#MoreCrypto 
A small step to make it harder 
to listen to IP based activity. 
V1.8 TLS - oej@edvina.net - slideshare.net/o...
The problem 
We have built an information network 
that is too easy to monitor. We simply 
trusted everyone too much in a ...
The Internet mirrors society 
When the Internet was small, there was a select group 
of people using it. They felt is was ...
As the Internet grew and reflects more of society, 
we forgot to harden it. It’s time now. 
#MoreCrypto
The engineers are working 
The IETF is the organisation that defined 
most of the standards we use today to 
The IETF rece...
What’s the problem?
Changing the Internet 
is too hard. 
We are not using the 
security tools we have in the 
way they are meant to be 
used t...
How do we change? 
The users must require change. Otherwise, 
very few things happen. It is up to you and me. 
#MoreCrypto
What needs to be done? 
More crypto Easy to use authentication 
Enhanced privacy Stronger confidentiality 
A lot of change...
TLS is an important tool 
#MoreCrypto 
TLS 
Transport 
Layer 
Security 
TLS provides confidentiality, identity 
and integr...
Start simple. 
Use connection encryption 
wherever possible. 
Use HTTPS and serve 
information over HTTPS 
#MoreCrypto 
In...
Why? 
More crypto on the Internet 
raise the cost of listening in to 
our information flows, our 
conversations. It does n...
Starting points. 
Enable HTTPS for Facebook, 
Google and other services 
when you can. 
Use EFF HTTPS ANYWHERE 
in your we...
What does TLS give you? 
Browser Confidential path Server 
Other people in the same network (or IT management) 
can see wh...
What about VPN tunnelling? 
Computer Confidential path 
Example: Other people in the same 
network (or IT management) 
can...
The work continues 
#MoreCrypto 
Mobile 
apps 
Web 
IP 
Telephony 
E-mail 
Cloud 
Services 
Internet of 
things 
The Digit...
NEW! 
OPPURTUNISTIC 
SECURITY 
Secure network traffic, regardless of what the user says. 
Do whatever you can to make it h...
Introduction to TLS 
Transport Layer Security 
#MoreCrypto
Security basics. 
#MoreCrypto 
Identity 
Confidentiality 
Authorization 
Integrity 
Non-repudiation
TLS is an important tool 
#MoreCrypto 
TLS 
Transport 
Layer 
Security 
TLS provides confidentiality, identity 
and integr...
Encryption 
SYMMETRIC ASYMMETRIC 
Using the same key for 
encryption and decryption 
Using the different keys for 
encrypt...
Using a private 
and a public key 
• TLS use a keypair to set up a secure connection 
• Assymetric encryption 
• The serve...
TLS Usage 
• TLS is used for 
• authentication of servers and 
clients 
• initiating encryption of a session 
• digital si...
Adding a certificate 
to the mix 
• A certificate is nothing more complicated than a 
passport or an ID card 
• It contain...
The X.509v3 certificate 
• An X.509 certificate is the standardised way to 
bind a public key to an identity 
• The certif...
X509.v3 
contents 
• Version number 
• Certificate serial number 
Used for validation 
• Identity of the issuer 
• Validit...
Example: SIP certificates 
• SubjectAltName contains a list of 
identities that are valid for this 
certificate 
• RFC 592...
x.509 cert for SIP 
Certificate: 
Data: 
Version: 3 (0x2) 
Serial Number: 
01:08:00:79:00:15:00:43 
Signature Algorithm: s...
Process for a server 
Generate 
Keys 
Pack public key 
in CSR 
Send CSR 
to CA 
CA validate 
process 
CA issues 
Certifica...
Client connection 
Open TCP 
connection 
Server sends 
certificate 
Client 
challenge server 
Server answers 
challenge 
C...
Issues 
Certificate can validate correctly 
with the CA store, but still be the 
wrong certificate. 
Certificate private k...
Protocol specifics 
• Given a protocol request - how do we match the 
request address to a certificate 
• SIP Uri, E-mail ...
TLS and SSL 
SSL v1.0 - 2.0 
Created by Netscape 
Communications 
Deemed insecure. 
SSL v3.0 
Last version. No support for...
Man in the middle 
Client MITM Server 
• How do we prevent and discover TLS proxys? 
• Quite commonly used
Certificate Fingerprinting 
Certificates have a fingerprint, a 
checksum of the cert and key. 
Embed last, current and nex...
Trust on first use 
Save certificate fingerprint on 
first connection 
If another certificate shows up, 
warn the user 
Do...
DANE - using DNSsec 
Save cert in DNS, signed by 
Client DNS 
DNS query 
Client Server 
#MoreCrypto 
DNSsec 
If another ce...
User specifics 
• Which CAs do we trust? 
• How do we check validity of certificate, even if 
we trust the CA? 
• Do we ha...
New solutions 
• Anchoring the certificate in DNS 
• Validating the certificate in DNS 
• No certificate - bare keys 
• Op...
Advice: 
• Use encrypted communication by default 
• Authenticated sessions are better than non-authenticated 
• If you re...
Heartbleed 
• Programming error in OpenSSL 
• OpenSSL is used in too many 
places 
• Opened up for private key 
distributi...
Security is a process 
• There will be other issues with 
TLS libraries, protocols and 
implementations 
• Having these is...
To-do list 
Always build secure platforms. Encrypt all communication. 1. 
Integrate IPv6 in every single project. 2. 
Sign...
The way forward: 
#MoreCrypto
More information 
http://www.internetsociety.org/deploy360/tls/ 
https://bettercrypto.org 
http://tools.ietf.org/html/rfc7...
Join us! 
• IETF peerpass mailing list, UTA working group 
and more. 
• Hashtag #MoreCrypto 
• http://internetsociety.org
#MoreCrypto 
Feedback? 
• Feedback and suggestions for improvements to this presentation is 
more than welcome! Send to oe...
Upcoming SlideShare
Loading in …5
×

#Morecrypto 1.8 - with introduction to TLS

1,397 views

Published on

We need to protect our Internet communication - from basic web surfing to IP telephony, E-mail and Internet of things. This presentation gives some background and introduces one of the core security protocols - TLS, Transport Layer Security. This presentation is licensed under the Creative Commons Attribution-ShareAlike 4.0 International License.

Update: See http://www.slideshare.net/oej/morecrypto-with-tis-version-20

Published in: Technology, Education
0 Comments
3 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
1,397
On SlideShare
0
From Embeds
0
Number of Embeds
80
Actions
Shares
0
Downloads
14
Comments
0
Likes
3
Embeds 0
No embeds

No notes for slide

#Morecrypto 1.8 - with introduction to TLS

  1. 1. #MoreCrypto A small step to make it harder to listen to IP based activity. V1.8 TLS - oej@edvina.net - slideshare.net/oej Ⓒ Olle E. Johansson, Stockholm, Sweden 2014. This work is licensed under 2014-02-09
  2. 2. The problem We have built an information network that is too easy to monitor. We simply trusted everyone too much in a naive way. Sadly, we can’t do that any more.
  3. 3. The Internet mirrors society When the Internet was small, there was a select group of people using it. They felt is was a safe place. #MoreCrypto
  4. 4. As the Internet grew and reflects more of society, we forgot to harden it. It’s time now. #MoreCrypto
  5. 5. The engineers are working The IETF is the organisation that defined most of the standards we use today to The IETF recently decided to focus a lot of energy to add more confidentiality and security in general to the technology we use every day. communicate. #MoreCrypto
  6. 6. What’s the problem?
  7. 7. Changing the Internet is too hard. We are not using the security tools we have in the way they are meant to be used today. In some cases, like e-mail and IP telephony, most of us do not use any security tools at all. #MoreCrypto
  8. 8. How do we change? The users must require change. Otherwise, very few things happen. It is up to you and me. #MoreCrypto
  9. 9. What needs to be done? More crypto Easy to use authentication Enhanced privacy Stronger confidentiality A lot of changes needs to be done in how we build services, operate them and use them. #MoreCrypto …and much more
  10. 10. TLS is an important tool #MoreCrypto TLS Transport Layer Security TLS provides confidentiality, identity and integrity to Internet communication. TLS is used in HTTPS:// web pages, but can also be used from applications on a computer as well as a cell phone. TLS is based on SSL, that was a provider-specific technology. TLS is maintained by the IETF and is still being improved. The second part covers this!
  11. 11. Start simple. Use connection encryption wherever possible. Use HTTPS and serve information over HTTPS #MoreCrypto In short: #MoreCrypto
  12. 12. Why? More crypto on the Internet raise the cost of listening in to our information flows, our conversations. It does not solve all the issues, we have a lot of work #MoreCrypto ahead of us. Using more TLS is not very complicated and can be used in most applications today.
  13. 13. Starting points. Enable HTTPS for Facebook, Google and other services when you can. Use EFF HTTPS ANYWHERE in your web browser. If you are a sysadmin, enable TLS and follow new advice on choice of algorithms. #MoreCrypto
  14. 14. What does TLS give you? Browser Confidential path Server Other people in the same network (or IT management) can see where you go (server address), but not what you do. #MoreCrypto Example: Hotel staff can’t see what you write or read on Facebook.
  15. 15. What about VPN tunnelling? Computer Confidential path Example: Other people in the same network (or IT management) can see that you are using a VPN, VPN server #MoreCrypto but not what you do. Web Server Mail Server VPN = Virtual private network On the other side of the VPN server your connections become visible again - unless you are using TLS. Example: Hotel staff can’t see which web sites you are connecting to.
  16. 16. The work continues #MoreCrypto Mobile apps Web IP Telephony E-mail Cloud Services Internet of things The Digital home Chat Video Services Require #MoreCrypto!
  17. 17. NEW! OPPURTUNISTIC SECURITY Secure network traffic, regardless of what the user says. Do whatever you can to make it harder to listen in.
  18. 18. Introduction to TLS Transport Layer Security #MoreCrypto
  19. 19. Security basics. #MoreCrypto Identity Confidentiality Authorization Integrity Non-repudiation
  20. 20. TLS is an important tool #MoreCrypto TLS Transport Layer Security TLS provides confidentiality, identity and integrity to Internet communication. TLS is used in HTTPS:// web pages, but can also be used from applications on a computer as well as a cell phone. TLS is based on SSL, that was a provider-specific technology. TLS is maintained by the IETF and is still being improved.
  21. 21. Encryption SYMMETRIC ASYMMETRIC Using the same key for encryption and decryption Using the different keys for encryption and decryption Simple for the CPU, supports streaming data More computations, easier for data blocks #MoreCrypto
  22. 22. Using a private and a public key • TLS use a keypair to set up a secure connection • Assymetric encryption • The server sends the public key at connection • The client challenges the server • The server responds to the challenge using the server private key • Now the client knows that the server has the private key that matches the public key private
  23. 23. TLS Usage • TLS is used for • authentication of servers and clients • initiating encryption of a session • digital signatures on messages to ensure integrity and provide authentication Authentication Who are you? Prove it! Encryption Providing confidentiality Integrity Making sure that the receiver get what the sender sent
  24. 24. Adding a certificate to the mix • A certificate is nothing more complicated than a passport or an ID card • It contains the public key and some administrative data • And is signed (electronically) by someone you might trust ... or not. • This is part of the complex structure called PKI, which you might want or just disregard • A PKI is not needed to get encryption for the signalling path! • You can however use a PKI to only set up connections that you trust
  25. 25. The X.509v3 certificate • An X.509 certificate is the standardised way to bind a public key to an identity • The certificate is issued by a Certification Authority (CA) • The most important component of the PKI? • An X.509 certificate is an electronic document with a specific layout ! • Standard: documented in IETF PKIX RFC:s Version Serial number Issuer identity Validity period User identity Public key Extension fields
  26. 26. X509.v3 contents • Version number • Certificate serial number Used for validation • Identity of the issuer • Validity period • Identity of the public key owner • Public key • Extension fields • A digital signature, created by the issuer Internet Explorer Certificate Manager
  27. 27. Example: SIP certificates • SubjectAltName contains a list of identities that are valid for this certificate • RFC 5922 outlines a SIP event package to distribute and manage certificates • This is based on the Authentication Service in SIP identity (RFC 4474) • The domain cert is used to sign the NOTIFY payload TLS is more than the world wide web!
  28. 28. x.509 cert for SIP Certificate: Data: Version: 3 (0x2) Serial Number: 01:08:00:79:00:15:00:43 Signature Algorithm: sha1WithRSAEncryption Issuer: C=US, ST=California, L=San Jose, O=sipit, OU=Sipit Test Certificate Authority Validity Not Before: Sep 16 17:17:00 2009 GMT Not After : Sep 15 17:17:00 2012 GMT Subject: C=US, ST=California, L=San Jose, O=sipit, CN=tls6.test.sipit.net Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public Key: (2048 bit) Modulus (2048 bit): 00:a7:96:65:6e:b6:ba:3a:48:a1:bd:a3:ae:21:dc: a8:92:97:3c:43:ea:24:e6:9f:93:2f:61:7e:d3:2d: 30:1e:21:42:b9:d6:59:87:f1:b1:f8:c8:39:8e:43: 64:9a:31:2c:18:3d:cd:d8:03:64:bb:14:38:44:05: 20:30:d8:e1:db:a7:4d:c3:47:a2:49:73:d1:10:ed: 2f:cf:74:26:57:91:64:af:b0:f2:5d:3f:88:9f:df: 65:6c:ba:65:3f:66:99:52:6b:20:d2:0e:e3:65:18: b1:8e:3d:ca:f2:4a:45:c5:4d:85:ef:82:54:f8:54: 54:db:96:90:9b:c5:1b:2a:1e:60:3c:43:71:55:60: 30:93:8f:fd:d8:d9:3d:a1:32:e3:56:4b:e2:73:b6: cc:18:93:8a:d8:8b:68:81:c7:fd:cd:d5:dc:4c:a2: 86:61:9f:ad:d0:b1:d3:3c:4c:6c:07:54:b2:43:b4: a7:0a:0a:f2:e3:6d:12:43:16:70:63:c9:e9:1a:78: 66:9d:ee:30:94:7b:ab:f2:e9:67:4a:66:6d:8c:ed: a8:a4:98:51:77:0b:a7:60:55:73:85:87:4a:57:6b: 24:fe:27:00:02:79:70:da:5a:45:ad:aa:3d:d5:40: 5b:5c:85:63:93:56:af:c7:e8:e3:b6:1a:25:b6:a2: 2d:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Alternative Name: DNS:test.sipit.net, DNS:tls6.test.sipit.net, URI:sip:tls6.test.sipit.net X509v3 Basic Constraints: CA:FALSE X509v3 Subject Key Identifier: 27:F7:A9:96:F5:B2:8F:0B:5E:A9:C7:F5:0F:AC:3D:AB:3D:8D:F0:30 Signature Algorithm: sha1WithRSAEncryption 1a:fe:1f:af:86:99:82:e5:14:97:8d:64:9a:d1:5c:ea:6c:96: f5:c6:0c:7d:20:5f:4e:70:05:24:3a:de:b5:b9:cf:66:8d:4c: 74:d5:6a:a9:52:74:17:bc:b4:79:a0:58:32:78:a9:70:7c:6a: 15:ac:07:29:77:13:06:55:53:3f:0b:4c:3d:da:55:6e:ad:74: 56:01:55:c8:4c:19:8d:06:0b:f3:4c:04:d5:9a:6f:44:ad:7a: fd:3b:aa:e8:4b:84:6e:f1:c4:34:f4:a0:6a:f6:81:ae:74:b4: 46:6e:b9:2f:a6:59:f1:02:e9:58:7c:a1:8d:08:31:2b:39:ee: eb:7e Subject: C=US, ST=California, L=San Jose, O=sipit, CN=tls6.test.sipit.net X509v3 Subject Alternative Name: DNS:test.sipit.net, DNS:tls6.test.sipit.net, URI:sip:tls6.test.sipit.net Notice the URI in the certificate!
  29. 29. Process for a server Generate Keys Pack public key in CSR Send CSR to CA CA validate process CA issues Certificate Install cert in server with private key
  30. 30. Client connection Open TCP connection Server sends certificate Client challenge server Server answers challenge Client validates certificate Server can issue cert request Client and server produce session key Symmetric encryption starts
  31. 31. Issues Certificate can validate correctly with the CA store, but still be the wrong certificate. Certificate private key can be copied and certificate revocated. DNS was spoofed, so we reached the wrong service Something new and even more scary than Heartbleed.
  32. 32. Protocol specifics • Given a protocol request - how do we match the request address to a certificate • SIP Uri, E-mail address, HTTPS uri
  33. 33. TLS and SSL SSL v1.0 - 2.0 Created by Netscape Communications Deemed insecure. SSL v3.0 Last version. No support for extensions and not for modern crypto algorithms. Deemed insecure. #MoreCrypto TLS 1.x Open standard defined by the IETF. Keeps being updated. It’s time to try to stop using SSL.
  34. 34. Man in the middle Client MITM Server • How do we prevent and discover TLS proxys? • Quite commonly used
  35. 35. Certificate Fingerprinting Certificates have a fingerprint, a checksum of the cert and key. Embed last, current and next certificate fingerprint in the code Verify that you are talking with the expected server. TLS verification may work with a bad server cert too. Client Server Client MITM Server #MoreCrypto
  36. 36. Trust on first use Save certificate fingerprint on first connection If another certificate shows up, warn the user Don’t block, the first connection could be bad Certificates gets updates so save expiry time and accept new. Client Server Client MITM Server #MoreCrypto
  37. 37. DANE - using DNSsec Save cert in DNS, signed by Client DNS DNS query Client Server #MoreCrypto DNSsec If another certificate shows up, do not continue. Disconnect. Certificates that expired or was revoked has no NS records TLS connection Client MITM Server
  38. 38. User specifics • Which CAs do we trust? • How do we check validity of certificate, even if we trust the CA? • Do we have time for validation?
  39. 39. New solutions • Anchoring the certificate in DNS • Validating the certificate in DNS • No certificate - bare keys • Oppurtunistic Security with TLS DNSsec
  40. 40. Advice: • Use encrypted communication by default • Authenticated sessions are better than non-authenticated • If you really need confidentiality, check ciphers and checksum algorithms #MoreCrypto
  41. 41. Heartbleed • Programming error in OpenSSL • OpenSSL is used in too many places • Opened up for private key distribution and a lot of other in-memory data.
  42. 42. Security is a process • There will be other issues with TLS libraries, protocols and implementations • Having these is better than having no security, integrity, privacy or confidentiality
  43. 43. To-do list Always build secure platforms. Encrypt all communication. 1. Integrate IPv6 in every single project. 2. Sign your DNS data. DNS is the foundation for all of Internet. 3. #MoreCrypto SECURITY: IPv6: DNSsec:
  44. 44. The way forward: #MoreCrypto
  45. 45. More information http://www.internetsociety.org/deploy360/tls/ https://bettercrypto.org http://tools.ietf.org/html/rfc7258 - Internet is under attack. #MoreCrypto
  46. 46. Join us! • IETF peerpass mailing list, UTA working group and more. • Hashtag #MoreCrypto • http://internetsociety.org
  47. 47. #MoreCrypto Feedback? • Feedback and suggestions for improvements to this presentation is more than welcome! Send to oej@edvina.net! • Feel free to use this presentation yourself - Notice the Creative commons license on this presentation! • Please tell me if you use it! It’s always fun to know. Olle E. Johansson Author: oej@edvina.net - slideshare.net/oej Ⓒ Olle E. Johansson, Stockholm, Sweden 2014. This work is licensed under

×