SlideShare a Scribd company logo

SSL certificates

Kevin OBrien
Kevin OBrien

SSL certificates use public key encryption to verify secure connections between clients and servers. Issues arise from the hierarchical trust model where root certificate authorities can sign other certificates, and some authorities have had their private keys compromised, allowing fake certificates to be generated. Alternative approaches like Certificate Transparency aim to increase transparency and accountability over the certificate issuance and validation process.

Internet
1 of 50
Download to read offline
SSL Certificates Kevin O'Brien Washtenaw Linux Users Group
Use of Encryption ● SSL Certificates use encryption technology ● Both Asymmetric and Symmetric algorithms are employed ● Works similarly to e-mail encryption and signing
Digital Signatures ● When you sign an e-mail, it is encrypted using your private key ● Anything encrypted with that key can be decrypted by your public key ● But the message is there in clear text already, so it is not encryption for secrecy
What it demonstrates ● The encrypted version is there along with the plain text version ● If your public key decrypts the encrypted message, it proves you were the one who sent it ● The messages can be compared to show nothing changed in transit
Digital Certificates ● Use the same technology ● A public key is distributed for each cert ● A signed version of the cert is created using the private key ● The public key can then validate the cert
SSL ● Stands for Secure Sockets Layer ● Created by Netscape in the 1990s ● Currently up to SSL 3.0 ● No longer secure – See POODLE ● https://securityblog.redhat.com/2014/10/15/poo dle-a-ssl3-vulnerability-cve-2014-3566/
TLS ● Transport Layer Security ● More secure than SSL ● Should be used in all cases ● But can be attacked by inducing a downgrade to SSL 3.0 (POODLE) ● https://securityblog.redhat.com/2014/10/20/can- ssl-3-0-be-fixed-an-analysis-of-the-poodle- attack/
Solution? ● Basically, disable any support for SSL 3.0 ● TLS is the successor to SSL ● If you run a server consult the vendor regarding how to disable SSL on your server ● https://access.redhat.com/articles/1232123 ● But note that certain applications that do not support TLS may default to plain text instead
The Request ● A browser makes a request for a connection using HTTPS, or the server defaults to HTTPS ● https://www.eff.org/https-everywhere ● Google is now boosting sites that default to HTTPS in the search results ● https://www.eff.org/deeplinks/2014/08/google- boosts-secure-sites-search-results
Key Exchange ● A public key is distributed by the server ● The private key is used to encrypt a certificate ● This is sent to the client ● Then a Diffie-Hellman-Merkle Key Exchange or an RSA Key Exchange is done to create an agreed symmetric key ● The symmetric key is then used for all further communication
Man-in-the-middle ● What happens if a man-in-the-middle intercepts your request and gives you a fake cert? ● This is what many companies do legally ● If you are on their network, they have a right to search all of your traffic ● So they set up a proxy that intercepts and responds to all requests
Signing Certificates ● Certificate Authorities will for a fee sign your certificate to attest to its validity ● They do this using their own private key ● Symantec is the largest (it bought Verisign ) ● GoDaddy is big here ● Thawte is how Mark Shuttleworth got so rich
X.509 established ● Standard adopted by International Telegraphic Union in 1988 for managing secure communications ● Established the role of Certificate Authorities ● Sets the standard format for certificates
Hierarchical model ● Different from Web of Trust in e-mail ● Chain starts with Root Authorities ● Certificates, including public keys, for most root authorities are included in your browser as it comes from the vendor ● Root authorities can then sign certificates for intermediate authorities ● And then they can sign others, down to the site
If no root cert installed? ● You would then need to go through a handshake process to obtain a cert ● Do you trust what you get?
X.509 format ● Includes (among other things) – Version – Serial Number – Algorithm ID – Issuer – Validity – Public Key ● http://en.wikipedia.org/wiki/X.509
Negotiation ● Version, Serial Number, and Algorithm ID important to set up a connection ● Negotiation between site and browser on encryption protocol used
Trust ● Issuer may be important – Is this cert self- signed? ● Validity – Is this cert still valid? Should have a date range, and be rejected outside of that range ● A good browser should warn you if anything is amiss here, but you can still connect if you want
Public key ● Obviously, this is needed to begin the connection securely
Handshake ● You send the server a message asking to create a connection ● https://www.eff.org/Https-everywhere Will make it always a request for a secure connection ● Or manually by typing HTTPS instead of HTTP in the address bar ● Up to server to accept ● Google does so by default for all of its properties
If you don't request security ● The server then has the option of requesting a secure connection ● This should be the case for any e-commerce transaction ● We are moving to a world where it will be the default
Negotiation (again) ● The server and your browser compare notes on what protocols each supports ● Idea is to choose the most secure protocol that is supported by both ● Then a secret key (Symmetric) is generated by the parties ● Can be done in a couple of ways
Secret Key Exchange ● Then the Symmetric Key is exchanged through the Public Key connection ● This is then used to handle the rest of the communication ● Symmetric Keys are much more efficient ● Note: there are interesting security issues around how this Symmetric Key is exchanged, but that is beyond the scope of this presentation
For more detailed info... ● https://engineering.purdue.edu/kak/compsec/NewL
Last step ● A session ID is established that allows an interrupted session to be resumed without going through the entire handshake again
Certs aren't just Web ● Certificates using X.509 are used in a number of contexts ● For example, UEFI and Secure Boot uses x.509 Certs issued by Microsoft (as the Certificate Authority)
Problems with SSL Certificates ● Most problems are not about cryptography ● As Bruce Schneier says, you can trust the math ● Processes, though, can have vulnerabilities
Root Authorities ● Root authorities cannot be vouched for by any other authority ● Browsers contain a bunch of root authorities they trust, with their certificates ● For example: https://www.mozilla.org/en- US/about/governance/policies/security- group/certs/included/ is what Firefox trusts
Too many! ● The Firefox list contains a huge number of CAs ● Some of them are governments ● Would you trust a cert signed by the government? ● What about the Hong Kong Post Office?
Are CAs Trustworthy? ● Not necessarily ● Nor do all browsers agree on which ones to trust
DigiNotar ● Dutch CA hacked in 2011 ● Hackers appear to be Iranian Gov't. Though that is not certain ● Issued fraudulent certs for Google to do man-in- the-middle attacks on Gmail users ● Affected 300,000 users ● DigiNotar went bankrupt ● https://en.wikipedia.org/wiki/DigiNotar
Indian Government ● National Informatics Centre issued certs purporting to be from Google and Yahoo ● This CA was never trusted by Google or Mozilla ● Was trusted by Microsoft ● No one knows exactly why this was done, but presumably to execute man-in-the-middle attacks ● http://www.zdnet.com/article/microsoft-warns-of-fake- google-and-yahoo-domains/
French Government ● DG Tresor (French Treasury) issued fake Google Certs in 2013 ● These Treasury certs were in turn vouched for by IGC/A ● Again, this seems like a man-in-the-middle attack ● https://nakedsecurity.sophos.com/2013/12/09/serio us-security-google-finds-fake-but-trusted-ssl- certificates-for-its-domains-made-in-france/
TURKTRUST ● Probably a blunder to begin with ● TURKTRUST issued two Intermediate Certs by mistake when it should have issued Regular Certs ● Intermediate Certs can be used to issue and sign other Certs ● One went to Turkish Government
Now it gets interesting ● Turkish government wanted to scan traffic ● This requires getting in the middle ● This is also what companies do with traffic on their network ● If company adds its cert to your browser, it will be trusted, no warning ● Otherwise, you should get a warning
No warning! ● But with an Intermediate Cert, signed by Root Authority, it is already trusted, no warning ● Unless you try to access Google using Chrome ● Chrome comes with a list of Google certs built- in, and complains if it sees anything different ● Legitimate problem, just handled badly
Man-in-the-middle ● Many of the security issues we deal with are classified as man-in-the-middle attacks ● If I intercept your request for a connection and say “Why yes, I am Google, how may I help you?” and can convince you to connect to me, there it is ● I can pass your requests to Google, get back the response, pass it to you
Monitor the traffic ● But because I am in the middle, I can read all of the traffic ● This is what corporate networks do legally ● They need to monitor traffic to assure the security of their network and data ● And this is perfectly legal ● Your company-issued browser probably contains a self-signed certificate that is trusted
Trust? ● And because it is trusted you get no warning ● Unless you use Chrome to access Google<g> ● But your company could have your bank login credentials ● And what about the government? ● Do we believe NSA and GCHQ are any better than the other governments?
Update your browser! ● You want to install browser updates as soon as they are available ● Remember, your browser has the list of trusted certs ● If one is revoked you want to get that
Check for Certificate Revocation ● If a certificate is bad, it should be revoked ● Firefox handles the revocation check quite well ● Chrome refuses to ● This came out with the Heartbleed vulnerability, which was Certificate-related ● Firefox is simply better for security than Chrome in my view
Add-ons ● There are a few good ones for Firefox as well ● Convergence add-on warns you if the certificate you see is not what others see - https://www.eff.org/deeplinks/2011/09/post-mortem- ● Certificate Patrol alerts you if the cert has been updated - https://addons.mozilla.org/en- US/firefox/addon/certificate-patrol/
Two-Factor Authentication ● Don't rely on certs alone ● Two-factor can prevent someone from logging in to your account ● Available for Gmail, and Duo Security has a free account for individuals
For more info ● Electronic Frontier Foundation is the best ● https://www.eff.org/deeplinks/2011/09/post-mortem- Has a how to protect yourself discussion I used for this section
Certificate Solutions ● Protecting yourself as an individual is great, but how can we improve the system? ● The CA model we inherited from the 1990s is fundamentally broken ● We need to rely less on trust and more on provable security
Certificate Transparency ● Google has refused to implement Certificate Revocations, but has offered Certificate Transparency ● Essentially a public log of all Certificates issued ● Can be examined and monitored by anyone ● Log would give a signed Certificate Timestamp for any cert entered to enforce listing ● Relies on owners looking for false certs
TLS Extensions ● Remember that SSL certificates are only one part of the larger Transport Layer Security protocol ● TLS has added extensions for things like new encryption methods and renegotiation of connections ● Other extensions could be added ● http://en.wikipedia.org/wiki/Transport_Layer_Secur ity
OCSP ● Online Certificate Status Protocol is a way of verifying a certificate ● Relies on the issuing authority testifying that the public key is still valid ● But vulnerable to man-in-the-middle
OCSP Stapling ● Cert owner obtains verification from CA and “staples” this to cert ● During handshake, the cert owner tells your browser to look for this ● If it is not found, browser should query CA directly ● Only risk is if CA is compromised ● So probably not safe against NSA<g>
Summary ● SSL Certs use standard cryptography methods ● Problems are not with the cryptography ● But some serious problems with processes ● Trust is not a good way to go

Recommended

Passwords
PasswordsPasswords
PasswordsKevin OBrien
 
Forward Secrecy
Forward SecrecyForward Secrecy
Forward SecrecyKevin OBrien
 
Thotcon 0x5 - Retroactive Wiretapping VPN over DNS
Thotcon 0x5 - Retroactive Wiretapping VPN over DNSThotcon 0x5 - Retroactive Wiretapping VPN over DNS
Thotcon 0x5 - Retroactive Wiretapping VPN over DNSJohn Bambenek
 
A Technical Dive into Defensive Trickery
A Technical Dive into Defensive TrickeryA Technical Dive into Defensive Trickery
A Technical Dive into Defensive TrickeryDan Kaminsky
 
Breaking Smart [Bank] Statements – Hacker Halted 2019 – Manuel Nader
Breaking Smart [Bank] Statements – Hacker Halted 2019 – Manuel NaderBreaking Smart [Bank] Statements – Hacker Halted 2019 – Manuel Nader
Breaking Smart [Bank] Statements – Hacker Halted 2019 – Manuel NaderEC-Council
 
Developer's Guide to JavaScript and Web Cryptography
Developer's Guide to JavaScript and Web CryptographyDeveloper's Guide to JavaScript and Web Cryptography
Developer's Guide to JavaScript and Web CryptographyKevin Hakanson
 
THOTCON 0x6: Going Kinetic on Electronic Crime Networks
THOTCON 0x6: Going Kinetic on Electronic Crime NetworksTHOTCON 0x6: Going Kinetic on Electronic Crime Networks
THOTCON 0x6: Going Kinetic on Electronic Crime NetworksJohn Bambenek
 
Black ops 2012
Black ops 2012Black ops 2012
Black ops 2012Dan Kaminsky
 

Recommended

Passwords
PasswordsPasswords
PasswordsKevin OBrien
 
Forward Secrecy
Forward SecrecyForward Secrecy
Forward SecrecyKevin OBrien
 
Thotcon 0x5 - Retroactive Wiretapping VPN over DNS
Thotcon 0x5 - Retroactive Wiretapping VPN over DNSThotcon 0x5 - Retroactive Wiretapping VPN over DNS
Thotcon 0x5 - Retroactive Wiretapping VPN over DNSJohn Bambenek
 
A Technical Dive into Defensive Trickery
A Technical Dive into Defensive TrickeryA Technical Dive into Defensive Trickery
A Technical Dive into Defensive TrickeryDan Kaminsky
 
Breaking Smart [Bank] Statements – Hacker Halted 2019 – Manuel Nader
Breaking Smart [Bank] Statements – Hacker Halted 2019 – Manuel NaderBreaking Smart [Bank] Statements – Hacker Halted 2019 – Manuel Nader
Breaking Smart [Bank] Statements – Hacker Halted 2019 – Manuel NaderEC-Council
 
Developer's Guide to JavaScript and Web Cryptography
Developer's Guide to JavaScript and Web CryptographyDeveloper's Guide to JavaScript and Web Cryptography
Developer's Guide to JavaScript and Web CryptographyKevin Hakanson
 
THOTCON 0x6: Going Kinetic on Electronic Crime Networks
THOTCON 0x6: Going Kinetic on Electronic Crime NetworksTHOTCON 0x6: Going Kinetic on Electronic Crime Networks
THOTCON 0x6: Going Kinetic on Electronic Crime NetworksJohn Bambenek
 
Black ops 2012
Black ops 2012Black ops 2012
Black ops 2012Dan Kaminsky
 
Cryptography In The Browser Using JavaScript
Cryptography In The Browser Using JavaScriptCryptography In The Browser Using JavaScript
Cryptography In The Browser Using JavaScriptbarysteyn
 
The Game of Bug Bounty Hunting - Money, Drama, Action and Fame
The Game of Bug Bounty Hunting - Money, Drama, Action and FameThe Game of Bug Bounty Hunting - Money, Drama, Action and Fame
The Game of Bug Bounty Hunting - Money, Drama, Action and FameAbhinav Mishra
 
Securing TodoMVC Using the Web Cryptography API
Securing TodoMVC Using the Web Cryptography APISecuring TodoMVC Using the Web Cryptography API
Securing TodoMVC Using the Web Cryptography APIKevin Hakanson
 
Crypto failures every developer should avoid
Crypto failures every developer should avoidCrypto failures every developer should avoid
Crypto failures every developer should avoidFilip Šebesta
 
Java script and web cryptography (cf.objective)
Java script and web cryptography (cf.objective)Java script and web cryptography (cf.objective)
Java script and web cryptography (cf.objective)ColdFusionConference
 
Let's Encrypt! Wait. Why? How?
Let's Encrypt! Wait. Why? How?Let's Encrypt! Wait. Why? How?
Let's Encrypt! Wait. Why? How?Nancy Thanki
 
enkripsi and authentication
enkripsi and authenticationenkripsi and authentication
enkripsi and authenticationahmad amiruddin
 
Bugs Aren't Random
Bugs Aren't RandomBugs Aren't Random
Bugs Aren't RandomDan Kaminsky
 
Hacker Halted 2018: From CTF to CVE – How Application of Concepts and Persist...
Hacker Halted 2018: From CTF to CVE – How Application of Concepts and Persist...Hacker Halted 2018: From CTF to CVE – How Application of Concepts and Persist...
Hacker Halted 2018: From CTF to CVE – How Application of Concepts and Persist...EC-Council
 
Web Apps vs Blockchain dApps (Smart Contracts): tools, vulns and standards
Web Apps vs Blockchain dApps (Smart Contracts): tools, vulns and standardsWeb Apps vs Blockchain dApps (Smart Contracts): tools, vulns and standards
Web Apps vs Blockchain dApps (Smart Contracts): tools, vulns and standardsSecuRing
 
Wireless Hotspot: The Hackers Playground
Wireless Hotspot: The Hackers PlaygroundWireless Hotspot: The Hackers Playground
Wireless Hotspot: The Hackers PlaygroundJim Geovedi
 
Secure Communication with an Insecure Internet Infrastructure
Secure Communication with an Insecure Internet InfrastructureSecure Communication with an Insecure Internet Infrastructure
Secure Communication with an Insecure Internet Infrastructurewebhostingguy
 
Cybercrime and the Developer Java2Days 2016 Sofia
Cybercrime and the Developer Java2Days 2016 SofiaCybercrime and the Developer Java2Days 2016 Sofia
Cybercrime and the Developer Java2Days 2016 SofiaSteve Poole
 
Wo defensive trickery_13mar2017
Wo defensive trickery_13mar2017Wo defensive trickery_13mar2017
Wo defensive trickery_13mar2017Dan Kaminsky
 
BSides Cleveland: Phishing Forensics - Is it just suspicious or is it malicious?
BSides Cleveland: Phishing Forensics - Is it just suspicious or is it malicious?BSides Cleveland: Phishing Forensics - Is it just suspicious or is it malicious?
BSides Cleveland: Phishing Forensics - Is it just suspicious or is it malicious?CiNPA Security SIG
 
Hashgraph vs Blockchain | Hedera Hashgraph Tutorial | Hashgraph Technology | ...
Hashgraph vs Blockchain | Hedera Hashgraph Tutorial | Hashgraph Technology | ...Hashgraph vs Blockchain | Hedera Hashgraph Tutorial | Hashgraph Technology | ...
Hashgraph vs Blockchain | Hedera Hashgraph Tutorial | Hashgraph Technology | ...Edureka!
 
Password cracking and brute force tools
Password cracking and brute force toolsPassword cracking and brute force tools
Password cracking and brute force toolszeus7856
 
Bitcoin, the Blockchain, and Open Source
Bitcoin, the Blockchain, and Open SourceBitcoin, the Blockchain, and Open Source
Bitcoin, the Blockchain, and Open SourceAll Things Open
 
OSDC 2014: Michael Renner - Secure encryption in a wiretapped future
OSDC 2014: Michael Renner - Secure encryption in a wiretapped futureOSDC 2014: Michael Renner - Secure encryption in a wiretapped future
OSDC 2014: Michael Renner - Secure encryption in a wiretapped futureNETWAYS
 
Four years of breaking HTTPS with BGP hijacking
Four years of breaking HTTPS with BGP hijackingFour years of breaking HTTPS with BGP hijacking
Four years of breaking HTTPS with BGP hijackingAPNIC
 
Information about the SSL Certificate
Information about the SSL CertificateInformation about the SSL Certificate
Information about the SSL CertificateCheapSSLUSA
 
Delivering the news over HTTPS
Delivering the news over HTTPSDelivering the news over HTTPS
Delivering the news over HTTPSPaul Schreiber
 

More Related Content

What's hot

Cryptography In The Browser Using JavaScript
Cryptography In The Browser Using JavaScriptCryptography In The Browser Using JavaScript
Cryptography In The Browser Using JavaScriptbarysteyn
 
The Game of Bug Bounty Hunting - Money, Drama, Action and Fame
The Game of Bug Bounty Hunting - Money, Drama, Action and FameThe Game of Bug Bounty Hunting - Money, Drama, Action and Fame
The Game of Bug Bounty Hunting - Money, Drama, Action and FameAbhinav Mishra
 
Securing TodoMVC Using the Web Cryptography API
Securing TodoMVC Using the Web Cryptography APISecuring TodoMVC Using the Web Cryptography API
Securing TodoMVC Using the Web Cryptography APIKevin Hakanson
 
Crypto failures every developer should avoid
Crypto failures every developer should avoidCrypto failures every developer should avoid
Crypto failures every developer should avoidFilip Šebesta
 
Java script and web cryptography (cf.objective)
Java script and web cryptography (cf.objective)Java script and web cryptography (cf.objective)
Java script and web cryptography (cf.objective)ColdFusionConference
 
Let's Encrypt! Wait. Why? How?
Let's Encrypt! Wait. Why? How?Let's Encrypt! Wait. Why? How?
Let's Encrypt! Wait. Why? How?Nancy Thanki
 
enkripsi and authentication
enkripsi and authenticationenkripsi and authentication
enkripsi and authenticationahmad amiruddin
 
Bugs Aren't Random
Bugs Aren't RandomBugs Aren't Random
Bugs Aren't RandomDan Kaminsky
 
Hacker Halted 2018: From CTF to CVE – How Application of Concepts and Persist...
Hacker Halted 2018: From CTF to CVE – How Application of Concepts and Persist...Hacker Halted 2018: From CTF to CVE – How Application of Concepts and Persist...
Hacker Halted 2018: From CTF to CVE – How Application of Concepts and Persist...EC-Council
 
Web Apps vs Blockchain dApps (Smart Contracts): tools, vulns and standards
Web Apps vs Blockchain dApps (Smart Contracts): tools, vulns and standardsWeb Apps vs Blockchain dApps (Smart Contracts): tools, vulns and standards
Web Apps vs Blockchain dApps (Smart Contracts): tools, vulns and standardsSecuRing
 
Wireless Hotspot: The Hackers Playground
Wireless Hotspot: The Hackers PlaygroundWireless Hotspot: The Hackers Playground
Wireless Hotspot: The Hackers PlaygroundJim Geovedi
 
Secure Communication with an Insecure Internet Infrastructure
Secure Communication with an Insecure Internet InfrastructureSecure Communication with an Insecure Internet Infrastructure
Secure Communication with an Insecure Internet Infrastructurewebhostingguy
 
Cybercrime and the Developer Java2Days 2016 Sofia
Cybercrime and the Developer Java2Days 2016 SofiaCybercrime and the Developer Java2Days 2016 Sofia
Cybercrime and the Developer Java2Days 2016 SofiaSteve Poole
 
Wo defensive trickery_13mar2017
Wo defensive trickery_13mar2017Wo defensive trickery_13mar2017
Wo defensive trickery_13mar2017Dan Kaminsky
 
BSides Cleveland: Phishing Forensics - Is it just suspicious or is it malicious?
BSides Cleveland: Phishing Forensics - Is it just suspicious or is it malicious?BSides Cleveland: Phishing Forensics - Is it just suspicious or is it malicious?
BSides Cleveland: Phishing Forensics - Is it just suspicious or is it malicious?CiNPA Security SIG
 
Hashgraph vs Blockchain | Hedera Hashgraph Tutorial | Hashgraph Technology | ...
Hashgraph vs Blockchain | Hedera Hashgraph Tutorial | Hashgraph Technology | ...Hashgraph vs Blockchain | Hedera Hashgraph Tutorial | Hashgraph Technology | ...
Hashgraph vs Blockchain | Hedera Hashgraph Tutorial | Hashgraph Technology | ...Edureka!
 
Password cracking and brute force tools
Password cracking and brute force toolsPassword cracking and brute force tools
Password cracking and brute force toolszeus7856
 
Bitcoin, the Blockchain, and Open Source
Bitcoin, the Blockchain, and Open SourceBitcoin, the Blockchain, and Open Source
Bitcoin, the Blockchain, and Open SourceAll Things Open
 
OSDC 2014: Michael Renner - Secure encryption in a wiretapped future
OSDC 2014: Michael Renner - Secure encryption in a wiretapped futureOSDC 2014: Michael Renner - Secure encryption in a wiretapped future
OSDC 2014: Michael Renner - Secure encryption in a wiretapped futureNETWAYS
 
Four years of breaking HTTPS with BGP hijacking
Four years of breaking HTTPS with BGP hijackingFour years of breaking HTTPS with BGP hijacking
Four years of breaking HTTPS with BGP hijackingAPNIC
 

What's hot (20)

Cryptography In The Browser Using JavaScript
Cryptography In The Browser Using JavaScriptCryptography In The Browser Using JavaScript
Cryptography In The Browser Using JavaScript
 
The Game of Bug Bounty Hunting - Money, Drama, Action and Fame
The Game of Bug Bounty Hunting - Money, Drama, Action and FameThe Game of Bug Bounty Hunting - Money, Drama, Action and Fame
The Game of Bug Bounty Hunting - Money, Drama, Action and Fame
 
Securing TodoMVC Using the Web Cryptography API
Securing TodoMVC Using the Web Cryptography APISecuring TodoMVC Using the Web Cryptography API
Securing TodoMVC Using the Web Cryptography API
 
Crypto failures every developer should avoid
Crypto failures every developer should avoidCrypto failures every developer should avoid
Crypto failures every developer should avoid
 
Java script and web cryptography (cf.objective)
Java script and web cryptography (cf.objective)Java script and web cryptography (cf.objective)
Java script and web cryptography (cf.objective)
 
Let's Encrypt! Wait. Why? How?
Let's Encrypt! Wait. Why? How?Let's Encrypt! Wait. Why? How?
Let's Encrypt! Wait. Why? How?
 
enkripsi and authentication
enkripsi and authenticationenkripsi and authentication
enkripsi and authentication
 
Bugs Aren't Random
Bugs Aren't RandomBugs Aren't Random
Bugs Aren't Random
 
Hacker Halted 2018: From CTF to CVE – How Application of Concepts and Persist...
Hacker Halted 2018: From CTF to CVE – How Application of Concepts and Persist...Hacker Halted 2018: From CTF to CVE – How Application of Concepts and Persist...
Hacker Halted 2018: From CTF to CVE – How Application of Concepts and Persist...
 
Web Apps vs Blockchain dApps (Smart Contracts): tools, vulns and standards
Web Apps vs Blockchain dApps (Smart Contracts): tools, vulns and standardsWeb Apps vs Blockchain dApps (Smart Contracts): tools, vulns and standards
Web Apps vs Blockchain dApps (Smart Contracts): tools, vulns and standards
 
Wireless Hotspot: The Hackers Playground
Wireless Hotspot: The Hackers PlaygroundWireless Hotspot: The Hackers Playground
Wireless Hotspot: The Hackers Playground
 
Secure Communication with an Insecure Internet Infrastructure
Secure Communication with an Insecure Internet InfrastructureSecure Communication with an Insecure Internet Infrastructure
Secure Communication with an Insecure Internet Infrastructure
 
Cybercrime and the Developer Java2Days 2016 Sofia
Cybercrime and the Developer Java2Days 2016 SofiaCybercrime and the Developer Java2Days 2016 Sofia
Cybercrime and the Developer Java2Days 2016 Sofia
 
Wo defensive trickery_13mar2017
Wo defensive trickery_13mar2017Wo defensive trickery_13mar2017
Wo defensive trickery_13mar2017
 
BSides Cleveland: Phishing Forensics - Is it just suspicious or is it malicious?
BSides Cleveland: Phishing Forensics - Is it just suspicious or is it malicious?BSides Cleveland: Phishing Forensics - Is it just suspicious or is it malicious?
BSides Cleveland: Phishing Forensics - Is it just suspicious or is it malicious?
 
Hashgraph vs Blockchain | Hedera Hashgraph Tutorial | Hashgraph Technology | ...
Hashgraph vs Blockchain | Hedera Hashgraph Tutorial | Hashgraph Technology | ...Hashgraph vs Blockchain | Hedera Hashgraph Tutorial | Hashgraph Technology | ...
Hashgraph vs Blockchain | Hedera Hashgraph Tutorial | Hashgraph Technology | ...
 
Password cracking and brute force tools
Password cracking and brute force toolsPassword cracking and brute force tools
Password cracking and brute force tools
 
Bitcoin, the Blockchain, and Open Source
Bitcoin, the Blockchain, and Open SourceBitcoin, the Blockchain, and Open Source
Bitcoin, the Blockchain, and Open Source
 
OSDC 2014: Michael Renner - Secure encryption in a wiretapped future
OSDC 2014: Michael Renner - Secure encryption in a wiretapped futureOSDC 2014: Michael Renner - Secure encryption in a wiretapped future
OSDC 2014: Michael Renner - Secure encryption in a wiretapped future
 
Four years of breaking HTTPS with BGP hijacking
Four years of breaking HTTPS with BGP hijackingFour years of breaking HTTPS with BGP hijacking
Four years of breaking HTTPS with BGP hijacking
 

Viewers also liked

Information about the SSL Certificate
Information about the SSL CertificateInformation about the SSL Certificate
Information about the SSL CertificateCheapSSLUSA
 
Delivering the news over HTTPS
Delivering the news over HTTPSDelivering the news over HTTPS
Delivering the news over HTTPSPaul Schreiber
 
WordCamp US: Delivering the news over HTTPS
WordCamp US: Delivering the news over HTTPSWordCamp US: Delivering the news over HTTPS
WordCamp US: Delivering the news over HTTPSPaul Schreiber
 
Secure Sockets Layer(SSL)Certificate
Secure Sockets Layer(SSL)CertificateSecure Sockets Layer(SSL)Certificate
Secure Sockets Layer(SSL)CertificateCheapSSLUSA
 
BigWP: Delivering the news over HTTPS
BigWP: Delivering the news over HTTPSBigWP: Delivering the news over HTTPS
BigWP: Delivering the news over HTTPSPaul Schreiber
 
HTTPS: What, Why and How (SmashingConf Freiburg, Sep 2015)
HTTPS: What, Why and How (SmashingConf Freiburg, Sep 2015)HTTPS: What, Why and How (SmashingConf Freiburg, Sep 2015)
HTTPS: What, Why and How (SmashingConf Freiburg, Sep 2015)Guy Podjarny
 
BrightonSEO Sep 2015 - HTTPS | Mark Thomas
BrightonSEO Sep 2015 - HTTPS | Mark Thomas BrightonSEO Sep 2015 - HTTPS | Mark Thomas
BrightonSEO Sep 2015 - HTTPS | Mark Thomas Anna Morrison
 
SSL & TLS Architecture short
SSL & TLS Architecture shortSSL & TLS Architecture short
SSL & TLS Architecture shortAvirot Mitamura
 
Introduction to Secure Sockets Layer
Introduction to Secure Sockets LayerIntroduction to Secure Sockets Layer
Introduction to Secure Sockets LayerNascenia IT
 
Nisra16 你的 https 真的安全嗎?
Nisra16 你的 https 真的安全嗎?Nisra16 你的 https 真的安全嗎?
Nisra16 你的 https 真的安全嗎?Huang-I Yang
 
Do's & Dont's for HTTPs migrations #SearchLDN
Do's & Dont's for HTTPs migrations #SearchLDNDo's & Dont's for HTTPs migrations #SearchLDN
Do's & Dont's for HTTPs migrations #SearchLDNAleyda Solís
 

Viewers also liked (15)

Information about the SSL Certificate
Information about the SSL CertificateInformation about the SSL Certificate
Information about the SSL Certificate
 
Delivering the news over HTTPS
Delivering the news over HTTPSDelivering the news over HTTPS
Delivering the news over HTTPS
 
WordCamp US: Delivering the news over HTTPS
WordCamp US: Delivering the news over HTTPSWordCamp US: Delivering the news over HTTPS
WordCamp US: Delivering the news over HTTPS
 
Secure Sockets Layer(SSL)Certificate
Secure Sockets Layer(SSL)CertificateSecure Sockets Layer(SSL)Certificate
Secure Sockets Layer(SSL)Certificate
 
HTTPS, Here and Now
HTTPS, Here and NowHTTPS, Here and Now
HTTPS, Here and Now
 
BigWP: Delivering the news over HTTPS
BigWP: Delivering the news over HTTPSBigWP: Delivering the news over HTTPS
BigWP: Delivering the news over HTTPS
 
SSL/TLS
SSL/TLSSSL/TLS
SSL/TLS
 
HTTPS: What, Why and How (SmashingConf Freiburg, Sep 2015)
HTTPS: What, Why and How (SmashingConf Freiburg, Sep 2015)HTTPS: What, Why and How (SmashingConf Freiburg, Sep 2015)
HTTPS: What, Why and How (SmashingConf Freiburg, Sep 2015)
 
BrightonSEO Sep 2015 - HTTPS | Mark Thomas
BrightonSEO Sep 2015 - HTTPS | Mark Thomas BrightonSEO Sep 2015 - HTTPS | Mark Thomas
BrightonSEO Sep 2015 - HTTPS | Mark Thomas
 
SSL & TLS Architecture short
SSL & TLS Architecture shortSSL & TLS Architecture short
SSL & TLS Architecture short
 
HTTP Basics
HTTP BasicsHTTP Basics
HTTP Basics
 
Introduction to Secure Sockets Layer
Introduction to Secure Sockets LayerIntroduction to Secure Sockets Layer
Introduction to Secure Sockets Layer
 
Http Vs Https .
Http Vs Https . Http Vs Https .
Http Vs Https .
 
Nisra16 你的 https 真的安全嗎?
Nisra16 你的 https 真的安全嗎?Nisra16 你的 https 真的安全嗎?
Nisra16 你的 https 真的安全嗎?
 
Do's & Dont's for HTTPs migrations #SearchLDN
Do's & Dont's for HTTPs migrations #SearchLDNDo's & Dont's for HTTPs migrations #SearchLDN
Do's & Dont's for HTTPs migrations #SearchLDN
 

Similar to SSL certificates

Industry Best Practices For SSH - DevOps.com Webinar
Industry Best Practices For SSH - DevOps.com WebinarIndustry Best Practices For SSH - DevOps.com Webinar
Industry Best Practices For SSH - DevOps.com WebinarTeleport
 
Industry Best Practices for SSH Access
Industry Best Practices for SSH AccessIndustry Best Practices for SSH Access
Industry Best Practices for SSH AccessDevOps.com
 
Introduction to Public Key Infrastructure
Introduction to Public Key InfrastructureIntroduction to Public Key Infrastructure
Introduction to Public Key InfrastructureTheo Gravity
 
Let's Encrypt: Better Security through Automation
Let's Encrypt: Better Security through AutomationLet's Encrypt: Better Security through Automation
Let's Encrypt: Better Security through AutomationAPNIC
 
encryption presentation (SAGE-WA, 2010-10-05)
encryption presentation (SAGE-WA, 2010-10-05)encryption presentation (SAGE-WA, 2010-10-05)
encryption presentation (SAGE-WA, 2010-10-05)Alastair Irvine
 
Certificate pinning in android applications
Certificate pinning in android applicationsCertificate pinning in android applications
Certificate pinning in android applicationsArash Ramez
 
Eliminating Secret Sprawl in the Cloud with HashiCorp Vault - 07.11.2018
Eliminating Secret Sprawl in the Cloud with HashiCorp Vault - 07.11.2018Eliminating Secret Sprawl in the Cloud with HashiCorp Vault - 07.11.2018
Eliminating Secret Sprawl in the Cloud with HashiCorp Vault - 07.11.2018HashiCorp
 
Securing your digital life - Jason Addie
Securing your digital life - Jason AddieSecuring your digital life - Jason Addie
Securing your digital life - Jason AddieDataFest Tbilisi
 
Certificates and Web of Trust
Certificates and Web of TrustCertificates and Web of Trust
Certificates and Web of TrustYousof Alsatom
 
#Morecrypto (with tis) - version 2.2
#Morecrypto (with tis) - version 2.2#Morecrypto (with tis) - version 2.2
#Morecrypto (with tis) - version 2.2Olle E Johansson
 
Authentication without Authentication - AppSec California
Authentication without Authentication - AppSec CaliforniaAuthentication without Authentication - AppSec California
Authentication without Authentication - AppSec CaliforniaSoluto
 
Overview of SSL: choose the option that's right for you
Overview of SSL: choose the option that's right for youOverview of SSL: choose the option that's right for you
Overview of SSL: choose the option that's right for youCloudflare
 
WordCamp Raleigh 2017 - Move from HTTP to HTTPS or become irrelevant - Peter ...
WordCamp Raleigh 2017 - Move from HTTP to HTTPS or become irrelevant - Peter ...WordCamp Raleigh 2017 - Move from HTTP to HTTPS or become irrelevant - Peter ...
WordCamp Raleigh 2017 - Move from HTTP to HTTPS or become irrelevant - Peter ...Peter LaFond
 
Secure Developer Access at Decisiv
Secure Developer Access at DecisivSecure Developer Access at Decisiv
Secure Developer Access at DecisivTeleport
 
Lost and Found Certificates: dealing with residual certificates for pre-owned...
Lost and Found Certificates: dealing with residual certificates for pre-owned...Lost and Found Certificates: dealing with residual certificates for pre-owned...
Lost and Found Certificates: dealing with residual certificates for pre-owned...Priyanka Aash
 

Similar to SSL certificates (20)

Digital certificates
Digital certificatesDigital certificates
Digital certificates
 
Symantec SSL Explained
Symantec SSL ExplainedSymantec SSL Explained
Symantec SSL Explained
 
Industry Best Practices For SSH - DevOps.com Webinar
Industry Best Practices For SSH - DevOps.com WebinarIndustry Best Practices For SSH - DevOps.com Webinar
Industry Best Practices For SSH - DevOps.com Webinar
 
Industry Best Practices for SSH Access
Industry Best Practices for SSH AccessIndustry Best Practices for SSH Access
Industry Best Practices for SSH Access
 
Introduction to Public Key Infrastructure
Introduction to Public Key InfrastructureIntroduction to Public Key Infrastructure
Introduction to Public Key Infrastructure
 
Let's Encrypt: Better Security through Automation
Let's Encrypt: Better Security through AutomationLet's Encrypt: Better Security through Automation
Let's Encrypt: Better Security through Automation
 
encryption presentation (SAGE-WA, 2010-10-05)
encryption presentation (SAGE-WA, 2010-10-05)encryption presentation (SAGE-WA, 2010-10-05)
encryption presentation (SAGE-WA, 2010-10-05)
 
Certificate pinning in android applications
Certificate pinning in android applicationsCertificate pinning in android applications
Certificate pinning in android applications
 
Eliminating Secret Sprawl in the Cloud with HashiCorp Vault - 07.11.2018
Eliminating Secret Sprawl in the Cloud with HashiCorp Vault - 07.11.2018Eliminating Secret Sprawl in the Cloud with HashiCorp Vault - 07.11.2018
Eliminating Secret Sprawl in the Cloud with HashiCorp Vault - 07.11.2018
 
Let's Encrypt
Let's EncryptLet's Encrypt
Let's Encrypt
 
The world of encryption
The world of encryptionThe world of encryption
The world of encryption
 
Securing your digital life - Jason Addie
Securing your digital life - Jason AddieSecuring your digital life - Jason Addie
Securing your digital life - Jason Addie
 
Certificates and Web of Trust
Certificates and Web of TrustCertificates and Web of Trust
Certificates and Web of Trust
 
Public Vs. Private Keys
Public Vs. Private KeysPublic Vs. Private Keys
Public Vs. Private Keys
 
#Morecrypto (with tis) - version 2.2
#Morecrypto (with tis) - version 2.2#Morecrypto (with tis) - version 2.2
#Morecrypto (with tis) - version 2.2
 
Authentication without Authentication - AppSec California
Authentication without Authentication - AppSec CaliforniaAuthentication without Authentication - AppSec California
Authentication without Authentication - AppSec California
 
Overview of SSL: choose the option that's right for you
Overview of SSL: choose the option that's right for youOverview of SSL: choose the option that's right for you
Overview of SSL: choose the option that's right for you
 
WordCamp Raleigh 2017 - Move from HTTP to HTTPS or become irrelevant - Peter ...
WordCamp Raleigh 2017 - Move from HTTP to HTTPS or become irrelevant - Peter ...WordCamp Raleigh 2017 - Move from HTTP to HTTPS or become irrelevant - Peter ...
WordCamp Raleigh 2017 - Move from HTTP to HTTPS or become irrelevant - Peter ...
 
Secure Developer Access at Decisiv
Secure Developer Access at DecisivSecure Developer Access at Decisiv
Secure Developer Access at Decisiv
 
Lost and Found Certificates: dealing with residual certificates for pre-owned...
Lost and Found Certificates: dealing with residual certificates for pre-owned...Lost and Found Certificates: dealing with residual certificates for pre-owned...
Lost and Found Certificates: dealing with residual certificates for pre-owned...
 

More from Kevin OBrien

Diffie_Hellman-Merkle Key Exchange
Diffie_Hellman-Merkle Key ExchangeDiffie_Hellman-Merkle Key Exchange
Diffie_Hellman-Merkle Key ExchangeKevin OBrien
 
Password best practices and the last pass hack
Password best practices and the last pass hackPassword best practices and the last pass hack
Password best practices and the last pass hackKevin OBrien
 
Linux Directory Structure
Linux Directory StructureLinux Directory Structure
Linux Directory StructureKevin OBrien
 
Hardware Discovery Commands
Hardware Discovery CommandsHardware Discovery Commands
Hardware Discovery CommandsKevin OBrien
 
Introduction to linux
Introduction to linuxIntroduction to linux
Introduction to linuxKevin OBrien
 
Help, my computer is sluggish
Help, my computer is sluggishHelp, my computer is sluggish
Help, my computer is sluggishKevin OBrien
 
Installing Software, Part 3: Command Line
Installing Software, Part 3: Command LineInstalling Software, Part 3: Command Line
Installing Software, Part 3: Command LineKevin OBrien
 
Installing Software, Part 2: Package Managers
Installing Software, Part 2: Package ManagersInstalling Software, Part 2: Package Managers
Installing Software, Part 2: Package ManagersKevin OBrien
 
Installing Software, Part 1 - Repositories
Installing Software, Part 1 - RepositoriesInstalling Software, Part 1 - Repositories
Installing Software, Part 1 - RepositoriesKevin OBrien
 
Installing Linux: Partitioning and File System Considerations
Installing Linux: Partitioning and File System ConsiderationsInstalling Linux: Partitioning and File System Considerations
Installing Linux: Partitioning and File System ConsiderationsKevin OBrien
 
The ifconfig Command
The ifconfig CommandThe ifconfig Command
The ifconfig CommandKevin OBrien
 
Find and Locate: Two Commands
Find and Locate: Two CommandsFind and Locate: Two Commands
Find and Locate: Two CommandsKevin OBrien
 
The Shell Game Part 4: Bash Shortcuts
The Shell Game Part 4: Bash ShortcutsThe Shell Game Part 4: Bash Shortcuts
The Shell Game Part 4: Bash ShortcutsKevin OBrien
 
The Shell Game Part 3: Introduction to Bash
The Shell Game Part 3: Introduction to BashThe Shell Game Part 3: Introduction to Bash
The Shell Game Part 3: Introduction to BashKevin OBrien
 
The Shell Game Part 2: What are your shell choices?
The Shell Game Part 2: What are your shell choices?The Shell Game Part 2: What are your shell choices?
The Shell Game Part 2: What are your shell choices?Kevin OBrien
 
The Shell Game Part 1: What is a shell?
The Shell Game Part 1: What is a shell?The Shell Game Part 1: What is a shell?
The Shell Game Part 1: What is a shell?Kevin OBrien
 

More from Kevin OBrien (20)

American icon pmi
American icon pmiAmerican icon pmi
American icon pmi
 
Tls 1.3
Tls 1.3Tls 1.3
Tls 1.3
 
Diffie_Hellman-Merkle Key Exchange
Diffie_Hellman-Merkle Key ExchangeDiffie_Hellman-Merkle Key Exchange
Diffie_Hellman-Merkle Key Exchange
 
Password best practices and the last pass hack
Password best practices and the last pass hackPassword best practices and the last pass hack
Password best practices and the last pass hack
 
Encryption basics
Encryption basicsEncryption basics
Encryption basics
 
Linux Directory Structure
Linux Directory StructureLinux Directory Structure
Linux Directory Structure
 
Hardware Discovery Commands
Hardware Discovery CommandsHardware Discovery Commands
Hardware Discovery Commands
 
Introduction to linux
Introduction to linuxIntroduction to linux
Introduction to linux
 
Help, my computer is sluggish
Help, my computer is sluggishHelp, my computer is sluggish
Help, my computer is sluggish
 
The ps Command
The ps CommandThe ps Command
The ps Command
 
Installing Software, Part 3: Command Line
Installing Software, Part 3: Command LineInstalling Software, Part 3: Command Line
Installing Software, Part 3: Command Line
 
Installing Software, Part 2: Package Managers
Installing Software, Part 2: Package ManagersInstalling Software, Part 2: Package Managers
Installing Software, Part 2: Package Managers
 
Installing Software, Part 1 - Repositories
Installing Software, Part 1 - RepositoriesInstalling Software, Part 1 - Repositories
Installing Software, Part 1 - Repositories
 
Installing Linux: Partitioning and File System Considerations
Installing Linux: Partitioning and File System ConsiderationsInstalling Linux: Partitioning and File System Considerations
Installing Linux: Partitioning and File System Considerations
 
The ifconfig Command
The ifconfig CommandThe ifconfig Command
The ifconfig Command
 
Find and Locate: Two Commands
Find and Locate: Two CommandsFind and Locate: Two Commands
Find and Locate: Two Commands
 
The Shell Game Part 4: Bash Shortcuts
The Shell Game Part 4: Bash ShortcutsThe Shell Game Part 4: Bash Shortcuts
The Shell Game Part 4: Bash Shortcuts
 
The Shell Game Part 3: Introduction to Bash
The Shell Game Part 3: Introduction to BashThe Shell Game Part 3: Introduction to Bash
The Shell Game Part 3: Introduction to Bash
 
The Shell Game Part 2: What are your shell choices?
The Shell Game Part 2: What are your shell choices?The Shell Game Part 2: What are your shell choices?
The Shell Game Part 2: What are your shell choices?
 
The Shell Game Part 1: What is a shell?
The Shell Game Part 1: What is a shell?The Shell Game Part 1: What is a shell?
The Shell Game Part 1: What is a shell?
 

SSL certificates

  • 2. Use of Encryption ● SSL Certificates use encryption technology ● Both Asymmetric and Symmetric algorithms are employed ● Works similarly to e-mail encryption and signing
  • 3. Digital Signatures ● When you sign an e-mail, it is encrypted using your private key ● Anything encrypted with that key can be decrypted by your public key ● But the message is there in clear text already, so it is not encryption for secrecy
  • 4. What it demonstrates ● The encrypted version is there along with the plain text version ● If your public key decrypts the encrypted message, it proves you were the one who sent it ● The messages can be compared to show nothing changed in transit
  • 5. Digital Certificates ● Use the same technology ● A public key is distributed for each cert ● A signed version of the cert is created using the private key ● The public key can then validate the cert
  • 6. SSL ● Stands for Secure Sockets Layer ● Created by Netscape in the 1990s ● Currently up to SSL 3.0 ● No longer secure – See POODLE ● https://securityblog.redhat.com/2014/10/15/poo dle-a-ssl3-vulnerability-cve-2014-3566/
  • 7. TLS ● Transport Layer Security ● More secure than SSL ● Should be used in all cases ● But can be attacked by inducing a downgrade to SSL 3.0 (POODLE) ● https://securityblog.redhat.com/2014/10/20/can- ssl-3-0-be-fixed-an-analysis-of-the-poodle- attack/
  • 8. Solution? ● Basically, disable any support for SSL 3.0 ● TLS is the successor to SSL ● If you run a server consult the vendor regarding how to disable SSL on your server ● https://access.redhat.com/articles/1232123 ● But note that certain applications that do not support TLS may default to plain text instead
  • 9. The Request ● A browser makes a request for a connection using HTTPS, or the server defaults to HTTPS ● https://www.eff.org/https-everywhere ● Google is now boosting sites that default to HTTPS in the search results ● https://www.eff.org/deeplinks/2014/08/google- boosts-secure-sites-search-results
  • 10. Key Exchange ● A public key is distributed by the server ● The private key is used to encrypt a certificate ● This is sent to the client ● Then a Diffie-Hellman-Merkle Key Exchange or an RSA Key Exchange is done to create an agreed symmetric key ● The symmetric key is then used for all further communication
  • 11. Man-in-the-middle ● What happens if a man-in-the-middle intercepts your request and gives you a fake cert? ● This is what many companies do legally ● If you are on their network, they have a right to search all of your traffic ● So they set up a proxy that intercepts and responds to all requests
  • 12. Signing Certificates ● Certificate Authorities will for a fee sign your certificate to attest to its validity ● They do this using their own private key ● Symantec is the largest (it bought Verisign ) ● GoDaddy is big here ● Thawte is how Mark Shuttleworth got so rich
  • 13. X.509 established ● Standard adopted by International Telegraphic Union in 1988 for managing secure communications ● Established the role of Certificate Authorities ● Sets the standard format for certificates
  • 14. Hierarchical model ● Different from Web of Trust in e-mail ● Chain starts with Root Authorities ● Certificates, including public keys, for most root authorities are included in your browser as it comes from the vendor ● Root authorities can then sign certificates for intermediate authorities ● And then they can sign others, down to the site
  • 15. If no root cert installed? ● You would then need to go through a handshake process to obtain a cert ● Do you trust what you get?
  • 16. X.509 format ● Includes (among other things) – Version – Serial Number – Algorithm ID – Issuer – Validity – Public Key ● http://en.wikipedia.org/wiki/X.509
  • 17. Negotiation ● Version, Serial Number, and Algorithm ID important to set up a connection ● Negotiation between site and browser on encryption protocol used
  • 18. Trust ● Issuer may be important – Is this cert self- signed? ● Validity – Is this cert still valid? Should have a date range, and be rejected outside of that range ● A good browser should warn you if anything is amiss here, but you can still connect if you want
  • 19. Public key ● Obviously, this is needed to begin the connection securely
  • 20. Handshake ● You send the server a message asking to create a connection ● https://www.eff.org/Https-everywhere Will make it always a request for a secure connection ● Or manually by typing HTTPS instead of HTTP in the address bar ● Up to server to accept ● Google does so by default for all of its properties
  • 21. If you don't request security ● The server then has the option of requesting a secure connection ● This should be the case for any e-commerce transaction ● We are moving to a world where it will be the default
  • 22. Negotiation (again) ● The server and your browser compare notes on what protocols each supports ● Idea is to choose the most secure protocol that is supported by both ● Then a secret key (Symmetric) is generated by the parties ● Can be done in a couple of ways
  • 23. Secret Key Exchange ● Then the Symmetric Key is exchanged through the Public Key connection ● This is then used to handle the rest of the communication ● Symmetric Keys are much more efficient ● Note: there are interesting security issues around how this Symmetric Key is exchanged, but that is beyond the scope of this presentation
  • 24. For more detailed info... ● https://engineering.purdue.edu/kak/compsec/NewL
  • 25. Last step ● A session ID is established that allows an interrupted session to be resumed without going through the entire handshake again
  • 26. Certs aren't just Web ● Certificates using X.509 are used in a number of contexts ● For example, UEFI and Secure Boot uses x.509 Certs issued by Microsoft (as the Certificate Authority)
  • 27. Problems with SSL Certificates ● Most problems are not about cryptography ● As Bruce Schneier says, you can trust the math ● Processes, though, can have vulnerabilities
  • 28. Root Authorities ● Root authorities cannot be vouched for by any other authority ● Browsers contain a bunch of root authorities they trust, with their certificates ● For example: https://www.mozilla.org/en- US/about/governance/policies/security- group/certs/included/ is what Firefox trusts
  • 29. Too many! ● The Firefox list contains a huge number of CAs ● Some of them are governments ● Would you trust a cert signed by the government? ● What about the Hong Kong Post Office?
  • 30. Are CAs Trustworthy? ● Not necessarily ● Nor do all browsers agree on which ones to trust
  • 31. DigiNotar ● Dutch CA hacked in 2011 ● Hackers appear to be Iranian Gov't. Though that is not certain ● Issued fraudulent certs for Google to do man-in- the-middle attacks on Gmail users ● Affected 300,000 users ● DigiNotar went bankrupt ● https://en.wikipedia.org/wiki/DigiNotar
  • 32. Indian Government ● National Informatics Centre issued certs purporting to be from Google and Yahoo ● This CA was never trusted by Google or Mozilla ● Was trusted by Microsoft ● No one knows exactly why this was done, but presumably to execute man-in-the-middle attacks ● http://www.zdnet.com/article/microsoft-warns-of-fake- google-and-yahoo-domains/
  • 33. French Government ● DG Tresor (French Treasury) issued fake Google Certs in 2013 ● These Treasury certs were in turn vouched for by IGC/A ● Again, this seems like a man-in-the-middle attack ● https://nakedsecurity.sophos.com/2013/12/09/serio us-security-google-finds-fake-but-trusted-ssl- certificates-for-its-domains-made-in-france/
  • 34. TURKTRUST ● Probably a blunder to begin with ● TURKTRUST issued two Intermediate Certs by mistake when it should have issued Regular Certs ● Intermediate Certs can be used to issue and sign other Certs ● One went to Turkish Government
  • 35. Now it gets interesting ● Turkish government wanted to scan traffic ● This requires getting in the middle ● This is also what companies do with traffic on their network ● If company adds its cert to your browser, it will be trusted, no warning ● Otherwise, you should get a warning
  • 36. No warning! ● But with an Intermediate Cert, signed by Root Authority, it is already trusted, no warning ● Unless you try to access Google using Chrome ● Chrome comes with a list of Google certs built- in, and complains if it sees anything different ● Legitimate problem, just handled badly
  • 37. Man-in-the-middle ● Many of the security issues we deal with are classified as man-in-the-middle attacks ● If I intercept your request for a connection and say “Why yes, I am Google, how may I help you?” and can convince you to connect to me, there it is ● I can pass your requests to Google, get back the response, pass it to you
  • 38. Monitor the traffic ● But because I am in the middle, I can read all of the traffic ● This is what corporate networks do legally ● They need to monitor traffic to assure the security of their network and data ● And this is perfectly legal ● Your company-issued browser probably contains a self-signed certificate that is trusted
  • 39. Trust? ● And because it is trusted you get no warning ● Unless you use Chrome to access Google<g> ● But your company could have your bank login credentials ● And what about the government? ● Do we believe NSA and GCHQ are any better than the other governments?
  • 40. Update your browser! ● You want to install browser updates as soon as they are available ● Remember, your browser has the list of trusted certs ● If one is revoked you want to get that
  • 41. Check for Certificate Revocation ● If a certificate is bad, it should be revoked ● Firefox handles the revocation check quite well ● Chrome refuses to ● This came out with the Heartbleed vulnerability, which was Certificate-related ● Firefox is simply better for security than Chrome in my view
  • 42. Add-ons ● There are a few good ones for Firefox as well ● Convergence add-on warns you if the certificate you see is not what others see - https://www.eff.org/deeplinks/2011/09/post-mortem- ● Certificate Patrol alerts you if the cert has been updated - https://addons.mozilla.org/en- US/firefox/addon/certificate-patrol/
  • 43. Two-Factor Authentication ● Don't rely on certs alone ● Two-factor can prevent someone from logging in to your account ● Available for Gmail, and Duo Security has a free account for individuals
  • 44. For more info ● Electronic Frontier Foundation is the best ● https://www.eff.org/deeplinks/2011/09/post-mortem- Has a how to protect yourself discussion I used for this section
  • 45. Certificate Solutions ● Protecting yourself as an individual is great, but how can we improve the system? ● The CA model we inherited from the 1990s is fundamentally broken ● We need to rely less on trust and more on provable security
  • 46. Certificate Transparency ● Google has refused to implement Certificate Revocations, but has offered Certificate Transparency ● Essentially a public log of all Certificates issued ● Can be examined and monitored by anyone ● Log would give a signed Certificate Timestamp for any cert entered to enforce listing ● Relies on owners looking for false certs
  • 47. TLS Extensions ● Remember that SSL certificates are only one part of the larger Transport Layer Security protocol ● TLS has added extensions for things like new encryption methods and renegotiation of connections ● Other extensions could be added ● http://en.wikipedia.org/wiki/Transport_Layer_Secur ity
  • 48. OCSP ● Online Certificate Status Protocol is a way of verifying a certificate ● Relies on the issuing authority testifying that the public key is still valid ● But vulnerable to man-in-the-middle
  • 49. OCSP Stapling ● Cert owner obtains verification from CA and “staples” this to cert ● During handshake, the cert owner tells your browser to look for this ● If it is not found, browser should query CA directly ● Only risk is if CA is compromised ● So probably not safe against NSA<g>
  • 50. Summary ● SSL Certs use standard cryptography methods ● Problems are not with the cryptography ● But some serious problems with processes ● Trust is not a good way to go