) server certificate, directly
signed by Linksys. The firmware running on the SPA9x2 clients recognizes only these
certificates as valid. The clients try to authenticate the server certificate when connecting via
HTTPS, and reject any server certificate not signed by Linksys.

This mechanism protects the service provider from unauthorized access to the SPA9x2
endpoint, or any attempt to spoof the provisioning server. This might allow the attacker to
reprovision the SPA9x2, to gain configuration information, or to use a different VoIP service.
Without the private key corresponding to a valid server certificate, the attacker is unable to
establish communication with a Linksys SPA9x2.

Client Certificates

In addition to a direct attack on the SPA, an attacker might attempt to contact a provisioning
server using a standard web browser, or other HTTPS client, to obtain the SPA9x2 configuration
profile from the provisioning server. To prevent this kind of attack, each SPA9x2 also carries a
unique client certificate, also signed by Linksys, including identifying information about each
individual endpoint. A certificate authority root certificate capable of authenticating the device
client certificate is given to each service provider. This authentication path allows the
provisioning server to reject unauthorized requests for configuration profiles.

Firmware Upgrade Parameters

The following table defines the function and usage of each parameter in the Firmware Upgrade
section of the Provisioning tab.