This material is related at the Security of SSL Service as HTTPS. I used it for my security class at E-government course on the Kookmin university in south Korea.
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...
Mitm(man in the middle) ssl proxy attacks
1. MITM(Man In The Middle) SSL
Proxy attacks on Web https
국민대학교 BIT 전자정부전공
석사과정 Y2015202 안재열
Jae Yeoul Ahn (Jay)
2. INDEX
• 선정이유 및 목적
• SSL/TLS 개요
• SSL 활용
• MITM 개요
• SSL 중간자 공격 원리
• 1) 리다이렉트
• 2) 인증서 위조
• 대응방안
• 사례
• Selected reason and purpose
• SSL/TLS Overview
• Use way of SSL
• MITM Overview
• SSL MITM Principles
• 1) Redirect
• 2) Counterfeit Certificate
• Countermeasures
• case
3. 선정이유 및 목적
Selected reason and purpose
• Almost Korean has one or more smart device.(Smart phone)
• They uses Web Services based on Internet by smart device.
• Web Service is working with HTTP protocol.
• Http has weak-point about security , So Https is coming up.
• Https is advised by Korea Communications Commission.
• But, Gartner has announced HTTPs is main target about Cyber
Attack’s 50%
• 한 사람당 한 개 이상의 스마트폰을 소유 및 사용하고 있다.
• 인터넷 기반의 웹서비스를 많이 이용한다.
• 웹서비스는 http 프로토콜을 사용한다.
• Http는 보안에 취약해, Https가 등장
• Https는 우리나라 방송통신위원회에서 권장기준
• 가트너가 내년(2017년) SSL이 사이버 공격의 50%의 주요 타겟
4. SSL/TLS ?
• (Secure Sockets Layer) SSL was developed by Netscape in 1993 for
secure communication between Web servers and browsers.
• This work at the session layer , it is used to guarantee the security of the
protocol of the FTP , Telnet , Http , including the application layer .
• Since SSL 3.0 standardized, after June 1996, IETF has been standardizing
the TLS protocol.
• SSL (Secure Sockets Layer)은 1993년 웹 서버와 브라우저간의 안전한 통신
을 위해 Netscape에서 개발했다.
• 세션계층에서 적용되며, 응용계층의 FTP, Telnet, Http등의 프로토콜의 안전
성 보장을 위해 사용된다.
• SSL 3.0이 표준화된 이후 IETF는 1996년 6월부터 TLS 프로토콜에 대한 표
준화 작업을 진행하였다.
5. SSL/TLS 동작위치 및 구성요소
SSL / TLS operating position , and components
동작위치
operating position
구성요소
components
6. SSL 동작 과정 (상태)
SSL operation of (state)
SSL은 예비(Pending)상태와 현재(Current)상태가 있다.
예비(Pending)상태는 데이터 암호화를 위한 준비하는 과정.
현재(Current)상태는 데이터 전송을 하는 과정.
There is two SSL‘s state.
One is Pending state for preparing data encryption.
Another is Current state for encrypting data and sending to sender and receiver.
7. SSL 예비상태
SSL Pending state
• SSL 예비상태의 동작은 handshake부터 시작
• handshake는 Full 방식과 Abbreviated 방식 두 가지가 있다.
• Full 방식은 세션수립부터, Abbreviated 방식은 클라이언트와 서버의 세션
이 유지되어 있을 경우 사용한다.
• SSL pending state is begin by handshake.
• There are two way of SSL Pending state as Full, Abbreviated.
• Full way is begin at first connection , Abbreviated is used
on already connecting client and server by session.
9. SSL Hand Shake – full : 1
Client sends Server Client Hello which are information about SSL version,
Cipher suite list, Client Random Number(32byte).
Cipher suite is List about that Client can support and use Symmetric
Cryptographic Technique, Public key Cryptographic Technique and Hash
algorithm.
클라이언트가 서버에게 Client Hello(SSL version, cipher suite list, Client Rando
m(32byte))을 보낸다.
Cipher suite list는 클라이언트가 지원하는 공개키, 대칭키, 해쉬 알고리즘의 목
록을 이야기한다.
10. SSL v3.0 cipher suite
RSA - Public key Cryptographic Technique
AES, DES - Symmetric Cryptographic Technique
SHA, MD5 - Hash
11. TLS 1.2 cipher suite
RSA - Public key Cryptographic Technique
AES, DES - Symmetric Cryptographic Technique
SHA, MD5 - Hash
12. SSL Hand Shake – full : 2
Server send Client Server Hello which are information about SSL version,
Cipher suite list, Client Random Number(32byte) chosen by Server.
※ In case of cross certification, Sever send client message about server
wants client’s certificate.
13. SSL Hand Shake - full
Client create Pre-master with SeverRandom from Server and Client.
After then, Client encrypt Pre-master by Server’s public key in Server’s
Certification and send server it.
※ In case of cross certification, Client send own Certificate
14. SSL Hand Shake - full
Server decrypts a encrypted premaster-secret by server’s private key.
And Client and Server create Master Secret with premaster-secret and cipher
suite info.
And then, Server send Client Finished Message.
16. SSL state
After Sended Finish message, State chage Pending to Current.
In current state.
When Sender send receiver plain Data, Plain Data is Encrypted with Symmetric Key
which is Master-Secret By chipper suite’s Symmetric Cryptographic Technique
chosen at pending write state.
17. SSL 활용
Use way of SSL
I will focus and deal with Https with SSL.
19. Two Ways of HTTPS MITM
Redirect Counterfeit Certificate
20. ARP(Address Resolution Protocol)
- When Host A send Host B some message, (In this situation A only Knows B’s IP
address)
- First Host A check Own ARP cache Table in Network Adopter(OS) to check MAC
Address bound with IP address.
- Second, If there in not Mac address in ARP Table, ARP send All Computer
Message (ARP Request) about who is this IP address? in LAN.(Broadcast)
- Third Host B which has recieved A’s Message send Host A ARP Response
Message with B’s IP address and MAC address.
- Finally Host A update his ARP table and send B some message or data.
22. ARP – Update
- When Host B’s Address is updated, B send All of computer updated information
as New Mac address by broadcast.
- So, Attacker uses this way.
23. ARP – Spoofing
- Attacker uses this way.
- Attacker send A update fake info (IP : Host B / Mac : Attacker)
- Attacker send B update fake info (IP : Host A / Mac : Attacker)
24. ARP – Spoofing
- So, Attacker can sniff and see information between A and B.
26. DNS Table
• When I get on the
kmu.kookmin.ac.kr,
• First, Find record in my
DNS Table in PC.
• IF there is not info, get it
from DNS Server. And
update it.
• After find out IP, use ARP
Table and connect the
website.
27. DNS Attack
• Attacker change and update target sites ip on ARP
Table.
• If target site is located at outside(WAN), Client
have to pass through Gateway.
• Usually, almost web site is located at outside.
• So, Attacker change Gateway Mac Address in
Client ARP Table. Before Stilling a Client’s authority
28. Scenario
When We get on the internet.(facebook)
URI IP
Facebook.
com
123.
123
llll.Com 333.
ERPsys.kr 123.
123
DNS
Server
123.
123
IP MAC
123.12
3.0.1
Aacc
123.12
3.0.122
Bbb
123.12
3
Ab:ab
…. ….
ARP TableDNS Table
Facebook.com
Destination MAC
address
Source MAC
address
Destination IP
address
Source IP
address
Login infomation
GateWay
IP:111.111.111.111
MAC Aacc
DNS Server
123.123
Ab:ab
30. Scenario
When We get on the internet.(facebook)
URI IP
Facebook.
com
123.
123
llll.com 333.
ERPsys.kr 111.
111
DNS
Server
111.
111
IP MAC
123.12
3.0.1
Hh:hh:
hh
123.12
3.0.122
Bbb
….. Abab
…. ….
ARP TableDNS Table
Facebook.com
Destination MAC
address
Source MAC
address
Destination IP
address
Source IP
address
Login infomation
GateWay
IP:111.111.111.111
MAC Aacc
Hacker‘s
IP:111.111.0.11~12
MAC hh:hh:Hh
DNS Server
123.123
Ab:ab
In
Side
Out
Side
35. Redirect
Redirect Attack induce to use Http and get on the fake login web.
So, Attacker can get a User’s ID, Password.
Attack will use a this account info to login target website and redirect.
User can not realize this.
36. Counterfeit Certificate
This way is that Attacker make a fake Certificate and give client this.
So, Attacker can get a User’s ID, Password. Attack will use a this account info to login
target website and redirect.
40. Countermeasures
• Web-Programmer
• When Developing Web-Site, use HSTS.
• HSTS (Http Strict Tansport Security) has been
defined in RFC-6797 , and was designated as a
standard in 2012 .
• The use of HSTS even if you enter the http address
in the browser, automatically to get on a page that
uses Https. (protecting from SSL-Strip attack.
41. Case - china
• Damage caused to the local level (Local city) in China in 2014
• August , SSL certificate error connecting to your Google page in the CERNET network , HTTPS
communication has changed from a TLSv2 TLSv1
• September 30 , Yahoo China page SSL MITM attacks
• October 2 to 6 , MS of cn.bing.com, login.live.com, outlook.com page SSL MITM attack , the DNS
part of the area being infected
• October 20 , Yahoo China page SSL MITM attacks
• October 21 , iCloud server SSL MITM attacks
46. France - Google
In 2013, France Government issues Fake digital certificate.
So Google blocked service. because they thinks it is incident and attack to our
service.
Also, Some People think that France Government tried to monitor user using
GoogleServiece.
But Fance Governments Say It is Just Human Error. We did not try monitoring.
47. Case - Korea
I can not find accident and Incident Korean case.
I guess, They don’t want to notify it.
So I can tell the interested case.
There is Smart Fridge in korea. This is can use
Google Mail with SSL.
But English White Hacker team find out SSL
week point at this fridge. and they success to
still G-mail account infomatin from fridge.
Good afternoon.
The topic of my presentation today is MITM(Man In The Middle) SSL Proxy attacks on Web https.
This is my presentation Index.
The presentation will focus on Why, How, Where.
These are reason and purpose.
Almost Korean has one or more smart device.(Smart phone)
They uses Web Services based on Internet by smart device.
Web Service is working with HTTP protocol.
Http has weak-point about security , So Https is coming up.
Https is advised by Korea Communications Commission.
But, Gartner has announced HTTPs is main target about Cyber Attack’s 50%
Do you know What is SSL?
SSL/TLS is this.
(Secure Sockets Layer) SSL was developed by Netscape in 1993 for secure communication between Web servers and browsers.
This work at the session layer , it is used to guarantee the security of the protocol of the FTP , Telnet , Http , including the application layer .
Since SSL 3.0 standardized, after June 1996, IETF has been standardizing the TLS protocol.
SSL is located between L3 with L4 in OSI7 Layer.
This is components.
So Now We can understand that Where it is located at.
Now let’s move on to How to work.
Let’s begin with State of SSL.
There is two SSL‘s state.
One is Pending state for preparing data encryption.
Another is Current state for encrypting data and sending to sender and receiver.
So, Sender using the SSL send encrypted data on current state after pending write state.
Now let’s move on Pending state.
SSL pending state is begin by handshake.
There are two way of SSL Pending state as Full, Abbreviated.
Full way is begin at first connection , Abbreviated is used on already connecting client and server by session.
This is Overview of SSL Hand Shake. Full way.
Let’s move on how to work.
First .
Client sends Server Client Hello which are information about SSL version, Cipher suite list, Client Random Number(32byte).
Cipher suite is List about that Client can support and use Symmetric Cryptographic Technique, Public key Cryptographic Technique and Hash algorithm.
This picture is shown Cipher suite.
Already you know,
RSA - Public key Cryptographic Technique
AES, DES - Symmetric Cryptographic Technique
SHA, MD5 - Hash
This is type of TSL’s cipher suite.
Second, Server send Client Server Hello which are information about SSL version, Cipher suite list, Client Random Number(32byte) chosen by Server.
If, SSL is used In case of cross certification, Sever send client message about server wants client’s certificate.
Server는 Server Hello를 Client에게 전달한다. Server Hello는 서버의 인증서(x.509)와 함께 클라이언트와 해당 세션에서 사용 할 Cipher suite 정보, Server Random(32byte), 클라이언트의 인증서 요청으로 구성되어있다.
※상호인증의 경우, 클라이언트의 인증서 요청 정보 전송.
Third, Client create Pre-master with SeverRandom from Server and Client.
After then, Client encrypt Pre-master by Server’s public key in Server’s Certification and send server it.
If client received client message about server wants client’s certificate, Client sent sever client’s certificate.
클라이언트는 전달받은 ServerRandom과 이미 가지고 있는 Client Random을 가지고 Pre-master를 생성한뒤, 서버의 인증서에 있는 공개키로 암호화하여 서버에게 전송한다.
※상호인증이 요청이 온 경우, 클라이언트의 인증서도 함께 전송
Finally, Server decrypts a encrypted premaster-secret by server’s private key.
And Client and Server create Master Secret with premaster-secret and cipher suite info.
And then, Server send Client Finished Message.
서버는 암호화된 premaster-secret를 복호화 하여 알 수 있다.
서로 알고 있는 premaster-secret를 가지고 서로 약속한 Cipher suite의 방식들로 master secret를 생성한다.
생성이 완료되면, 서버는 클라이언트에게 완료정보를 전송한다.
This is way of Making Master Secret.
After Sended Finish message, State chage Pending to Current.
In current state.
When Sender send receiver plain Data, Plain Data is Encrypted with Symmetric Key which is Master-Secret By chipper suite’s Symmetric Cryptographic Technique chosen at pending write state.
완료 메시지를 보내고 나면, 상태는 current write state로 변경되고.
서로 생성한 Master-secret 을 대칭키로 사용하면 된다.
메시지는 Master-Secret으로 암호화하여 통신하고, 무결성은 MAC.
을 통해 보장한다
Symmetric Key
This is Use way of ssl
I will deal with https.
Before deal with Https. Let’s talk about MITM.
MITM is Man in the middle attack.
There is attacker.
User1’s computer think attacker is User 2.
User2’s computer think attacker is User 1.
Attacker just send and resend User1 and User2 massege. and, he can read and take it.
These are MITM related HTTPS.
On is redirect. And one is counterfeit certificate.
Before we talk about theses, We have to know ARP, DNS and ARP Spoofing.
This is ARP/
When Host A send Host B some message, (In this situation A only Knows B’s IP address)
First Host A check Own ARP cache Table in Network Adopter(OS) to check MAC Address bound with IP address.
Second, If there in not Mac address in ARP Table, ARP send All Computer Message (ARP Request) about who is this IP address? in LAN.(Broadcast)
Third Host B which has recived A’s Message send Host A ARP Response Message with B’s IP address and MAC address.
Finally Host A update his ARP table and send B some message or data.
This is My ARP table in lab my PC.
This is ARP UPdate.
When Host B’s Address is updated, B send All of computer updated information as New Mac address by broadcast.
So, Attacker uses this way.
Lets move on How to attack.
Attacker uses this way.
Attacker send A update fake info (IP : Host B / Mac : Attacker)
Attacker send B update fake info (IP : Host A / Mac : Attacker)
So, Attacker can sniff and see information between A and B
This is DNS.
Do you know DNS?
DNS translate from Domain Name such as www.facebook.com to IP address.
Every computer has a DNS Table.
When I get on the kmu.kookmin.ac.kr,
First, Find record in my DNS Table in PC.
IF there is not info, get it from DNS Server. And update it.
After find out IP, use ARP Table and connect the website.
Attacker change and update target sites ip on ARP Table.
If target site is located at outside(WAN), Client have to pass through Gateway.
Usually, almost web site is located at outside.
So, Attacker change Gateway Mac Address in Client ARP Table. Before Stilling a Client’s authority
This is Scenario.
when a man try to login at facebook.com.
First input facebook.com on the web browser.
Second, computer find ip address at the DNS table, If there is not facebook.com’s address, it take a address from dns server.
Third client computer find a mac address at ARP table.
In this case, Mac is for Gateway, because Facebook server is located at other network.
Finally, client computer sent gateway frame which has Login information.
So Gateway is vest target for attacker to still info moving to other network.
So, Attacker attacks DNS Table for InSide attack and ARP table for taking data going to outside.
I will only deal with Ouside case.
This is Our printer PC’s ARP table.
This is My PC’s ARP table
I tried to attack Printer Pc form my PC.
Printer PC APR table is contaminated
So, Now We can ready to understand SSL MITM Attack.
Let’s start Redirect Attack.
Redirect Attack induce to use Http and get on the fake login web. So, Attacker can get a User’s ID, Password.
Attack will use a this account info to login target website and redirect.
This way is that Attacker make a fake Certificate and give client this.
So, Attacker can get a User’s ID, Password. Attack will use a this account info to login target website and redirect.
I will talk about How to do after Case part.
Countermeasures.
User have to Check HTTPS. NO HTTP.
And When you meet this, tell manger and don’t use or get on this site.
Administrators should check to see unusual part of our ARP table, DNS cache.
- Check the network traffic to detect malicious behavior .
관리자는 ARP table, DNS 캐쉬를 확인해보고 비정상적인 부분을 확인한다.
네트워크 트래픽을 확인하여 악의적인 행위를 탐지한다.
This is one of network traffic check tool.
웹 개발자는 HSTS를 사용 할 수 있도록 한다.
HSTS(Http Strict Tansport Security)는 RFC-6797에 정의되어 있으며 2012년 표준으로 지정되었다. HSTS를 사용하게 되면 사용자가 브라우저에 http 주소를 입력하더라도 Https를 사용하는 페이지로 자동으로 연결되어 SSL-Strip과 같은 MITM 공격을 사전에 방지할 수 있다. (즉, Client 레벨에서 HTTPS 사용을 강제하게 된다)
중국 2014년에 지역단위로 피해 발생
8월, CERNET망에서 접속하는 Google 페이지에 SSL 인증서 오류 발생, HTTPS 통신이 TLSv2에서 TLSv1으로 변경됨
9월 30일, Yahoo중국 페이지 SSL MITM 공격
10월 2일~6일, MS의 cn.bing.com, login.live.com, outlook.com 페이지 SSL MITM 공격, 부분 지역에서는 DNS도 감염됨
10월 20일, Yahoo 중국 페이지 SSL MITM 공격
10월 21일, iCloud 서버 SSL MITM 공격
This is live.
프랑스 정부 ANSSI(Agence nationale de la securite des systemes d'information)는 2013년 일부 도메인에 가짜 디지털 인증서를 발급했다. 구글은 이런 사실을 발견하고 차단하였다. ANSSI는 성명서를 통해 “가짜 인증서 발급은 ‘사람의 부주의(human error)’에서 비롯된 것이며, IT 보안을 강화하는 과정에서 발생했다”며, “이로 인해 프랑스 정부나 일반 대중에 미치는 영향은 없을 것”이라고 밝혔지만, 구글은 이를 심각한 보안 침해 사고로 규정지었다.