Your SlideShare is downloading. ×
0
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Os Saintandre
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Os Saintandre

965

Published on

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
965
On Slideshare
0
From Embeds
0
Number of Embeds
0
Actions
Shares
0
Downloads
0
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Jabber security
  • 2. Peter Saint-Andre
  • 3. stpeter@jabber.org
  • 4. https://stpeter.im/
  • 5. secure communication
  • 6. with Jabber
  • 7. what is Jabber?
  • 8. open XML technologies
  • 9. real-time messaging
  • 10. presence
  • 11. multimedia negotiation
  • 12. collaboration
  • 13. and more
  • 14. invented by Jeremie Miller in 1998
  • 15. in essence...
  • 16. streaming XML
  • 17. over long-lived TCP connection
  • 18. client-server architecture
  • 19. decentralized network
  • 20. inter-domain messaging
  • 21. like email
  • 22. but really fast
  • 23. with built-in presence
  • 24. not just one open-source project
  • 25. multiple codebases
  • 26. open-source and commercial
  • 27. interoperability via XML wire protocol
  • 28. core protocol standardized @ IETF
  • 29. Extensible
  • 30. Messaging
  • 31. and
  • 32. Presence
  • 33. Protocol
  • 34. (XMPP)
  • 35. RFCs 3920 + 3921
  • 36. multiple implementations
  • 37. serious deployment
  • 38. how many users?
  • 39. we don’t know
  • 40. decentralized architecture
  • 41. 100k+ servers
  • 42. 50+ million IM users
  • 43. not just IM
  • 44. generic XML routing
  • 45. lots of applications beyond IM
  • 46. continually defining XMPP extensions
  • 47. XMPP Standards Foundation (XSF)
  • 48. developer-driven standards group
  • 49. that’s great, but...
  • 50. how secure is it?
  • 51. what is security?
  • 52. secure conversation in real life...
  • 53. a good friend visits your home
  • 54. you know and trust each other
  • 55. only the two of you
  • 56. strangers can’t enter your home
  • 57. your home is not bugged
  • 58. conversation is not recorded
  • 59. what you say is private and confidential
  • 60. contrast that with the Internet...
  • 61. lots of potential attacks
  • 62. man-in-the-middle
  • 63. eavesdropping
  • 64. unauthenticated users
  • 65. address spoofing
  • 66. weak identity
  • 67. rogue servers
  • 68. denial of service
  • 69. directory harvesting
  • 70. buffer overflows
  • 71. spam
  • 72. spim
  • 73. spit
  • 74. splogs
  • 75. viruses
  • 76. worms
  • 77. trojan horses
  • 78. malware
  • 79. phishing
  • 80. pharming
  • 81. information leaks
  • 82. inappropriate logging and archiving
  • 83. you get the picture
  • 84. the Internet is a dangerous place
  • 85. how do we fight these threats?
  • 86. sorry, but...
  • 87. Jabber is not a perfect technology
  • 88. not originally built for high security
  • 89. don’t require PGP keys or X.509 certs
  • 90. don’t require ubiquitous encryption
  • 91. tradeoffs between security and usability
  • 92. maybe that’s why we have 50+ million users...
  • 93. but privacy and security are important
  • 94. so what have we done to help?
  • 95. Jabber architecture...
  • 96. similar to email
  • 97. client connects to server (TCP 5222)
  • 98. (or connect via HTTP binding over SSL)
  • 99. client MUST authenticate
  • 100. originally: plaintext (!) or hashed password
  • 101. Simple Authentication & Security Layer (SASL)
  • 102. RFC 4422
  • 103. many SASL mechanisms
  • 104. PLAIN (OK over encrypted connection)
  • 105. DIGEST-MD5
  • 106. EXTERNAL (with X.509 certs)
  • 107. GSSAPI (a.k.a. Kerberos)
  • 108. ANONYMOUS
  • 109. etc.
  • 110. all users are authenticated
  • 111. sender addresses not merely asserted
  • 112. server stamps user ‘from’ address
  • 113. Jabber IDs are logical addresses
  • 114. IP addresses not exposed
  • 115. Jabber ID looks like an email address
  • 116. romeo@montague.net
  • 117. juliet@capulet.com
  • 118. not limited to US-ASCII characters
  • 119. ji!i@quot;echy.cz
  • 120. !#$%&@'##$(.gr
  • 121. !quot;#$%@jabber.th
  • 122. @jabber.jp
  • 123. quot;@math.it
  • 124. full Unicode opens phishing attacks
  • 125. STPETER@jabber.org !quot;#$quot;$%@jabber.org
  • 126. clients should use “petnames”
  • 127. store in buddy list [tm] (a.k.a. “roster”)
  • 128. server stores your roster
  • 129. server broadcasts your presence
  • 130. but only to subscribers you have authorized
  • 131. most traffic goes through server
  • 132. traffic is pure XML
  • 133. servers reject malformed XML
  • 134. servers may validate traffic against schemas
  • 135. difficult to inject binary objects
  • 136. difficult to propagate malware
  • 137. break alliance between viruses and spam
  • 138. spam virtually unknown on Jabber network
  • 139. why?
  • 140. hard to spoof addresses
  • 141. hard to send inline binary
  • 142. XHTML subset (no scripts etc.)
  • 143. user approval required for file transfer
  • 144. privacy lists to block unwanted users
  • 145. XMPP not immune to spam
  • 146. have spam-fighting tools ready when it appears
  • 147. challenge-response to register an account
  • 148. challenge-response to communicate
  • 149. spam reporting
  • 150. working on more anti-spam tools
  • 151. server reputation system?
  • 152. anonymized IP address? (groupchat spam)
  • 153. spammers need to overcome...
  • 154. bandwidth limits
  • 155. connection limits
  • 156. other denial-of-service prevention measures
  • 157. distributed attack or run a rogue server
  • 158. not impossible
  • 159. just harder than other networks (got email?)
  • 160. no rogue servers (yet)
  • 161. optional to federate with other servers
  • 162. many private XMPP servers
  • 163. public servers federate as needed (TCP 5269)
  • 164. DNS lookup to get server IP address
  • 165. only one hop between servers
  • 166. server identities are validated
  • 167. server dialback (identity verification)
  • 168. effectively prevents server spoofing
  • 169. receiving server checks sending domain
  • 170. no messages from “service@paypal.com”
  • 171. DNS poisoning can invalidate
  • 172. need something stronger?
  • 173. Transport Layer Security (TLS)
  • 174. RFC 4346
  • 175. IETF “upgrade” to SSL
  • 176. TLS + SASL EXTERNAL with X.509 certs
  • 177. strong authentication of other servers
  • 178. but only if certs are not self-signed
  • 179. $$$
  • 180. real X.509 certs are expensive
  • 181. VeriSign, Thawte, etc.
  • 182. a better way...
  • 183. xmpp.net
  • 184. intermediate CA for XMPP network
  • 185. free digital certificates for XMPP server admins
  • 186. (need to prove you own the domain)
  • 187. root CA: StartCom
  • 188. ICA: XMPP Standards Foundation
  • 189. hopefully other CAs in future
  • 190. so channel encryption is a no-brainer
  • 191. man-in-the-middle is much harder
  • 192. “Mallory” is foiled
  • 193. but what about “Isaac” and “Justin”?
  • 194. we can encrypt the channels
  • 195. but traffic is cleartext within servers!
  • 196. need end-to-end encryption (“e2e”)
  • 197. first try: OpenPGP (XEP-0027)
  • 198. great for geeks
  • 199. but Aunt Tillie doesn’t use PGP
  • 200. second try: S/MIME (RFC 3923)
  • 201. great for geeks (and some employees)
  • 202. but Aunt Tillie doesn’t use X.509
  • 203. XML encryption and digital signatures?
  • 204. seems natural, but not much interest (c14n?)
  • 205. doesn’t provide perfect forward secrecy
  • 206. off-the-record communication (OTR)?
  • 207. great idea
  • 208. opportunistic encryption (à la SSH)
  • 209. perfect forward secrecy
  • 210. but encrypts only the plaintext message body
  • 211. we need to encrypt the entire packet
  • 212. why?
  • 213. because XMPP is more than just IM
  • 214. protect IPs sent in multimedia negotiation
  • 215. protect shared XML editing data
  • 216. etc.
  • 217. solution: encrypted sessions
  • 218. big set of requirements...
  • 219. packets are confidential
  • 220. packet integrity
  • 221. replay protection
  • 222. key compromise does not reveal past comms
  • 223. don’t depend on public key infrastructure
  • 224. entities authenticated to each other
  • 225. 3rd parties cannot identify entities
  • 226. robustness against attack (multiple hurdles)
  • 227. upgradeability if bugs are discovered
  • 228. encryption of full XMPP packets
  • 229. implementable by typical developer
  • 230. usable by typical user
  • 231. how to address all requirements?
  • 232. just a dream?
  • 233. bootstrap from cleartext to encryption
  • 234. in-band Diffie-Hellman key exchange
  • 235. translate “SIGMA” approach to XMPP
  • 236. similar to Internet Key Exchange (IKE)
  • 237. details in XSF XEPs 116, 188, 200
  • 238. simplified profile in XEP-0217
  • 239. major priority for 2007-2008
  • 240. support from NLnet (thanks!)
  • 241. pursuing full security analysis
  • 242. code bounties
  • 243. GSoC project
  • 244. Jabber security summit
  • 245. more at blog.xmpp.org
  • 246. wide implementation in next ~12 months
  • 247. so how are we doing?
  • 248. spam free
  • 249. hard to spoof addresses
  • 250. pure XML discourages binary malware
  • 251. DoS attacks possible but not easy
  • 252. widespread channel encryption
  • 253. working hard on end-to-end encryption
  • 254. widely deployed in high- security environments
  • 255. Wall Street investment banks
  • 256. U.S. military
  • 257. MIT and other universities
  • 258. many public servers since 1999
  • 259. no major security breaches
  • 260. can’t be complacent
  • 261. always more to do
  • 262. security is a never- ending process
  • 263. analysis and hacking are encouraged
  • 264. if it breaks, we’ll fix it
  • 265. security@xmpp.org
  • 266. join the conversation
  • 267. let’s build a more secure Internet

×