SlideShare a Scribd company logo

Certificates, PKI, and SSL/TLS for infrastructure builders and operators

Download as PPTX, PDF
David Ochel
David Ochel

Need to educate your IT or DevOps folks on how to manage server certificates and TLS configurations in a secure manner? Use these slides. :)

Internet
1 of 29
Certificates, Public Key Infrastructures, and SSL/TLS for infrastructure builders and operators David Ochel, August 2019 2019-08-31-00 Unless otherwise noted, clip art is from pixabay.com and subject to PixaBay’s license (https://pixabay.com/service/terms/#license). All remaining content that has not otherwise been attributed is released into the public domain under the CC0 1.0 – https://creativecommons.org/publicdomain/zero/1.0/.
Agenda & Outline Objective: Align on the practical and security implications of managing infrastructure components that rely on TLS and (server) certificates for enabling transport security. • Applied crypto basics – 20’ • Symmetric & asymmetric encryption • Hashes and digital signatures • What makes crypto hard • Public Key Infrastructures – 40’ • Certificates & CAs – and how they are used in TLS • Lifecycle considerations for server keys and certificates • SSL/TLS – Configuration Gotchas – 30‘
Thwarting the “Man in the Middle” PLAIN TEXT PLAIN TEXTtPLAIN TEXT • Communication over (public) networks is not confidential, by design • Emails, web traffic, secrets, etc. can be intercepted and/or manipulated • Originators of content can be impersonated • Unless it is protected and authenticated, typically using encryption • TLS (as in, HTTPS, FTPS) • IPsec, OpenVPN, MACsec, … (or application-specific, like PGP and SSH)
Crypto basics (because it’s the foundation for everything)
01101001 11100011 10001111 10010101 10110100 00000110 11010100 10010011 11001111 10110000 00001010 11110000 10100011 00100001 10001011 01001111 Secret Key – Symmetric Encryption • One key, multiple copies • Good: fast, straightforward • Bad: key distribution (requires out-of-band, can’t control copies) • Examples: AES, Blowfish – e.g., 256 bit key length PLAIN TEXT PLAIN TEXT CIPHER TEXT the key (it’s actually a random string of bits)
Public and private keys – Asymmetric Encryption • Mutually complementary pair of keys • Good: distribution (private key stays with owner, copies of the matching public key can be distributed freely); digital signatures • Bad: high CPU need, based on (theoretically solvable) math problems • Examples: RSA, Diffie Hellman – e.g., 2048 bit key length PLAIN TEXT PLAIN TEXT CIPHER TEXT private key public key
Cryptographic Hashes • Maps a message into a fixed-size digest (“hash”) • Deterministic • Collision-resistant • Non-reversible (one way), cannot compute message from hash • Examples: bcrypt, SHA-2 PLAIN TEXT hash PLAIN TEXT hash PLAIN TEXT PLAIN TEXT hash From https://en.wikipedia.org/wiki/File:Cryptographic_Hash_Function.svg
Digital Signatures • Originator encrypts hash with private key (“digital signature”) • Recipient decrypts hash with originator’s public key, and computes its own hash over the message • If the two hashes match, the message must have been signed by somebody in possession of the private key PLAIN TEXT hash PLAIN TEXT PLAIN TEXT PLAIN TEXT hash signature signature signature hash
Typical Crypto Limitations • Implementing crypto algorithms is hard Use approved libraries/products • Key material “weakens” (risk of eventual compromise increases) over time Rotate keys on defined frequencies Use recommended key lengths and algorithms • Protecting access to secret and private keys is hard Re-key if somebody with access to a secret key leaves organization Keep keys in as few locations as possible, defend them thoroughly Don’t re-use the same key for different purposes or in different trust settings • Distributing public keys in a trustworthy manner is still hard Use public key infrastructures!
Public Key Infrastructures (or, how do I know that Alice’s public key that I grabbed from the web is the one that in fact matches Alice’s private key, and not Chuck’s, who is pretending to be Alice?)
Remember the Man in the Middle? • We want to distribute public keys freely, over networks • But is Alice in fact the one that possesses the private key to the public key that has her name on it? • Can I trust that digital signatures signed with the corresponding private key are in fact Alice’s signatures, and not somebody who’s pretending to be her? • Can messages I encrypt with this key only be decrypted by her? PLAIN TEXT PLAIN TEXT A A C CA C A C
Attesting to a distributed key’s authenticity • Crowd-sourced web of trust (e.g., PGP) • Users attest to the authenticity of public keys by signing each other’s public keys (after having established that they have the same key in front of them) • Key Signing Party, anyone? • Trusted Third Parties • Certificate authorities establish a hierarchical chain of trust into public keys • All users trust the same CA, thus any public key signed by the CA is extended trust (without the need for a secure channel to obtain individual public keys) https://imgs.xkcd.com/comics/responsible_behavior.png
Certificates! Cert Signing Request Name: Alice Address: alice@foo.bar Public key: Certificate Authority PLAIN TEXT PLAIN TEXT CIPHER TEXT A signature A A A A A CERTIFICATE Expiration: … Name: Alice Address: … Public key: CA signature A CA CA A CA
Transport Layer Security – crypto (simplified) CERTIFICATE Expiration: … Name: Company A Address: … Public key: CA signature A CERTIFICATE Expiration: … Name: Company A Address: … Public key: CA signature A 1: Client requests server certificate, validates it against CA cert 2: Client generates symmetric session key* A 3: Client & server exchange traffic encrypted with the session key ENCRYPTED PAYLOAD (e.g., HTML) *This is a much simplified view of how key generation with RSA works. Authentication of the server with RSA is implicit. DH/ECDH works differently. AA
Lifecycle of a server certificate 1. Public/private keypair management 2. Certificate request 3. Certificate issuance 4. Certificate use and revocation 5. Certificate consumption by clients
(1) Managing server public/private keys • Private keys should never leave the server (need to keep confidential) • Use Certificate Signing Requests instead of letting the CA generate the server’s public/private key pair • Do not share private keys across trust domains / between different services (lest compromise of the weakest link will compromise them all) • Beware of aging keys • Limit validity of certificates to an appropriate number of days or years • Generate new keys when “renewing” a cert instead of getting a new cert for the same old key • Consider new keys & certs if an operator with access leaves the organization • Self-signed certificates
(2) Requesting a certificate • Prefer FQDN subject names over wildcards • Wild cards encourage proliferation of the same keys across different services / trust domains • Consider multiple Subject Alternative Names instead • Choose your CA wisely • Consider reputation of different CAs, even though browsers might trust them all • Consider validation and support needs (e.g., Let’s Encrypt – domain validation only) • Identity Verification • Registration Authorities – (in-person) offices of the CA for high-trust situations (e.g., validating somebody’s passport in person - not common in TLS server scenarios • Domain Validation – does the requesting organization control the domain that the cert is for? • Organization Validation – can the requesting organization prove its name/DBA/address as listed in the CSR? • Extended Validation – subject name matches organization’s incorporation doc • Certificate Signing Request (CSR) – standardized format to request a certificate • Does not include the user’s|server’s private key, but is signed by its private key to demonstrate possession of it
(3) Issuing a certificate • Do not use self-signed certs • Teaching users to click through warnings in their browsers desensitizes them against actual threats • Internal CAs for internal services are OK *if* they are managed properly • Mitigate risk of CA compromise • The root CA should be highly protected, offline, and only used to issue certs to certificate-issuing CAs lower down in the hierarchy • Consider using different cert-issuing CAs for different cert purposes / environments • Automation is OK… • ...if cert requests are properly authenticated & authorized
(4) Hosting and revoking certificates • Serve certificate chains with your certificate • Clients may break if intermediate certs are not served by your server, since they may only have the root CA certs in their trust stores • Monitor for certificate expiration • Revoke certificates for compromised or retired keys
Certificates – the devil is in the details • Expiration Date • Purpose (domain validation, cert issuer) • Subject Alternative Names • Wildcard Certs vs. FQDN • Key Usage
Other uses of certificates & trust chains • Code signing • Windows updates • Europe: electronic signatures • Device authentication • User authentication • S/MIME • DNSSEC • PGP Web of Trust
Using certificates for authentication • Authentication factors: what you have; what you know; what you are • Certs (i.e., private keys!) are “what you know” • Same issue as passwords – can be cloned onto multiple devices, picked up by malware, … • Can be used to implement “what you have” if protected from cloning • E.g., on a smart card, HSM, secure enclave • Do certs authenticate users or devices? • Certs don’t authenticate anything, it’s the private key that corresponds to the public key in the cert that does the authentication • Arguably, the CA’s digital signature on the certificate provides for authenticity of the certificate’s content • Do keys (SSH keys, keys related to device certs, …) authenticate users or devices? • It depends – on usage, protection of the keys, context, …
SSL/TLS – Configuration Gotchas
Transport Layer Security – crypto (simplified) CERTIFICATE Expiration: … Name: Company A Address: … Public key: CA signature A CERTIFICATE Expiration: … Name: Company A Address: … Public key: CA signature A 1: Client requests server certificate, validates it against CA cert 2: Client generates symmetric session key* A 3: Client & server exchange traffic encrypted with the session key ENCRYPTED PAYLOAD (e.g., HTML) *This is a much simplified view of how key generation with RSA works. Authentication of the server with RSA is implicit. DH/ECDH works differently.
Versions • SSL is outdated and insecure • v2 – 1994 (Netscape Navigator 1.1 ) • v3 – 1995 • TLS • 1.0 – 1999 (RFC 2246), similar to SSLv3 • 1.1 – 2006, uses MD5 and SHA-1 (on it’s way out) • 1.2 – 2008 • 1.3 – 2018
Cipher Suites • Determine the mix and match of crypto algorithms a client and server can agree on for: • Authentication • Key exchange • Encryption algorithm & key sizes • Etc. Disable weak cipher suites Prefer them in order of strength
Other Tidbits • Perfect Forward Secrecy • Session keys don’t depend on protection by the server’s private key • A result of using DH/ECDH (instead of RSA) for key agreement • If RSA is not supported by a web server, MITM traffic inspection will break ;-) • Various other, security-relevant configuration settings. For example: • Prevent protocol version downgrade attacks (TLS_FALLBACK_SCSV) • Reject insecure renegotiation (support the Renegotiation Indication extension, RFC 5746) • Tell clients to always use TLS (Strict Transport Security (HSTS)) • Only use the TLS NULL compression method • Support OCSP stapling (RFC 6066) • Support session resumption
Potential Client Issues • Mismatch of supported protocol versions • Mismatch of supported ciphersuites • Certificate Pinning • Will interfere with MITM attempts to de- and re-encrypt traffic (e.g., for inspection)
Fun Tools • Dealing with certs • OpenSSL • Checking TLS configs • sslyze • www.ssllabs.com • observatory.mozilla.org • References • https://www.ssllabs.com/projects/documentation/

Recommended

LASCON 2014: Multi-Factor Authentication -- Weeding out the Snake Oil
LASCON 2014: Multi-Factor Authentication -- Weeding out the Snake OilLASCON 2014: Multi-Factor Authentication -- Weeding out the Snake Oil
LASCON 2014: Multi-Factor Authentication -- Weeding out the Snake OilDavid Ochel
 
Email Security with OpenPGP - An Appetizer
Email Security with OpenPGP - An AppetizerEmail Security with OpenPGP - An Appetizer
Email Security with OpenPGP - An AppetizerDavid Ochel
 
[OPD 2019] Threat modeling at scale
[OPD 2019] Threat modeling at scale[OPD 2019] Threat modeling at scale
[OPD 2019] Threat modeling at scaleOWASP
 
[OPD 2019] .NET Core Security
[OPD 2019] .NET Core Security[OPD 2019] .NET Core Security
[OPD 2019] .NET Core SecurityOWASP
 
How to write secure code
How to write secure codeHow to write secure code
How to write secure codeFlaskdata.io
 
IT-Security@Contemporary Life
IT-Security@Contemporary LifeIT-Security@Contemporary Life
IT-Security@Contemporary LifeOliver Pfaff
 
Web-of-Things and Services Security
Web-of-Things and Services SecurityWeb-of-Things and Services Security
Web-of-Things and Services SecurityOliver Pfaff
 
Microservices Security: dos and don'ts
Microservices Security: dos and don'tsMicroservices Security: dos and don'ts
Microservices Security: dos and don'tsMinded Security
 

Recommended

LASCON 2014: Multi-Factor Authentication -- Weeding out the Snake Oil
LASCON 2014: Multi-Factor Authentication -- Weeding out the Snake OilLASCON 2014: Multi-Factor Authentication -- Weeding out the Snake Oil
LASCON 2014: Multi-Factor Authentication -- Weeding out the Snake OilDavid Ochel
 
Email Security with OpenPGP - An Appetizer
Email Security with OpenPGP - An AppetizerEmail Security with OpenPGP - An Appetizer
Email Security with OpenPGP - An AppetizerDavid Ochel
 
[OPD 2019] Threat modeling at scale
[OPD 2019] Threat modeling at scale[OPD 2019] Threat modeling at scale
[OPD 2019] Threat modeling at scaleOWASP
 
[OPD 2019] .NET Core Security
[OPD 2019] .NET Core Security[OPD 2019] .NET Core Security
[OPD 2019] .NET Core SecurityOWASP
 
How to write secure code
How to write secure codeHow to write secure code
How to write secure codeFlaskdata.io
 
IT-Security@Contemporary Life
IT-Security@Contemporary LifeIT-Security@Contemporary Life
IT-Security@Contemporary LifeOliver Pfaff
 
Web-of-Things and Services Security
Web-of-Things and Services SecurityWeb-of-Things and Services Security
Web-of-Things and Services SecurityOliver Pfaff
 
Microservices Security: dos and don'ts
Microservices Security: dos and don'tsMicroservices Security: dos and don'ts
Microservices Security: dos and don'tsMinded Security
 
Security in microservices architectures
Security in microservices architecturesSecurity in microservices architectures
Security in microservices architecturesinovia
 
Let's get evil - threat modeling at scale
Let's get evil - threat modeling at scaleLet's get evil - threat modeling at scale
Let's get evil - threat modeling at scaleSecuRing
 
Charles Weir's Security presentation for Code Cumbria, January 2014
Charles Weir's Security presentation for Code Cumbria, January 2014Charles Weir's Security presentation for Code Cumbria, January 2014
Charles Weir's Security presentation for Code Cumbria, January 2014Charles Weir
 
Protecting the Keys to the Kingdom - The Case for Adaptive Authentication for...
Protecting the Keys to the Kingdom - The Case for Adaptive Authentication for...Protecting the Keys to the Kingdom - The Case for Adaptive Authentication for...
Protecting the Keys to the Kingdom - The Case for Adaptive Authentication for...SecureAuth
 
OpenID Foundation RISC WG Update - 2018-04-02
OpenID Foundation RISC WG Update - 2018-04-02OpenID Foundation RISC WG Update - 2018-04-02
OpenID Foundation RISC WG Update - 2018-04-02MikeLeszcz
 
Certificate pinning in android applications
Certificate pinning in android applicationsCertificate pinning in android applications
Certificate pinning in android applicationsArash Ramez
 
[OPD 2019] Web Apps vs Blockchain dApps
[OPD 2019] Web Apps vs Blockchain dApps[OPD 2019] Web Apps vs Blockchain dApps
[OPD 2019] Web Apps vs Blockchain dAppsOWASP
 
[OPD 2019] Trusted types and the end of DOM XSS
[OPD 2019] Trusted types and the end of DOM XSS[OPD 2019] Trusted types and the end of DOM XSS
[OPD 2019] Trusted types and the end of DOM XSSOWASP
 
Red teaming in the cloud
Red teaming in the cloudRed teaming in the cloud
Red teaming in the cloudPeter Wood
 
Service Mesh vs. Frameworks: Where to put the resilience?
Service Mesh vs. Frameworks: Where to put the resilience?Service Mesh vs. Frameworks: Where to put the resilience?
Service Mesh vs. Frameworks: Where to put the resilience?Michael Hofmann
 
DevSecOps: The Open Source Way for CloudExpo 2018
DevSecOps: The Open Source Way for CloudExpo 2018DevSecOps: The Open Source Way for CloudExpo 2018
DevSecOps: The Open Source Way for CloudExpo 2018Gordon Haff
 
The Principles of Secure Development - BSides Las Vegas 2009
The Principles of Secure Development - BSides Las Vegas 2009The Principles of Secure Development - BSides Las Vegas 2009
The Principles of Secure Development - BSides Las Vegas 2009Security Ninja
 
How to do Cryptography right in Android Part One
How to do Cryptography right in Android Part OneHow to do Cryptography right in Android Part One
How to do Cryptography right in Android Part OneArash Ramez
 
OpenID Foundation's Risk Incident and Sharing Communication (RISC) Work Group...
OpenID Foundation's Risk Incident and Sharing Communication (RISC) Work Group...OpenID Foundation's Risk Incident and Sharing Communication (RISC) Work Group...
OpenID Foundation's Risk Incident and Sharing Communication (RISC) Work Group...MikeLeszcz
 
Internet banking safeguards vulnerabilities - OWASP AppSec EU 2016
Internet banking safeguards vulnerabilities - OWASP AppSec EU 2016Internet banking safeguards vulnerabilities - OWASP AppSec EU 2016
Internet banking safeguards vulnerabilities - OWASP AppSec EU 2016SecuRing
 
Introduction To PKI Technology
Introduction To PKI TechnologyIntroduction To PKI Technology
Introduction To PKI TechnologySylvain Maret
 
OIDF Workshop at Verizon Media -- 9/30/2019 -- OpenID Connect for Identity As...
OIDF Workshop at Verizon Media -- 9/30/2019 -- OpenID Connect for Identity As...OIDF Workshop at Verizon Media -- 9/30/2019 -- OpenID Connect for Identity As...
OIDF Workshop at Verizon Media -- 9/30/2019 -- OpenID Connect for Identity As...OpenIDFoundation
 
Easy public-private-keys-strong-authentication-using-u2 f
Easy public-private-keys-strong-authentication-using-u2 fEasy public-private-keys-strong-authentication-using-u2 f
Easy public-private-keys-strong-authentication-using-u2 fCyber Security Alliance
 
Heartbleed && Wireless
Heartbleed && WirelessHeartbleed && Wireless
Heartbleed && WirelessLuis Grangeia
 
How to do Cryptography right in Android Part Two
How to do Cryptography right in Android Part TwoHow to do Cryptography right in Android Part Two
How to do Cryptography right in Android Part TwoArash Ramez
 
An introduction to X.509 certificates
An introduction to X.509 certificatesAn introduction to X.509 certificates
An introduction to X.509 certificatesStephane Potier
 
Digital signature & eSign overview
Digital signature & eSign overviewDigital signature & eSign overview
Digital signature & eSign overviewRishi Pathak
 

More Related Content

What's hot

Security in microservices architectures
Security in microservices architecturesSecurity in microservices architectures
Security in microservices architecturesinovia
 
Let's get evil - threat modeling at scale
Let's get evil - threat modeling at scaleLet's get evil - threat modeling at scale
Let's get evil - threat modeling at scaleSecuRing
 
Charles Weir's Security presentation for Code Cumbria, January 2014
Charles Weir's Security presentation for Code Cumbria, January 2014Charles Weir's Security presentation for Code Cumbria, January 2014
Charles Weir's Security presentation for Code Cumbria, January 2014Charles Weir
 
Protecting the Keys to the Kingdom - The Case for Adaptive Authentication for...
Protecting the Keys to the Kingdom - The Case for Adaptive Authentication for...Protecting the Keys to the Kingdom - The Case for Adaptive Authentication for...
Protecting the Keys to the Kingdom - The Case for Adaptive Authentication for...SecureAuth
 
OpenID Foundation RISC WG Update - 2018-04-02
OpenID Foundation RISC WG Update - 2018-04-02OpenID Foundation RISC WG Update - 2018-04-02
OpenID Foundation RISC WG Update - 2018-04-02MikeLeszcz
 
Certificate pinning in android applications
Certificate pinning in android applicationsCertificate pinning in android applications
Certificate pinning in android applicationsArash Ramez
 
[OPD 2019] Web Apps vs Blockchain dApps
[OPD 2019] Web Apps vs Blockchain dApps[OPD 2019] Web Apps vs Blockchain dApps
[OPD 2019] Web Apps vs Blockchain dAppsOWASP
 
[OPD 2019] Trusted types and the end of DOM XSS
[OPD 2019] Trusted types and the end of DOM XSS[OPD 2019] Trusted types and the end of DOM XSS
[OPD 2019] Trusted types and the end of DOM XSSOWASP
 
Red teaming in the cloud
Red teaming in the cloudRed teaming in the cloud
Red teaming in the cloudPeter Wood
 
Service Mesh vs. Frameworks: Where to put the resilience?
Service Mesh vs. Frameworks: Where to put the resilience?Service Mesh vs. Frameworks: Where to put the resilience?
Service Mesh vs. Frameworks: Where to put the resilience?Michael Hofmann
 
DevSecOps: The Open Source Way for CloudExpo 2018
DevSecOps: The Open Source Way for CloudExpo 2018DevSecOps: The Open Source Way for CloudExpo 2018
DevSecOps: The Open Source Way for CloudExpo 2018Gordon Haff
 
The Principles of Secure Development - BSides Las Vegas 2009
The Principles of Secure Development - BSides Las Vegas 2009The Principles of Secure Development - BSides Las Vegas 2009
The Principles of Secure Development - BSides Las Vegas 2009Security Ninja
 
How to do Cryptography right in Android Part One
How to do Cryptography right in Android Part OneHow to do Cryptography right in Android Part One
How to do Cryptography right in Android Part OneArash Ramez
 
OpenID Foundation's Risk Incident and Sharing Communication (RISC) Work Group...
OpenID Foundation's Risk Incident and Sharing Communication (RISC) Work Group...OpenID Foundation's Risk Incident and Sharing Communication (RISC) Work Group...
OpenID Foundation's Risk Incident and Sharing Communication (RISC) Work Group...MikeLeszcz
 
Internet banking safeguards vulnerabilities - OWASP AppSec EU 2016
Internet banking safeguards vulnerabilities - OWASP AppSec EU 2016Internet banking safeguards vulnerabilities - OWASP AppSec EU 2016
Internet banking safeguards vulnerabilities - OWASP AppSec EU 2016SecuRing
 
Introduction To PKI Technology
Introduction To PKI TechnologyIntroduction To PKI Technology
Introduction To PKI TechnologySylvain Maret
 
OIDF Workshop at Verizon Media -- 9/30/2019 -- OpenID Connect for Identity As...
OIDF Workshop at Verizon Media -- 9/30/2019 -- OpenID Connect for Identity As...OIDF Workshop at Verizon Media -- 9/30/2019 -- OpenID Connect for Identity As...
OIDF Workshop at Verizon Media -- 9/30/2019 -- OpenID Connect for Identity As...OpenIDFoundation
 
Easy public-private-keys-strong-authentication-using-u2 f
Easy public-private-keys-strong-authentication-using-u2 fEasy public-private-keys-strong-authentication-using-u2 f
Easy public-private-keys-strong-authentication-using-u2 fCyber Security Alliance
 
Heartbleed && Wireless
Heartbleed && WirelessHeartbleed && Wireless
Heartbleed && WirelessLuis Grangeia
 
How to do Cryptography right in Android Part Two
How to do Cryptography right in Android Part TwoHow to do Cryptography right in Android Part Two
How to do Cryptography right in Android Part TwoArash Ramez
 

What's hot (20)

Security in microservices architectures
Security in microservices architecturesSecurity in microservices architectures
Security in microservices architectures
 
Let's get evil - threat modeling at scale
Let's get evil - threat modeling at scaleLet's get evil - threat modeling at scale
Let's get evil - threat modeling at scale
 
Charles Weir's Security presentation for Code Cumbria, January 2014
Charles Weir's Security presentation for Code Cumbria, January 2014Charles Weir's Security presentation for Code Cumbria, January 2014
Charles Weir's Security presentation for Code Cumbria, January 2014
 
Protecting the Keys to the Kingdom - The Case for Adaptive Authentication for...
Protecting the Keys to the Kingdom - The Case for Adaptive Authentication for...Protecting the Keys to the Kingdom - The Case for Adaptive Authentication for...
Protecting the Keys to the Kingdom - The Case for Adaptive Authentication for...
 
OpenID Foundation RISC WG Update - 2018-04-02
OpenID Foundation RISC WG Update - 2018-04-02OpenID Foundation RISC WG Update - 2018-04-02
OpenID Foundation RISC WG Update - 2018-04-02
 
Certificate pinning in android applications
Certificate pinning in android applicationsCertificate pinning in android applications
Certificate pinning in android applications
 
[OPD 2019] Web Apps vs Blockchain dApps
[OPD 2019] Web Apps vs Blockchain dApps[OPD 2019] Web Apps vs Blockchain dApps
[OPD 2019] Web Apps vs Blockchain dApps
 
[OPD 2019] Trusted types and the end of DOM XSS
[OPD 2019] Trusted types and the end of DOM XSS[OPD 2019] Trusted types and the end of DOM XSS
[OPD 2019] Trusted types and the end of DOM XSS
 
Red teaming in the cloud
Red teaming in the cloudRed teaming in the cloud
Red teaming in the cloud
 
Service Mesh vs. Frameworks: Where to put the resilience?
Service Mesh vs. Frameworks: Where to put the resilience?Service Mesh vs. Frameworks: Where to put the resilience?
Service Mesh vs. Frameworks: Where to put the resilience?
 
DevSecOps: The Open Source Way for CloudExpo 2018
DevSecOps: The Open Source Way for CloudExpo 2018DevSecOps: The Open Source Way for CloudExpo 2018
DevSecOps: The Open Source Way for CloudExpo 2018
 
The Principles of Secure Development - BSides Las Vegas 2009
The Principles of Secure Development - BSides Las Vegas 2009The Principles of Secure Development - BSides Las Vegas 2009
The Principles of Secure Development - BSides Las Vegas 2009
 
How to do Cryptography right in Android Part One
How to do Cryptography right in Android Part OneHow to do Cryptography right in Android Part One
How to do Cryptography right in Android Part One
 
OpenID Foundation's Risk Incident and Sharing Communication (RISC) Work Group...
OpenID Foundation's Risk Incident and Sharing Communication (RISC) Work Group...OpenID Foundation's Risk Incident and Sharing Communication (RISC) Work Group...
OpenID Foundation's Risk Incident and Sharing Communication (RISC) Work Group...
 
Internet banking safeguards vulnerabilities - OWASP AppSec EU 2016
Internet banking safeguards vulnerabilities - OWASP AppSec EU 2016Internet banking safeguards vulnerabilities - OWASP AppSec EU 2016
Internet banking safeguards vulnerabilities - OWASP AppSec EU 2016
 
Introduction To PKI Technology
Introduction To PKI TechnologyIntroduction To PKI Technology
Introduction To PKI Technology
 
OIDF Workshop at Verizon Media -- 9/30/2019 -- OpenID Connect for Identity As...
OIDF Workshop at Verizon Media -- 9/30/2019 -- OpenID Connect for Identity As...OIDF Workshop at Verizon Media -- 9/30/2019 -- OpenID Connect for Identity As...
OIDF Workshop at Verizon Media -- 9/30/2019 -- OpenID Connect for Identity As...
 
Easy public-private-keys-strong-authentication-using-u2 f
Easy public-private-keys-strong-authentication-using-u2 fEasy public-private-keys-strong-authentication-using-u2 f
Easy public-private-keys-strong-authentication-using-u2 f
 
Heartbleed && Wireless
Heartbleed && WirelessHeartbleed && Wireless
Heartbleed && Wireless
 
How to do Cryptography right in Android Part Two
How to do Cryptography right in Android Part TwoHow to do Cryptography right in Android Part Two
How to do Cryptography right in Android Part Two
 

Similar to Certificates, PKI, and SSL/TLS for infrastructure builders and operators

An introduction to X.509 certificates
An introduction to X.509 certificatesAn introduction to X.509 certificates
An introduction to X.509 certificatesStephane Potier
 
Digital signature & eSign overview
Digital signature & eSign overviewDigital signature & eSign overview
Digital signature & eSign overviewRishi Pathak
 
Alfresco DevCon 2019: Encryption at-rest and in-transit
Alfresco DevCon 2019: Encryption at-rest and in-transitAlfresco DevCon 2019: Encryption at-rest and in-transit
Alfresco DevCon 2019: Encryption at-rest and in-transitToni de la Fuente
 
15 intro to ssl certificate & pki concept
15 intro to ssl certificate & pki concept15 intro to ssl certificate & pki concept
15 intro to ssl certificate & pki conceptMostafa El Lathy
 
I would appreciate help with these 4 questions. Thank You.1) Expla.pdf
I would appreciate help with these 4 questions. Thank You.1) Expla.pdfI would appreciate help with these 4 questions. Thank You.1) Expla.pdf
I would appreciate help with these 4 questions. Thank You.1) Expla.pdfJUSTSTYLISH3B2MOHALI
 
020618 Why Do we Need HTTPS
020618 Why Do we Need HTTPS020618 Why Do we Need HTTPS
020618 Why Do we Need HTTPSJackio Kwok
 
All you need to know about transport layer security
All you need to know about transport layer securityAll you need to know about transport layer security
All you need to know about transport layer securityMaarten Smeets
 
Dr. Omar Ali Alibrahim - Ssl talk
Dr. Omar Ali Alibrahim - Ssl talkDr. Omar Ali Alibrahim - Ssl talk
Dr. Omar Ali Alibrahim - Ssl talkpromediakw
 
An Introduction to DANE - Securing TLS using DNSSEC
An Introduction to DANE - Securing TLS using DNSSECAn Introduction to DANE - Securing TLS using DNSSEC
An Introduction to DANE - Securing TLS using DNSSECCarlos Martinez Cagnazzo
 
18CS2005 Cryptography and Network Security
18CS2005 Cryptography and Network Security18CS2005 Cryptography and Network Security
18CS2005 Cryptography and Network SecurityKathirvel Ayyaswamy
 
PKI and Applications
PKI and ApplicationsPKI and Applications
PKI and ApplicationsSvetlin Nakov
 
Web security for e-commerce
Web security for e-commerceWeb security for e-commerce
Web security for e-commerceNishant Pahad
 
Secure Gate / Reverse Proxy - WAF 1ere génération / Datelec
Secure Gate / Reverse Proxy - WAF 1ere génération / DatelecSecure Gate / Reverse Proxy - WAF 1ere génération / Datelec
Secure Gate / Reverse Proxy - WAF 1ere génération / DatelecSylvain Maret
 
Public Digital Identity as a Service
Public Digital Identity as a ServicePublic Digital Identity as a Service
Public Digital Identity as a ServicePT Datacomm Diangraha
 
TLS/SSL - Study of Secured Communications
TLS/SSL - Study of Secured CommunicationsTLS/SSL - Study of Secured Communications
TLS/SSL - Study of Secured CommunicationsNitin Ramesh
 
#MoreCrypto : Introduction to TLS
#MoreCrypto : Introduction to TLS#MoreCrypto : Introduction to TLS
#MoreCrypto : Introduction to TLSOlle E Johansson
 
Introduction of an SSL Certificate
Introduction of an SSL CertificateIntroduction of an SSL Certificate
Introduction of an SSL CertificateCheapSSLUSA
 

Similar to Certificates, PKI, and SSL/TLS for infrastructure builders and operators (20)

An introduction to X.509 certificates
An introduction to X.509 certificatesAn introduction to X.509 certificates
An introduction to X.509 certificates
 
Digital signature & eSign overview
Digital signature & eSign overviewDigital signature & eSign overview
Digital signature & eSign overview
 
Alfresco DevCon 2019: Encryption at-rest and in-transit
Alfresco DevCon 2019: Encryption at-rest and in-transitAlfresco DevCon 2019: Encryption at-rest and in-transit
Alfresco DevCon 2019: Encryption at-rest and in-transit
 
15 intro to ssl certificate & pki concept
15 intro to ssl certificate & pki concept15 intro to ssl certificate & pki concept
15 intro to ssl certificate & pki concept
 
Https
HttpsHttps
Https
 
I would appreciate help with these 4 questions. Thank You.1) Expla.pdf
I would appreciate help with these 4 questions. Thank You.1) Expla.pdfI would appreciate help with these 4 questions. Thank You.1) Expla.pdf
I would appreciate help with these 4 questions. Thank You.1) Expla.pdf
 
020618 Why Do we Need HTTPS
020618 Why Do we Need HTTPS020618 Why Do we Need HTTPS
020618 Why Do we Need HTTPS
 
All you need to know about transport layer security
All you need to know about transport layer securityAll you need to know about transport layer security
All you need to know about transport layer security
 
Dr. Omar Ali Alibrahim - Ssl talk
Dr. Omar Ali Alibrahim - Ssl talkDr. Omar Ali Alibrahim - Ssl talk
Dr. Omar Ali Alibrahim - Ssl talk
 
The world of encryption
The world of encryptionThe world of encryption
The world of encryption
 
An Introduction to DANE - Securing TLS using DNSSEC
An Introduction to DANE - Securing TLS using DNSSECAn Introduction to DANE - Securing TLS using DNSSEC
An Introduction to DANE - Securing TLS using DNSSEC
 
18CS2005 Cryptography and Network Security
18CS2005 Cryptography and Network Security18CS2005 Cryptography and Network Security
18CS2005 Cryptography and Network Security
 
PKI and Applications
PKI and ApplicationsPKI and Applications
PKI and Applications
 
Web security for e-commerce
Web security for e-commerceWeb security for e-commerce
Web security for e-commerce
 
Secure Gate / Reverse Proxy - WAF 1ere génération / Datelec
Secure Gate / Reverse Proxy - WAF 1ere génération / DatelecSecure Gate / Reverse Proxy - WAF 1ere génération / Datelec
Secure Gate / Reverse Proxy - WAF 1ere génération / Datelec
 
Public Digital Identity as a Service
Public Digital Identity as a ServicePublic Digital Identity as a Service
Public Digital Identity as a Service
 
TLS/SSL - Study of Secured Communications
TLS/SSL - Study of Secured CommunicationsTLS/SSL - Study of Secured Communications
TLS/SSL - Study of Secured Communications
 
Lecture17
Lecture17Lecture17
Lecture17
 
#MoreCrypto : Introduction to TLS
#MoreCrypto : Introduction to TLS#MoreCrypto : Introduction to TLS
#MoreCrypto : Introduction to TLS
 
Introduction of an SSL Certificate
Introduction of an SSL CertificateIntroduction of an SSL Certificate
Introduction of an SSL Certificate
 

Recently uploaded

₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...
₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...
₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...Diya Sharma
 
VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...
VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...
VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...aditipandeya
 
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝soniya singh
 
Radiant Call girls in Dubai O56338O268 Dubai Call girls
Radiant Call girls in Dubai O56338O268 Dubai Call girlsRadiant Call girls in Dubai O56338O268 Dubai Call girls
Radiant Call girls in Dubai O56338O268 Dubai Call girlsstephieert
 
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With RoomVIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Roomishabajaj13
 
Challengers I Told Ya ShirtChallengers I Told Ya Shirt
Challengers I Told Ya ShirtChallengers I Told Ya ShirtChallengers I Told Ya ShirtChallengers I Told Ya Shirt
Challengers I Told Ya ShirtChallengers I Told Ya Shirtrahman018755
 
Enjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort Service
Enjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort ServiceEnjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort Service
Enjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort ServiceDelhi Call girls
 
Russian Call girl in Ajman +971563133746 Ajman Call girl Service
Russian Call girl in Ajman +971563133746 Ajman Call girl ServiceRussian Call girl in Ajman +971563133746 Ajman Call girl Service
Russian Call girl in Ajman +971563133746 Ajman Call girl Servicegwenoracqe6
 
Best VIP Call Girls Noida Sector 75 Call Me: 8448380779
Best VIP Call Girls Noida Sector 75 Call Me: 8448380779Best VIP Call Girls Noida Sector 75 Call Me: 8448380779
Best VIP Call Girls Noida Sector 75 Call Me: 8448380779Delhi Call girls
 
VIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call Girl
VIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call GirlVIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call Girl
VIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call Girladitipandeya
 
VIP Call Girls Pune Madhuri 8617697112 Independent Escort Service Pune
VIP Call Girls Pune Madhuri 8617697112 Independent Escort Service PuneVIP Call Girls Pune Madhuri 8617697112 Independent Escort Service Pune
VIP Call Girls Pune Madhuri 8617697112 Independent Escort Service PuneCall girls in Ahmedabad High profile
 
Low Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls Kolkata
Low Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls KolkataLow Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls Kolkata
Low Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls Kolkataanamikaraghav4
 
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts serviceChennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts servicevipmodelshub1
 
FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607
FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607
FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607dollysharma2066
 
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Room
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With RoomVIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Room
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Roomdivyansh0kumar0
 
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024APNIC
 
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.soniya singh
 
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkata
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls KolkataVIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkata
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkataanamikaraghav4
 
Networking in the Penumbra presented by Geoff Huston at NZNOG
Networking in the Penumbra presented by Geoff Huston at NZNOGNetworking in the Penumbra presented by Geoff Huston at NZNOG
Networking in the Penumbra presented by Geoff Huston at NZNOGAPNIC
 

Recently uploaded (20)

₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...
₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...
₹5.5k {Cash Payment}New Friends Colony Call Girls In [Delhi NIHARIKA] 🔝|97111...
 
VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...
VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...
VIP 7001035870 Find & Meet Hyderabad Call Girls Dilsukhnagar high-profile Cal...
 
Rohini Sector 26 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 26 Call Girls Delhi 9999965857 @Sabina Saikh No AdvanceRohini Sector 26 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
Rohini Sector 26 Call Girls Delhi 9999965857 @Sabina Saikh No Advance
 
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
Call Girls In Model Towh Delhi 💯Call Us 🔝8264348440🔝
 
Radiant Call girls in Dubai O56338O268 Dubai Call girls
Radiant Call girls in Dubai O56338O268 Dubai Call girlsRadiant Call girls in Dubai O56338O268 Dubai Call girls
Radiant Call girls in Dubai O56338O268 Dubai Call girls
 
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With RoomVIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
VIP Kolkata Call Girl Salt Lake 👉 8250192130 Available With Room
 
Challengers I Told Ya ShirtChallengers I Told Ya Shirt
Challengers I Told Ya ShirtChallengers I Told Ya ShirtChallengers I Told Ya ShirtChallengers I Told Ya Shirt
Challengers I Told Ya ShirtChallengers I Told Ya Shirt
 
Enjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort Service
Enjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort ServiceEnjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort Service
Enjoy Night⚡Call Girls Dlf City Phase 3 Gurgaon >༒8448380779 Escort Service
 
Russian Call girl in Ajman +971563133746 Ajman Call girl Service
Russian Call girl in Ajman +971563133746 Ajman Call girl ServiceRussian Call girl in Ajman +971563133746 Ajman Call girl Service
Russian Call girl in Ajman +971563133746 Ajman Call girl Service
 
Best VIP Call Girls Noida Sector 75 Call Me: 8448380779
Best VIP Call Girls Noida Sector 75 Call Me: 8448380779Best VIP Call Girls Noida Sector 75 Call Me: 8448380779
Best VIP Call Girls Noida Sector 75 Call Me: 8448380779
 
VIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call Girl
VIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call GirlVIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call Girl
VIP 7001035870 Find & Meet Hyderabad Call Girls LB Nagar high-profile Call Girl
 
VIP Call Girls Pune Madhuri 8617697112 Independent Escort Service Pune
VIP Call Girls Pune Madhuri 8617697112 Independent Escort Service PuneVIP Call Girls Pune Madhuri 8617697112 Independent Escort Service Pune
VIP Call Girls Pune Madhuri 8617697112 Independent Escort Service Pune
 
Low Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls Kolkata
Low Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls KolkataLow Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls Kolkata
Low Rate Call Girls Kolkata Avani 🤌 8250192130 🚀 Vip Call Girls Kolkata
 
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts serviceChennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
Chennai Call Girls Alwarpet Phone 🍆 8250192130 👅 celebrity escorts service
 
FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607
FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607
FULL ENJOY Call Girls In Mayur Vihar Delhi Contact Us 8377087607
 
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Room
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With RoomVIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Room
VIP Kolkata Call Girl Alambazar 👉 8250192130 Available With Room
 
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
DDoS In Oceania and the Pacific, presented by Dave Phelan at NZNOG 2024
 
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.
Call Now ☎ 8264348440 !! Call Girls in Shahpur Jat Escort Service Delhi N.C.R.
 
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkata
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls KolkataVIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkata
VIP Call Girls Kolkata Ananya 🤌 8250192130 🚀 Vip Call Girls Kolkata
 
Networking in the Penumbra presented by Geoff Huston at NZNOG
Networking in the Penumbra presented by Geoff Huston at NZNOGNetworking in the Penumbra presented by Geoff Huston at NZNOG
Networking in the Penumbra presented by Geoff Huston at NZNOG
 

Certificates, PKI, and SSL/TLS for infrastructure builders and operators

  • 1. Certificates, Public Key Infrastructures, and SSL/TLS for infrastructure builders and operators David Ochel, August 2019 2019-08-31-00 Unless otherwise noted, clip art is from pixabay.com and subject to PixaBay’s license (https://pixabay.com/service/terms/#license). All remaining content that has not otherwise been attributed is released into the public domain under the CC0 1.0 – https://creativecommons.org/publicdomain/zero/1.0/.
  • 2. Agenda & Outline Objective: Align on the practical and security implications of managing infrastructure components that rely on TLS and (server) certificates for enabling transport security. • Applied crypto basics – 20’ • Symmetric & asymmetric encryption • Hashes and digital signatures • What makes crypto hard • Public Key Infrastructures – 40’ • Certificates & CAs – and how they are used in TLS • Lifecycle considerations for server keys and certificates • SSL/TLS – Configuration Gotchas – 30‘
  • 3. Thwarting the “Man in the Middle” PLAIN TEXT PLAIN TEXTtPLAIN TEXT • Communication over (public) networks is not confidential, by design • Emails, web traffic, secrets, etc. can be intercepted and/or manipulated • Originators of content can be impersonated • Unless it is protected and authenticated, typically using encryption • TLS (as in, HTTPS, FTPS) • IPsec, OpenVPN, MACsec, … (or application-specific, like PGP and SSH)
  • 4. Crypto basics (because it’s the foundation for everything)
  • 5. 01101001 11100011 10001111 10010101 10110100 00000110 11010100 10010011 11001111 10110000 00001010 11110000 10100011 00100001 10001011 01001111 Secret Key – Symmetric Encryption • One key, multiple copies • Good: fast, straightforward • Bad: key distribution (requires out-of-band, can’t control copies) • Examples: AES, Blowfish – e.g., 256 bit key length PLAIN TEXT PLAIN TEXT CIPHER TEXT the key (it’s actually a random string of bits)
  • 6. Public and private keys – Asymmetric Encryption • Mutually complementary pair of keys • Good: distribution (private key stays with owner, copies of the matching public key can be distributed freely); digital signatures • Bad: high CPU need, based on (theoretically solvable) math problems • Examples: RSA, Diffie Hellman – e.g., 2048 bit key length PLAIN TEXT PLAIN TEXT CIPHER TEXT private key public key
  • 7. Cryptographic Hashes • Maps a message into a fixed-size digest (“hash”) • Deterministic • Collision-resistant • Non-reversible (one way), cannot compute message from hash • Examples: bcrypt, SHA-2 PLAIN TEXT hash PLAIN TEXT hash PLAIN TEXT PLAIN TEXT hash From https://en.wikipedia.org/wiki/File:Cryptographic_Hash_Function.svg
  • 8. Digital Signatures • Originator encrypts hash with private key (“digital signature”) • Recipient decrypts hash with originator’s public key, and computes its own hash over the message • If the two hashes match, the message must have been signed by somebody in possession of the private key PLAIN TEXT hash PLAIN TEXT PLAIN TEXT PLAIN TEXT hash signature signature signature hash
  • 9. Typical Crypto Limitations • Implementing crypto algorithms is hard Use approved libraries/products • Key material “weakens” (risk of eventual compromise increases) over time Rotate keys on defined frequencies Use recommended key lengths and algorithms • Protecting access to secret and private keys is hard Re-key if somebody with access to a secret key leaves organization Keep keys in as few locations as possible, defend them thoroughly Don’t re-use the same key for different purposes or in different trust settings • Distributing public keys in a trustworthy manner is still hard Use public key infrastructures!
  • 10. Public Key Infrastructures (or, how do I know that Alice’s public key that I grabbed from the web is the one that in fact matches Alice’s private key, and not Chuck’s, who is pretending to be Alice?)
  • 11. Remember the Man in the Middle? • We want to distribute public keys freely, over networks • But is Alice in fact the one that possesses the private key to the public key that has her name on it? • Can I trust that digital signatures signed with the corresponding private key are in fact Alice’s signatures, and not somebody who’s pretending to be her? • Can messages I encrypt with this key only be decrypted by her? PLAIN TEXT PLAIN TEXT A A C CA C A C
  • 12. Attesting to a distributed key’s authenticity • Crowd-sourced web of trust (e.g., PGP) • Users attest to the authenticity of public keys by signing each other’s public keys (after having established that they have the same key in front of them) • Key Signing Party, anyone? • Trusted Third Parties • Certificate authorities establish a hierarchical chain of trust into public keys • All users trust the same CA, thus any public key signed by the CA is extended trust (without the need for a secure channel to obtain individual public keys) https://imgs.xkcd.com/comics/responsible_behavior.png
  • 13. Certificates! Cert Signing Request Name: Alice Address: alice@foo.bar Public key: Certificate Authority PLAIN TEXT PLAIN TEXT CIPHER TEXT A signature A A A A A CERTIFICATE Expiration: … Name: Alice Address: … Public key: CA signature A CA CA A CA
  • 14. Transport Layer Security – crypto (simplified) CERTIFICATE Expiration: … Name: Company A Address: … Public key: CA signature A CERTIFICATE Expiration: … Name: Company A Address: … Public key: CA signature A 1: Client requests server certificate, validates it against CA cert 2: Client generates symmetric session key* A 3: Client & server exchange traffic encrypted with the session key ENCRYPTED PAYLOAD (e.g., HTML) *This is a much simplified view of how key generation with RSA works. Authentication of the server with RSA is implicit. DH/ECDH works differently. AA
  • 15. Lifecycle of a server certificate 1. Public/private keypair management 2. Certificate request 3. Certificate issuance 4. Certificate use and revocation 5. Certificate consumption by clients
  • 16. (1) Managing server public/private keys • Private keys should never leave the server (need to keep confidential) • Use Certificate Signing Requests instead of letting the CA generate the server’s public/private key pair • Do not share private keys across trust domains / between different services (lest compromise of the weakest link will compromise them all) • Beware of aging keys • Limit validity of certificates to an appropriate number of days or years • Generate new keys when “renewing” a cert instead of getting a new cert for the same old key • Consider new keys & certs if an operator with access leaves the organization • Self-signed certificates
  • 17. (2) Requesting a certificate • Prefer FQDN subject names over wildcards • Wild cards encourage proliferation of the same keys across different services / trust domains • Consider multiple Subject Alternative Names instead • Choose your CA wisely • Consider reputation of different CAs, even though browsers might trust them all • Consider validation and support needs (e.g., Let’s Encrypt – domain validation only) • Identity Verification • Registration Authorities – (in-person) offices of the CA for high-trust situations (e.g., validating somebody’s passport in person - not common in TLS server scenarios • Domain Validation – does the requesting organization control the domain that the cert is for? • Organization Validation – can the requesting organization prove its name/DBA/address as listed in the CSR? • Extended Validation – subject name matches organization’s incorporation doc • Certificate Signing Request (CSR) – standardized format to request a certificate • Does not include the user’s|server’s private key, but is signed by its private key to demonstrate possession of it
  • 18. (3) Issuing a certificate • Do not use self-signed certs • Teaching users to click through warnings in their browsers desensitizes them against actual threats • Internal CAs for internal services are OK *if* they are managed properly • Mitigate risk of CA compromise • The root CA should be highly protected, offline, and only used to issue certs to certificate-issuing CAs lower down in the hierarchy • Consider using different cert-issuing CAs for different cert purposes / environments • Automation is OK… • ...if cert requests are properly authenticated & authorized
  • 19. (4) Hosting and revoking certificates • Serve certificate chains with your certificate • Clients may break if intermediate certs are not served by your server, since they may only have the root CA certs in their trust stores • Monitor for certificate expiration • Revoke certificates for compromised or retired keys
  • 20. Certificates – the devil is in the details • Expiration Date • Purpose (domain validation, cert issuer) • Subject Alternative Names • Wildcard Certs vs. FQDN • Key Usage
  • 21. Other uses of certificates & trust chains • Code signing • Windows updates • Europe: electronic signatures • Device authentication • User authentication • S/MIME • DNSSEC • PGP Web of Trust
  • 22. Using certificates for authentication • Authentication factors: what you have; what you know; what you are • Certs (i.e., private keys!) are “what you know” • Same issue as passwords – can be cloned onto multiple devices, picked up by malware, … • Can be used to implement “what you have” if protected from cloning • E.g., on a smart card, HSM, secure enclave • Do certs authenticate users or devices? • Certs don’t authenticate anything, it’s the private key that corresponds to the public key in the cert that does the authentication • Arguably, the CA’s digital signature on the certificate provides for authenticity of the certificate’s content • Do keys (SSH keys, keys related to device certs, …) authenticate users or devices? • It depends – on usage, protection of the keys, context, …
  • 24. Transport Layer Security – crypto (simplified) CERTIFICATE Expiration: … Name: Company A Address: … Public key: CA signature A CERTIFICATE Expiration: … Name: Company A Address: … Public key: CA signature A 1: Client requests server certificate, validates it against CA cert 2: Client generates symmetric session key* A 3: Client & server exchange traffic encrypted with the session key ENCRYPTED PAYLOAD (e.g., HTML) *This is a much simplified view of how key generation with RSA works. Authentication of the server with RSA is implicit. DH/ECDH works differently.
  • 25. Versions • SSL is outdated and insecure • v2 – 1994 (Netscape Navigator 1.1 ) • v3 – 1995 • TLS • 1.0 – 1999 (RFC 2246), similar to SSLv3 • 1.1 – 2006, uses MD5 and SHA-1 (on it’s way out) • 1.2 – 2008 • 1.3 – 2018
  • 26. Cipher Suites • Determine the mix and match of crypto algorithms a client and server can agree on for: • Authentication • Key exchange • Encryption algorithm & key sizes • Etc. Disable weak cipher suites Prefer them in order of strength
  • 27. Other Tidbits • Perfect Forward Secrecy • Session keys don’t depend on protection by the server’s private key • A result of using DH/ECDH (instead of RSA) for key agreement • If RSA is not supported by a web server, MITM traffic inspection will break ;-) • Various other, security-relevant configuration settings. For example: • Prevent protocol version downgrade attacks (TLS_FALLBACK_SCSV) • Reject insecure renegotiation (support the Renegotiation Indication extension, RFC 5746) • Tell clients to always use TLS (Strict Transport Security (HSTS)) • Only use the TLS NULL compression method • Support OCSP stapling (RFC 6066) • Support session resumption
  • 28. Potential Client Issues • Mismatch of supported protocol versions • Mismatch of supported ciphersuites • Certificate Pinning • Will interfere with MITM attempts to de- and re-encrypt traffic (e.g., for inspection)
  • 29. Fun Tools • Dealing with certs • OpenSSL • Checking TLS configs • sslyze • www.ssllabs.com • observatory.mozilla.org • References • https://www.ssllabs.com/projects/documentation/

Editor's Notes

  1. https://pixabay.com/vectors/robber-burglar-bandit-stripes-303444/