Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

SSL/TLS for Mortals (Voxxed Days Luxembourg)

140 views

Published on

Slides for my Voxxed LU talk on SSL/TLS.

Published in: Software
  • Be the first to comment

  • Be the first to like this

SSL/TLS for Mortals (Voxxed Days Luxembourg)

  1. 1. SSL/TLS FOR MORTALS @mthmuldersmaartenm@infosupport.com
  2. 2. WHY BOTHER? Using SSL/TLS correctly is o en hard to achieve ...and understand! Crucial for secure connection between systems Globally deployed (intra-)cloud applications
  3. 3. data unit layers Data Data Data Segments Packets Frames Bits Application  Network Process to Application Presentation  Data Representation  and Encryption Session  Interhost Communication Transport  End­to­End Connections  and Reliability Network  Path Determination and  Logical Addressing (IP) Data Link  Physical Addressing  (MAC and LLC) Physical  Media, Signal and  Binary Transmission Host LayersMedia Layers  
  4. 4. DEMO TIME! What's the issue?
  5. 5. HOW TO PREVENT THIS? 1. public/private key encryption 2. signed certificates 3. certificate authorities
  6. 6. SSL 1.0 never released SSL 2.0 1995 - POODLE (2011) SSL 3.0 1996 - POODLE (2014) TLS 1.0 1999 - BEAST (2011) TLS 1.1 2006 TLS 1.2 2008 TLS 1.3 dra
  7. 7. PUBLIC/PRIVATE KEY ENCRYPTION
  8. 8.  
  9. 9. Math time! p = 11, q = 17 // two prime numbers modulus = 187 // p * q e = 3 // random number between 1 and modulus // find d, so that (d * e) - 1 % (p - 1) * (q - 1) is zero 320 % 160 = 0 (321 - 1) % (10 * 16) = 0 (107 * 3) = 321 → d = 107 Note that d varies with e: e = 7 // find d, so that (d * e) - 1 % (p - 1) * (q - 1) is zero 1280 % 160 = 0 (1281 - 1) % (10 * 16) = 0 (183 * 7) = 1281 → d = 183
  10. 10. Now, what if and are unknown?p q p = 13 // prime number q = 23 // prime number modulus = 299 // p * q e = 5 // random number between 1 and modulus // find d, so that (d * e) - 1 % (p - 1) * (q - 1) is zero 1584 % 264 == 0 (1585 - 1) % (12 * 22) = 0 (317 * 5) = 1585 → d = 317 Turns out this is pretty hard!
  11. 11. For big enough and , finding those factors will cost an eternity! p q So we can distribute ( p * q ) and even e!
  12. 12. d = 107 LET'S ENCRYPT THE LETTER 'G' G → 7 7e → 73 → 343 343 % 187 → 156 LET'S DECRYPT THE MESSAGE '156' 156107 → 4.6 * 10234 156107 % 187 → 7 7 → G
  13. 13.  
  14. 14. Negotiating a secure connection Client   Server 1 ClientHello →   2   ← ServerHello 3   ← Certificate 4   ← ServerKeyExchange 5   ← ServerHelloDone 6 ClientKeyExchange →   7 ChangeCipherSpec →   8 Finished →   9   ← ChangeCipherSpec 10   ← Finished
  15. 15. DEMO TIME! No-one is eavesdropping!
  16. 16. SIGNED CERTIFICATES
  17. 17. Certificate contents Serial Number Subject Validity Usage Public Key Fingerprint Algorithm Fingerprint
  18. 18. But wait... anyone could create a certificate! So we also need Signature Algorithm Signature Issuer ... and a way to sign stuff
  19. 19.  
  20. 20. A is a mathematical relationship between a message , a private key and a public key . signature x sk pk   It consists of two functions: 1. signing function 2. verifying function t = f (sk, x) [accept, reject] = g(pk, t, x)   So, given x and t and knowing pk, we can tell if x is indeed signed by sk.
  21. 21. CERTIFICATE AUTHORITIES
  22. 22. An entity that issues digital certificates, certifying the ownership of a public key by the subject of the certificate.
  23. 23. "I can trust you, because I trust John, and John trusts Alice, and Alice trusts you" I John ? Alice Who knows who "John" is? Many "John"'s in todays browsers and operating systems!
  24. 24. Top-notch security procedures, including "key ceremonies" And yet...
  25. 25. FAIRYTALE TIME! Once upon a time, a Dutch certificate authority named DigiNotar was living happily and carefree in the town of Beverwijk. But on a bad day, evil hurt it... Real hard.
  26. 26. An attacker compromised a webserver of DigiNotar due to a vulnerability that is present within the DotNetNuke so ware. DotNetNuke version 4.8.2.0 is installed on host winsrv119. This version is affected by a file upload vulnerability.
  27. 27. Due to the weak security of Windows passwords it must be assumed that the attacker was able to compromise the passwords [...] of the accounts found on the system. On the system, [...] the domain administrator account [...] is present.
  28. 28. The attacker was able to traverse the infrastructure and obtain access to at least two CA's that were used to generate certificates.
  29. 29. <!-- intentionally le blank -->
  30. 30. Google blacklists 247 certificates in Chromium Microso removes the DigiNotar root certificate from all supported Windows-releases * Mozilla revokes trust in the DigiNotar root certificate in all supported versions Apple issued Security Update 2011-005   Update Certificate Revocation Lists (except these are self-signed)
  31. 31. DEMO TIME! Trust (for what it's worth)
  32. 32. TOOLS curl -v -k <address> openssl s_client -showcerts -servername <address> -connect <address>:443
  33. 33. Denotes where a can be found: a file that contains . is the password to that file. JVM SETTINGS (1) -Djavax.net.ssl.trustStore=<file> truststore trusted certs -Djavax.net.ssl.trustStorePassword=...
  34. 34. Denotes where a can be found: a file that contains . is the password to that file. JVM SETTINGS (2) -Djavax.net.ssl.keyStore=<file> keystore private keys -Djavax.net.ssl.keyStorePassword=...
  35. 35. Include debug logging for TLS handshake and connections. JVM SETTINGS (3) -Djavax.net.debug=all
  36. 36. Portecle
  37. 37. SO LONG AND THANKS FOR ALL THE FISH IMAGE ATTRIBUTIONS Beverwijk by @ .Gerard Hogervorst Wikimedia Commons

×