SSL/TLS for Mortals (Devoxx)

 SSL/TLS for Mortals (Devoxx)
T L S
Awesome Sauce, or...
Maarten Mulders (@mthmulders)#tlsformortals
H
Exception in thread "main" javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed:
at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1949)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:302)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:296)
at sun.security.ssl.ClientHandshaker.serverCertif cate(ClientHandshaker.java:1506)
at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:216)
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:979)
at sun.security.ssl.Handshaker.process_record(Handshaker.java:914)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1062)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1375)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1403)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1387)
at sun.net. .protocol.https.HttpsClient.afterConnect(HttpsClient.java:559)
at sun.net. .protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
at sun.net. .protocol.http.HttpURLConnection.getInputStream0(HttpURLConnection.java:1512)
at sun.net. .protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1440)
at sun.net. .protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:254)
at it.mulders.maarten.Demo.main(Demo.java:13)
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderExc
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:387)
at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:292)
at sun.security.validator.Validator.validate(Validator.java:260)
at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:324)
at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:229)
at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:124)
at sun.security.ssl.ClientHandshaker.serverCertif cate(ClientHandshaker.java:1488)
13 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to f nd valid certif cation path to requested target
at sun.security.provider.certpath.SunCertPathBuilder.build(SunCertPathBuilder.java:146)
at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:131)
at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:280)
at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:382)
Maarten Mulders (@mthmulders)#tlsformortals
 SSL/TLS for Mortals (Devoxx)
7 L OSI M
data unit layers
Data
Data
Data
Segments
Packets
Application 
Network Process to Application
Presentation 
Data Representation 
and Encryption
Session 
Interhost Communication
Transport 
End­to­End Connections 
and Reliability
Network 
Path Determination and 
Host Layers
Maarten Mulders (@mthmulders)#tlsformortals
H SSL TLS
SSL 1.0 never released
SSL 2.0 1995 - 2011 (POODLE)
SSL 3.0 1996 - 2014 (POODLE)
TLS 1.0 1999 - 2011 (BEAST)
TLS 1.1 2006
TLS 1.2 2008
TLS 1.3 2018
Maarten Mulders (@mthmulders)#tlsformortals
D
What's the issue?!
Maarten Mulders (@mthmulders)#tlsformortals
H
1. public/private key encryption
2. signed certificates
3. certificate authorities
Maarten Mulders (@mthmulders)#tlsformortals
1 P P
K E
Maarten Mulders (@mthmulders)#tlsformortals
 SSL/TLS for Mortals (Devoxx)
 SSL/TLS for Mortals (Devoxx)
M
1. Select two prime numbers:
2. Calculate product:
3. Select random number < product:
4. Find d, so that
a.
b.
c.
d.
p = 11, q = 17
p ∗ q = 187
e = 3
(d ∗ e) − 1 mod (p − 1) ∗ (q − 1) = 0
(d ∗ 3) − 1 mod (10 ∗ 16) = 0
320 mod 160 = 0
(321 − 1) mod 160 = 0
(107 ∗ 3) = 321 ⇒ d = 107
Maarten Mulders (@mthmulders)#tlsformortals
N , P Q
1.
2. Find d, so that
Pretty hard without knowing and !
As soon as we know , calculating is trivial
(again).
p ∗ q = 299, e = 5
(d ∗ e) − 1 mod (p − 1) ∗ (q − 1) = 0
p q
p = 13, q = 23 d = 317
Maarten Mulders (@mthmulders)#tlsformortals
For big enough and , finding those factors will cost an
eternity!
So we can distribute and even !
p q
p ∗ q e
Maarten Mulders (@mthmulders)#tlsformortals
L "G"
p ∗ q = 187, e = 3, G ⇒ 7
= = 3437
e
7
3
343 mod 187 = 156
Maarten Mulders (@mthmulders)#tlsformortals
L "156"
Since we know and , we can calculatep q d = 107
= ≈ 4.6 ∗156
d
156
107
10
234
mod 187 = 7156
107
7 ⇒ G
Maarten Mulders (@mthmulders)#tlsformortals
 SSL/TLS for Mortals (Devoxx)
N
Client Server
1 ClientHello →
2 ← ServerHello
3 ← Certificate
4 ← ServerKeyExchange
5 ← ServerHelloDone
6 ClientKeyExchange →
7 ChangeCipherSpec →
8 Finished →
9 ← ChangeCipherSpec
10 ← Finished
Maarten Mulders (@mthmulders)#tlsformortals
D
No-one is eavesdropping!
Maarten Mulders (@mthmulders)#tlsformortals
2 S
C
Maarten Mulders (@mthmulders)#tlsformortals
A certificate contains:
Serial Number
Subject
Validity
Usage
Public Key
Fingerprint Algorithm
Fingerprint
Maarten Mulders (@mthmulders)#tlsformortals
But wait... anyone could create a certificate!
So we also need
Signature Algorithm
Signature
Issuer
... and a way to sign certificates.
Maarten Mulders (@mthmulders)#tlsformortals
 SSL/TLS for Mortals (Devoxx)
A signature is a mathematical relationship between a message
, a private key and a public key .
It consists of two functions:
1. signing function
2. verifying function
So, given and and knowing , we can tell if is indeed signed
by .
x sk pk
t = f (sk, x)
[accept, reject] = g(pk, t, x)
x t pk x
sk
Maarten Mulders (@mthmulders)#tlsformortals
3 C
A
Maarten Mulders (@mthmulders)#tlsformortals
An entity that issues digital certificates,
certifying the ownership of a public key
by the subject of the certificate.
Maarten Mulders (@mthmulders)#tlsformortals
I
John
?
Alice
So, who is John, anyway?
Many John's in todays browsers and operating systems!
“I can trust you, because I trust John, and
John trusts Alice, and Alice trusts you.
Maarten Mulders (@mthmulders)#tlsformortals
Top-notch security procedures, including "key ceremonies"
Maarten Mulders (@mthmulders)#tlsformortals
 SSL/TLS for Mortals (Devoxx)
 SSL/TLS for Mortals (Devoxx)
/** intentionally left blank */
Maarten Mulders (@mthmulders)#tlsformortals
W
Google blacklists 247 certificates in Chromium
Microsoft removes the DigiNotar root certificate from all
supported Windows-releases *
Mozilla revokes trust in the DigiNotar root certificate in all
supported versions
Apple issued Security Update 2011-005
Update Certificate Revocation Lists (although these are self-Maarten Mulders (@mthmulders)#tlsformortals
D
Trust (for what it's worth)
Maarten Mulders (@mthmulders)#tlsformortals
T , T T
Maarten Mulders (@mthmulders)#tlsformortals
Simple HTTP client with TLS support:
curl ­v ­k <address>
Troubleshoot trust issues and see certificates being used:
openssl s_client ­showcerts ­servername <address> ­
connect <address>:443
Troubleshoot supported protocols, ciphers, ...:
nmap ­­script ssl­enum­ciphers ­p 443 <address>
Maarten Mulders (@mthmulders)#tlsformortals
JVM S
­Djavax.net.ssl.trustStore=<file>
Denotes where a truststore can be found: a file that contains
trusted certs.
­Djavax.net.ssl.trustStorePassword=changeit
is the password to that file.
Maarten Mulders (@mthmulders)#tlsformortals
JVM S
­Djavax.net.ssl.keyStore=<file>
Denotes where a keystore can be found: a file that contains
public and/or private keys.
­Djavax.net.ssl.keyStorePassword=changeit
is the password to that file.
Maarten Mulders (@mthmulders)#tlsformortals
JVM S
­Djavax.net.debug=ssl[:flag]
Include debug logging for TLS handshake and connections.
Additional flags:
record session sessioncache pluggability plaintext
handshake defaultctx keymanager data packet
keygen sslctx trustmanager verbose
Maarten Mulders (@mthmulders)#tlsformortals
P
Maarten Mulders (@mthmulders)#tlsformortals
P -
1. Don't use SSL!
Use TLS v1.2 or v1.3.
2. Be careful whom you trust!
3. When in doubt, open your toolbox:
openssl, curl, nmap and Portecle
Maarten Mulders (@mthmulders)#tlsformortals
Q
P D
I
Router by unknown author Maarten Mulders (@mthmulders)#tlsformortals
1 of 41

Recommended

SSL/TLS for Mortals (UtrechtJUG) by
SSL/TLS for Mortals (UtrechtJUG)SSL/TLS for Mortals (UtrechtJUG)
SSL/TLS for Mortals (UtrechtJUG)Maarten Mulders
202 views41 slides
SSL/TLS for Mortals (Lockdown Lecture) by
SSL/TLS for Mortals (Lockdown Lecture)SSL/TLS for Mortals (Lockdown Lecture)
SSL/TLS for Mortals (Lockdown Lecture)Maarten Mulders
122 views42 slides
The Ring programming language version 1.7 book - Part 64 of 196 by
The Ring programming language version 1.7 book - Part 64 of 196The Ring programming language version 1.7 book - Part 64 of 196
The Ring programming language version 1.7 book - Part 64 of 196Mahmoud Samir Fayed
9 views10 slides
Guess the distribution by
Guess the distributionGuess the distribution
Guess the distributionRasmus Bååth
402 views111 slides
Getting Started with the Amazon GameOn API - Peter Heinrich by
Getting Started with the Amazon GameOn API - Peter HeinrichGetting Started with the Amazon GameOn API - Peter Heinrich
Getting Started with the Amazon GameOn API - Peter HeinrichAmazon Web Services
786 views59 slides
Ch10 by
Ch10Ch10
Ch10kinnarshah8888
1.3K views20 slides

More Related Content

Similar to SSL/TLS for Mortals (Devoxx)

SSL/TLS for Mortals (JavaLand) by
SSL/TLS for Mortals (JavaLand) SSL/TLS for Mortals (JavaLand)
SSL/TLS for Mortals (JavaLand) Maarten Mulders
58 views41 slides
SSL/TLS for Mortals (GOTO Berlin) by
SSL/TLS for Mortals (GOTO Berlin)SSL/TLS for Mortals (GOTO Berlin)
SSL/TLS for Mortals (GOTO Berlin)Maarten Mulders
236 views41 slides
SSL/TLS for Mortals (JavaOne 2017) by
SSL/TLS for Mortals (JavaOne 2017)SSL/TLS for Mortals (JavaOne 2017)
SSL/TLS for Mortals (JavaOne 2017)Maarten Mulders
325 views38 slides
SSL/TLS for Mortals (DevNexus) by
SSL/TLS for Mortals (DevNexus)SSL/TLS for Mortals (DevNexus)
SSL/TLS for Mortals (DevNexus)Maarten Mulders
213 views39 slides
SSL/TLS for Mortals (JavaZone) by
SSL/TLS for Mortals (JavaZone)SSL/TLS for Mortals (JavaZone)
SSL/TLS for Mortals (JavaZone)Maarten Mulders
105 views42 slides
SSL/TLS for Mortals (JAX DE 2018) by
SSL/TLS for Mortals (JAX DE 2018)SSL/TLS for Mortals (JAX DE 2018)
SSL/TLS for Mortals (JAX DE 2018)Maarten Mulders
245 views40 slides

Similar to SSL/TLS for Mortals (Devoxx)(20)

SSL/TLS for Mortals (GOTO Berlin) by Maarten Mulders
SSL/TLS for Mortals (GOTO Berlin)SSL/TLS for Mortals (GOTO Berlin)
SSL/TLS for Mortals (GOTO Berlin)
Maarten Mulders236 views
SSL/TLS for Mortals (JavaOne 2017) by Maarten Mulders
SSL/TLS for Mortals (JavaOne 2017)SSL/TLS for Mortals (JavaOne 2017)
SSL/TLS for Mortals (JavaOne 2017)
Maarten Mulders325 views
SSL/TLS for Mortals (JAX DE 2018) by Maarten Mulders
SSL/TLS for Mortals (JAX DE 2018)SSL/TLS for Mortals (JAX DE 2018)
SSL/TLS for Mortals (JAX DE 2018)
Maarten Mulders245 views
SSL/TLS for Mortals (Devoxx FR 2018) by Maarten Mulders
SSL/TLS for Mortals (Devoxx FR 2018)SSL/TLS for Mortals (Devoxx FR 2018)
SSL/TLS for Mortals (Devoxx FR 2018)
Maarten Mulders275 views
Beyond php - it's not (just) about the code by Wim Godden
Beyond php - it's not (just) about the codeBeyond php - it's not (just) about the code
Beyond php - it's not (just) about the code
Wim Godden957 views
SSL/TLS for Mortals (Voxxed Days Luxembourg) by Maarten Mulders
SSL/TLS for Mortals (Voxxed Days Luxembourg)SSL/TLS for Mortals (Voxxed Days Luxembourg)
SSL/TLS for Mortals (Voxxed Days Luxembourg)
Maarten Mulders257 views
Beyond php - it's not (just) about the code by Wim Godden
Beyond php - it's not (just) about the codeBeyond php - it's not (just) about the code
Beyond php - it's not (just) about the code
Wim Godden403 views
BSides London 2015 - Proprietary network protocols - risky business on the wire. by Jakub Kałużny
BSides London 2015 - Proprietary network protocols - risky business on the wire.BSides London 2015 - Proprietary network protocols - risky business on the wire.
BSides London 2015 - Proprietary network protocols - risky business on the wire.
Jakub Kałużny395 views
Encrption in mule by Sindhu VL
Encrption in muleEncrption in mule
Encrption in mule
Sindhu VL381 views
Pgp security mule by Sindhu VL
Pgp security   mulePgp security   mule
Pgp security mule
Sindhu VL389 views
Security Theatre - AmsterdamPHP by xsist10
Security Theatre - AmsterdamPHPSecurity Theatre - AmsterdamPHP
Security Theatre - AmsterdamPHP
xsist10740 views
Security Theatre - Benelux by xsist10
Security Theatre - BeneluxSecurity Theatre - Benelux
Security Theatre - Benelux
xsist10712 views
Grokking Grok: Monitorama PDX 2015 by GregMefford
Grokking Grok: Monitorama PDX 2015Grokking Grok: Monitorama PDX 2015
Grokking Grok: Monitorama PDX 2015
GregMefford4.3K views

More from Maarten Mulders

What's cooking in Maven? (Devoxx FR) by
What's cooking in Maven? (Devoxx FR)What's cooking in Maven? (Devoxx FR)
What's cooking in Maven? (Devoxx FR)Maarten Mulders
173 views25 slides
Making Maven Marvellous (Devnexus) by
Making Maven Marvellous (Devnexus)Making Maven Marvellous (Devnexus)
Making Maven Marvellous (Devnexus)Maarten Mulders
149 views13 slides
Making Maven Marvellous (Java.il) by
Making Maven Marvellous (Java.il)Making Maven Marvellous (Java.il)
Making Maven Marvellous (Java.il)Maarten Mulders
146 views13 slides
Making Maven Marvellous (JavaZone) by
Making Maven Marvellous (JavaZone)Making Maven Marvellous (JavaZone)
Making Maven Marvellous (JavaZone)Maarten Mulders
90 views13 slides
Dapr: Dinosaur or Developer's Dream? (v1) by
Dapr: Dinosaur or Developer's Dream? (v1)Dapr: Dinosaur or Developer's Dream? (v1)
Dapr: Dinosaur or Developer's Dream? (v1)Maarten Mulders
132 views42 slides
Dapr: Dinosaur or Developer Dream? (J-Fall) by
Dapr: Dinosaur or Developer Dream? (J-Fall)Dapr: Dinosaur or Developer Dream? (J-Fall)
Dapr: Dinosaur or Developer Dream? (J-Fall)Maarten Mulders
137 views42 slides

More from Maarten Mulders(20)

What's cooking in Maven? (Devoxx FR) by Maarten Mulders
What's cooking in Maven? (Devoxx FR)What's cooking in Maven? (Devoxx FR)
What's cooking in Maven? (Devoxx FR)
Maarten Mulders173 views
Making Maven Marvellous (Devnexus) by Maarten Mulders
Making Maven Marvellous (Devnexus)Making Maven Marvellous (Devnexus)
Making Maven Marvellous (Devnexus)
Maarten Mulders149 views
Making Maven Marvellous (Java.il) by Maarten Mulders
Making Maven Marvellous (Java.il)Making Maven Marvellous (Java.il)
Making Maven Marvellous (Java.il)
Maarten Mulders146 views
Dapr: Dinosaur or Developer's Dream? (v1) by Maarten Mulders
Dapr: Dinosaur or Developer's Dream? (v1)Dapr: Dinosaur or Developer's Dream? (v1)
Dapr: Dinosaur or Developer's Dream? (v1)
Maarten Mulders132 views
Dapr: Dinosaur or Developer Dream? (J-Fall) by Maarten Mulders
Dapr: Dinosaur or Developer Dream? (J-Fall)Dapr: Dinosaur or Developer Dream? (J-Fall)
Dapr: Dinosaur or Developer Dream? (J-Fall)
Maarten Mulders137 views
React in 40 minutes (Voxxed Days Romania) by Maarten Mulders
React in 40 minutes (Voxxed Days Romania) React in 40 minutes (Voxxed Days Romania)
React in 40 minutes (Voxxed Days Romania)
Maarten Mulders93 views
React in 50 minutes (Bucharest Software Craftsmanship Community) by Maarten Mulders
React in 50 minutes (Bucharest Software Craftsmanship Community)React in 50 minutes (Bucharest Software Craftsmanship Community)
React in 50 minutes (Bucharest Software Craftsmanship Community)
Maarten Mulders244 views
React in 50 Minutes (JNation) by Maarten Mulders
 React in 50 Minutes (JNation)  React in 50 Minutes (JNation)
React in 50 Minutes (JNation)
Maarten Mulders143 views
Building a DSL with GraalVM (Oracle Groundbreaker APAC Virtual Tour) by Maarten Mulders
Building a DSL with GraalVM (Oracle Groundbreaker APAC Virtual Tour)Building a DSL with GraalVM (Oracle Groundbreaker APAC Virtual Tour)
Building a DSL with GraalVM (Oracle Groundbreaker APAC Virtual Tour)
Maarten Mulders127 views
Building a DSL with GraalVM (javaBin online) by Maarten Mulders
Building a DSL with GraalVM (javaBin online)Building a DSL with GraalVM (javaBin online)
Building a DSL with GraalVM (javaBin online)
Maarten Mulders221 views
React in 50 Minutes (OpenValue) by Maarten Mulders
React in 50 Minutes (OpenValue) React in 50 Minutes (OpenValue)
React in 50 Minutes (OpenValue)
Maarten Mulders162 views
React in 50 Minutes (DevNexus) by Maarten Mulders
React in 50 Minutes (DevNexus) React in 50 Minutes (DevNexus)
React in 50 Minutes (DevNexus)
Maarten Mulders114 views
Building web applications with React (Jfokus) by Maarten Mulders
Building web applications with React (Jfokus)Building web applications with React (Jfokus)
Building web applications with React (Jfokus)
Maarten Mulders202 views
Building a DSL with GraalVM (CodeOne) by Maarten Mulders
Building a DSL with GraalVM (CodeOne)Building a DSL with GraalVM (CodeOne)
Building a DSL with GraalVM (CodeOne)
Maarten Mulders160 views
Building a DSL with GraalVM (Full Stack Antwerpen) by Maarten Mulders
Building a DSL with GraalVM (Full Stack Antwerpen)Building a DSL with GraalVM (Full Stack Antwerpen)
Building a DSL with GraalVM (Full Stack Antwerpen)
Maarten Mulders169 views
Building a DSL with GraalVM (Devoxx PL) by Maarten Mulders
Building a DSL with GraalVM (Devoxx PL) Building a DSL with GraalVM (Devoxx PL)
Building a DSL with GraalVM (Devoxx PL)
Maarten Mulders253 views

Recently uploaded

The details of description: Techniques, tips, and tangents on alternative tex... by
The details of description: Techniques, tips, and tangents on alternative tex...The details of description: Techniques, tips, and tangents on alternative tex...
The details of description: Techniques, tips, and tangents on alternative tex...BookNet Canada
126 views24 slides
Roadmap to Become Experts.pptx by
Roadmap to Become Experts.pptxRoadmap to Become Experts.pptx
Roadmap to Become Experts.pptxdscwidyatamanew
14 views45 slides
HTTP headers that make your website go faster - devs.gent November 2023 by
HTTP headers that make your website go faster - devs.gent November 2023HTTP headers that make your website go faster - devs.gent November 2023
HTTP headers that make your website go faster - devs.gent November 2023Thijs Feryn
21 views151 slides
Empathic Computing: Delivering the Potential of the Metaverse by
Empathic Computing: Delivering  the Potential of the MetaverseEmpathic Computing: Delivering  the Potential of the Metaverse
Empathic Computing: Delivering the Potential of the MetaverseMark Billinghurst
476 views80 slides
Perth MeetUp November 2023 by
Perth MeetUp November 2023 Perth MeetUp November 2023
Perth MeetUp November 2023 Michael Price
19 views44 slides
DALI Basics Course 2023 by
DALI Basics Course  2023DALI Basics Course  2023
DALI Basics Course 2023Ivory Egg
16 views12 slides

Recently uploaded(20)

The details of description: Techniques, tips, and tangents on alternative tex... by BookNet Canada
The details of description: Techniques, tips, and tangents on alternative tex...The details of description: Techniques, tips, and tangents on alternative tex...
The details of description: Techniques, tips, and tangents on alternative tex...
BookNet Canada126 views
HTTP headers that make your website go faster - devs.gent November 2023 by Thijs Feryn
HTTP headers that make your website go faster - devs.gent November 2023HTTP headers that make your website go faster - devs.gent November 2023
HTTP headers that make your website go faster - devs.gent November 2023
Thijs Feryn21 views
Empathic Computing: Delivering the Potential of the Metaverse by Mark Billinghurst
Empathic Computing: Delivering  the Potential of the MetaverseEmpathic Computing: Delivering  the Potential of the Metaverse
Empathic Computing: Delivering the Potential of the Metaverse
Mark Billinghurst476 views
Perth MeetUp November 2023 by Michael Price
Perth MeetUp November 2023 Perth MeetUp November 2023
Perth MeetUp November 2023
Michael Price19 views
DALI Basics Course 2023 by Ivory Egg
DALI Basics Course  2023DALI Basics Course  2023
DALI Basics Course 2023
Ivory Egg16 views
Voice Logger - Telephony Integration Solution at Aegis by Nirmal Sharma
Voice Logger - Telephony Integration Solution at AegisVoice Logger - Telephony Integration Solution at Aegis
Voice Logger - Telephony Integration Solution at Aegis
Nirmal Sharma31 views
【USB韌體設計課程】精選講義節錄-USB的列舉過程_艾鍗學院 by IttrainingIttraining
【USB韌體設計課程】精選講義節錄-USB的列舉過程_艾鍗學院【USB韌體設計課程】精選講義節錄-USB的列舉過程_艾鍗學院
【USB韌體設計課程】精選講義節錄-USB的列舉過程_艾鍗學院
Five Things You SHOULD Know About Postman by Postman
Five Things You SHOULD Know About PostmanFive Things You SHOULD Know About Postman
Five Things You SHOULD Know About Postman
Postman30 views
handbook for web 3 adoption.pdf by Liveplex
handbook for web 3 adoption.pdfhandbook for web 3 adoption.pdf
handbook for web 3 adoption.pdf
Liveplex22 views
Lilypad @ Labweek, Istanbul, 2023.pdf by Ally339821
Lilypad @ Labweek, Istanbul, 2023.pdfLilypad @ Labweek, Istanbul, 2023.pdf
Lilypad @ Labweek, Istanbul, 2023.pdf
Ally3398219 views
1st parposal presentation.pptx by i238212
1st parposal presentation.pptx1st parposal presentation.pptx
1st parposal presentation.pptx
i2382129 views
Automating a World-Class Technology Conference; Behind the Scenes of CiscoLive by Network Automation Forum
Automating a World-Class Technology Conference; Behind the Scenes of CiscoLiveAutomating a World-Class Technology Conference; Behind the Scenes of CiscoLive
Automating a World-Class Technology Conference; Behind the Scenes of CiscoLive
SAP Automation Using Bar Code and FIORI.pdf by Virendra Rai, PMP
SAP Automation Using Bar Code and FIORI.pdfSAP Automation Using Bar Code and FIORI.pdf
SAP Automation Using Bar Code and FIORI.pdf

SSL/TLS for Mortals (Devoxx)

  • 2. T L S Awesome Sauce, or... Maarten Mulders (@mthmulders)#tlsformortals
  • 3. H Exception in thread "main" javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: at sun.security.ssl.Alerts.getSSLException(Alerts.java:192) at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1949) at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:302) at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:296) at sun.security.ssl.ClientHandshaker.serverCertif cate(ClientHandshaker.java:1506) at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:216) at sun.security.ssl.Handshaker.processLoop(Handshaker.java:979) at sun.security.ssl.Handshaker.process_record(Handshaker.java:914) at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1062) at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1375) at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1403) at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1387) at sun.net. .protocol.https.HttpsClient.afterConnect(HttpsClient.java:559) at sun.net. .protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185) at sun.net. .protocol.http.HttpURLConnection.getInputStream0(HttpURLConnection.java:1512) at sun.net. .protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1440) at sun.net. .protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:254) at it.mulders.maarten.Demo.main(Demo.java:13) Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderExc at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:387) at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:292) at sun.security.validator.Validator.validate(Validator.java:260) at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:324) at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:229) at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:124) at sun.security.ssl.ClientHandshaker.serverCertif cate(ClientHandshaker.java:1488) 13 more Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to f nd valid certif cation path to requested target at sun.security.provider.certpath.SunCertPathBuilder.build(SunCertPathBuilder.java:146) at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:131) at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:280) at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:382) Maarten Mulders (@mthmulders)#tlsformortals
  • 5. 7 L OSI M data unit layers Data Data Data Segments Packets Application  Network Process to Application Presentation  Data Representation  and Encryption Session  Interhost Communication Transport  End­to­End Connections  and Reliability Network  Path Determination and  Host Layers Maarten Mulders (@mthmulders)#tlsformortals
  • 6. H SSL TLS SSL 1.0 never released SSL 2.0 1995 - 2011 (POODLE) SSL 3.0 1996 - 2014 (POODLE) TLS 1.0 1999 - 2011 (BEAST) TLS 1.1 2006 TLS 1.2 2008 TLS 1.3 2018 Maarten Mulders (@mthmulders)#tlsformortals
  • 7. D What's the issue?! Maarten Mulders (@mthmulders)#tlsformortals
  • 8. H 1. public/private key encryption 2. signed certificates 3. certificate authorities Maarten Mulders (@mthmulders)#tlsformortals
  • 9. 1 P P K E Maarten Mulders (@mthmulders)#tlsformortals
  • 12. M 1. Select two prime numbers: 2. Calculate product: 3. Select random number < product: 4. Find d, so that a. b. c. d. p = 11, q = 17 p ∗ q = 187 e = 3 (d ∗ e) − 1 mod (p − 1) ∗ (q − 1) = 0 (d ∗ 3) − 1 mod (10 ∗ 16) = 0 320 mod 160 = 0 (321 − 1) mod 160 = 0 (107 ∗ 3) = 321 ⇒ d = 107 Maarten Mulders (@mthmulders)#tlsformortals
  • 13. N , P Q 1. 2. Find d, so that Pretty hard without knowing and ! As soon as we know , calculating is trivial (again). p ∗ q = 299, e = 5 (d ∗ e) − 1 mod (p − 1) ∗ (q − 1) = 0 p q p = 13, q = 23 d = 317 Maarten Mulders (@mthmulders)#tlsformortals
  • 14. For big enough and , finding those factors will cost an eternity! So we can distribute and even ! p q p ∗ q e Maarten Mulders (@mthmulders)#tlsformortals
  • 15. L "G" p ∗ q = 187, e = 3, G ⇒ 7 = = 3437 e 7 3 343 mod 187 = 156 Maarten Mulders (@mthmulders)#tlsformortals
  • 16. L "156" Since we know and , we can calculatep q d = 107 = ≈ 4.6 ∗156 d 156 107 10 234 mod 187 = 7156 107 7 ⇒ G Maarten Mulders (@mthmulders)#tlsformortals
  • 18. N Client Server 1 ClientHello → 2 ← ServerHello 3 ← Certificate 4 ← ServerKeyExchange 5 ← ServerHelloDone 6 ClientKeyExchange → 7 ChangeCipherSpec → 8 Finished → 9 ← ChangeCipherSpec 10 ← Finished Maarten Mulders (@mthmulders)#tlsformortals
  • 19. D No-one is eavesdropping! Maarten Mulders (@mthmulders)#tlsformortals
  • 20. 2 S C Maarten Mulders (@mthmulders)#tlsformortals
  • 21. A certificate contains: Serial Number Subject Validity Usage Public Key Fingerprint Algorithm Fingerprint Maarten Mulders (@mthmulders)#tlsformortals
  • 22. But wait... anyone could create a certificate! So we also need Signature Algorithm Signature Issuer ... and a way to sign certificates. Maarten Mulders (@mthmulders)#tlsformortals
  • 24. A signature is a mathematical relationship between a message , a private key and a public key . It consists of two functions: 1. signing function 2. verifying function So, given and and knowing , we can tell if is indeed signed by . x sk pk t = f (sk, x) [accept, reject] = g(pk, t, x) x t pk x sk Maarten Mulders (@mthmulders)#tlsformortals
  • 25. 3 C A Maarten Mulders (@mthmulders)#tlsformortals
  • 26. An entity that issues digital certificates, certifying the ownership of a public key by the subject of the certificate. Maarten Mulders (@mthmulders)#tlsformortals
  • 27. I John ? Alice So, who is John, anyway? Many John's in todays browsers and operating systems! “I can trust you, because I trust John, and John trusts Alice, and Alice trusts you. Maarten Mulders (@mthmulders)#tlsformortals
  • 28. Top-notch security procedures, including "key ceremonies" Maarten Mulders (@mthmulders)#tlsformortals
  • 32. W Google blacklists 247 certificates in Chromium Microsoft removes the DigiNotar root certificate from all supported Windows-releases * Mozilla revokes trust in the DigiNotar root certificate in all supported versions Apple issued Security Update 2011-005 Update Certificate Revocation Lists (although these are self-Maarten Mulders (@mthmulders)#tlsformortals
  • 33. D Trust (for what it's worth) Maarten Mulders (@mthmulders)#tlsformortals
  • 34. T , T T Maarten Mulders (@mthmulders)#tlsformortals
  • 35. Simple HTTP client with TLS support: curl ­v ­k <address> Troubleshoot trust issues and see certificates being used: openssl s_client ­showcerts ­servername <address> ­ connect <address>:443 Troubleshoot supported protocols, ciphers, ...: nmap ­­script ssl­enum­ciphers ­p 443 <address> Maarten Mulders (@mthmulders)#tlsformortals
  • 36. JVM S ­Djavax.net.ssl.trustStore=<file> Denotes where a truststore can be found: a file that contains trusted certs. ­Djavax.net.ssl.trustStorePassword=changeit is the password to that file. Maarten Mulders (@mthmulders)#tlsformortals
  • 37. JVM S ­Djavax.net.ssl.keyStore=<file> Denotes where a keystore can be found: a file that contains public and/or private keys. ­Djavax.net.ssl.keyStorePassword=changeit is the password to that file. Maarten Mulders (@mthmulders)#tlsformortals
  • 38. JVM S ­Djavax.net.debug=ssl[:flag] Include debug logging for TLS handshake and connections. Additional flags: record session sessioncache pluggability plaintext handshake defaultctx keymanager data packet keygen sslctx trustmanager verbose Maarten Mulders (@mthmulders)#tlsformortals
  • 40. P - 1. Don't use SSL! Use TLS v1.2 or v1.3. 2. Be careful whom you trust! 3. When in doubt, open your toolbox: openssl, curl, nmap and Portecle Maarten Mulders (@mthmulders)#tlsformortals
  • 41. Q P D I Router by unknown author Maarten Mulders (@mthmulders)#tlsformortals