Believe It Or Not SSL Attacks


Published on

A talk about attacks against SSL that have been uncovered in the last 3-4 years. This talk delves into about what exactly was attacked and how it was attacked and how SSL is still a pretty useful piece of technology.

This was given at null Bangalore April Meeting.

Published in: Technology, Education
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Believe It Or Not SSL Attacks

  1. 1. Believe it or not SSL attacks Akash MahajanThat Web Application Security Guy
  2. 2. HTTP + SSL/TLS = HTTPS
  3. 3.
  4. 4. SSL/TLSO Encrypted Communication – Eavesdropping and TamperingO Secure Identification of a Network – Are you talking to the right server?
  5. 5. Attacking The Encryption Algorithm O Attack like the BEAST (Browser Exploit Against SSL/TLS ) target the underlying encryption. O Usually the encryption has held against attacks. Even BEAST requires injecting client side JavaScript to work O attack-breaks-confidentiality-model-ssl- allows-theft-encrypted-cookies-091611
  6. 6. Attacking The AuthenticityO The low hanging fruit. Most of the times when that sslstrip guy talks about SSL issues he talks about attacking the authenticity.O Why is the authenticity important?O How do you bypass it?
  7. 7. How is the authenticity maintained? O A implicitly trusted certificate will tell you that a server’s particular certificate is trust worthy or not. O When a server got a certificate trusted by a root CA they get added to a list. O If a server is removed from the trusted listed they get added to a revocation list.
  8. 8. Is your browser checking the revocation list? O Chrome relies on frequent updates for this. O Firefox ? O IE - Online Certificate List O Online Certificate Status Protocol
  9. 9. Bad Things can HappenO Comodo an affiliate of a root CA was hacked.O DigiNotar was hacked.O Hundreds of certificates for google, yahoo, mozilla, MS windows update were released.O SSL assumes that both end points aren’t evil
  10. 10. I hacked the internet and all I have is a t-shirt O Attack against the PKI because of MD5 O The attack was against Intermediate CAs O There were theoretical attacks against MD5 since 2004 O They found out that RapidSSL had issued 97% certificates with MD5 hash.
  11. 11. I hacked the internet and all I have is a t-shirtO Also the certificate serial number was sequential and time could be predictedO Used 200 PS3s to generate a certificate which had most parts from a legitimate cert but something different.O ng_a_rogue_ca_cert_paper.pdf
  12. 12. SSLStrip attacks HTTPO Attacked correct attributes not being setup in CertificatesO Now looks at HTTP traffic going by.O Has a valid certificate for a weird looking domain name whose puny code looks like /?
  13. 13. Akash Mahajan | That Web Application Security GuyO akashmahajan@gmail.comO @makash | akashm.comO OWASP Bangalore Chapter LeadO Null Co-Founder and Community Manager
  14. 14. ReferencesO SSL Lock image from infographic/O intercept-paypal-other-secure-sessions.arsO authority-trust-modelO responsibility-for-comodo-hack.arsO theft-encrypted-cookies-091611