MM
Uploaded byMaarten Mulders
116 views

SSL/TLS for Mortals (Oracle Groundbreaker EMEA Virtual Tour)

The document discusses SSL/TLS security protocols, including historical versions and issues like SSL handshake exceptions due to invalid certificate paths. It covers concepts such as public/private key encryption, digital certificates, and the roles of certificate authorities, along with troubleshooting techniques and best practices for secure connections. Emphasis is placed on the importance of using TLS versions 1.2 or 1.3 and being cautious about whom to trust.

Embed presentation

Download to read offline
SSL/TLS M Maarten Mulders (@mthmulders)  OGB EMEA Virtual Tour #tlsformortals
T L S Awesome Sauce, or... Maarten Mulders (@mthmulders)  OGB EMEA Virtual Tour #tlsformortals
H 🤯Exception in thread "main" javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: at sun.security.ssl.Alerts.getSSLException(Alerts.java:192) at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1949) at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:302) at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:296) at sun.security.ssl.ClientHandshaker.serverCertif cate(ClientHandshaker.java:1506) at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:216) at sun.security.ssl.Handshaker.processLoop(Handshaker.java:979) at sun.security.ssl.Handshaker.process_record(Handshaker.java:914) at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1062) at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1375) at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1403) at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1387) at sun.net. .protocol.https.HttpsClient.afterConnect(HttpsClient.java:559) at sun.net. .protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185) at sun.net. .protocol.http.HttpURLConnection.getInputStream0(HttpURLConnection.java:1512) at sun.net. .protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1440) at sun.net. .protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:254) at it.mulders.maarten.Demo.main(Demo.java:13) Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderExc at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:387) at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:292) at sun.security.validator.Validator.validate(Validator.java:260) at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:324) at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:229) at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:124) at sun.security.ssl.ClientHandshaker.serverCertif cate(ClientHandshaker.java:1488) 13 more Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to f nd valid certif cation path to requested target at sun.security.provider.certpath.SunCertPathBuilder.build(SunCertPathBuilder.java:146) at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:131) at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:280) at sun security validator PKIXValidator doBuild(PKIXValidator java:382) Maarten Mulders (@mthmulders)  OGB EMEA Virtual Tour #tlsformortals
7 L OSI M data unit layers Data Data Data Segments Packets Frames Bits Application Network Process to Application Presentation Data Representation and Encryption Session Interhost Communication Transport End-to-End Connections and Reliability Network Path Determination and Logical Addressing (IP) Data Link Physical Addressing (MAC and LLC) Physical Media, Signal and Binary Transmission HostLayersMediaLayers Maarten Mulders (@mthmulders)  OGB EMEA Virtual Tour #tlsformortals
H SSL TLS SSL 1.0 never released SSL 2.0 1995 - 2011 (POODLE) SSL 3.0 1996 - 2014 (POODLE) TLS 1.0 1999 - 2011 (BEAST) TLS 1.1 2006 TLS 1.2 2008 TLS 1.3 2018 Maarten Mulders (@mthmulders)  OGB EMEA Virtual Tour #tlsformortals
D What's the issue?! Maarten Mulders (@mthmulders)  OGB EMEA Virtual Tour #tlsformortals
H . public/private key encryption . signed certificates . certificate authorities Maarten Mulders (@mthmulders)  OGB EMEA Virtual Tour #tlsformortals
1 P P K E Maarten Mulders (@mthmulders)  OGB EMEA Virtual Tour #tlsformortals
M . Select two prime numbers: . Calculate product: . Select random number < product: . Find d, so that a. b. c. d. Note that varies with : when . p = 11, q = 17 p ∗ q = 187 e = 3 (d ∗ e) − 1 mod (p − 1) ∗ (q − 1) = 0 (d ∗ 3) − 1 mod (10 ∗ 16) = 0 320 mod 160 = 0 (321 − 1) mod 160 = 0 (107 ∗ 3) = 321 ⇒ d = 107 d e e = 75, d = 183 Maarten Mulders (@mthmulders)  OGB EMEA Virtual Tour #tlsformortals
N , P Q . . Find d, so that Pretty hard without knowing and ! As soon as we know , calculating is trivial (again). p ∗ q = 299, e = 5 (d ∗ e) − 1 mod (p − 1) ∗ (q − 1) = 0 p q p = 13, q = 23 d = 317 Maarten Mulders (@mthmulders)  OGB EMEA Virtual Tour #tlsformortals
For big enough and , finding those factors will cost an eternity! So we can distribute and even ! p q p ∗ q e Maarten Mulders (@mthmulders)  OGB EMEA Virtual Tour #tlsformortals
L "G" p ∗ q = 187, e = 3, G ⇒ 7 = = 3437 e 7 3 343 mod 187 = 156 Maarten Mulders (@mthmulders)  OGB EMEA Virtual Tour #tlsformortals
L "156" Since we know and , we can calculatep q d = 107 = ≈ 4.6 ∗156 d 156 107 10 234 mod 187 = 7156 107 7 ⇒ G Maarten Mulders (@mthmulders)  OGB EMEA Virtual Tour #tlsformortals
N Client Server 1 ClientHello → 2 ← ServerHello 3 ← Certificate 4 ← ServerKeyExchange 5 ← ServerHelloDone 6 ClientKeyExchange → 7 ChangeCipherSpec → 8 Finished → 9 ← ChangeCipherSpec 10 ← Finished Maarten Mulders (@mthmulders)  OGB EMEA Virtual Tour #tlsformortals
D No-one is eavesdropping! Maarten Mulders (@mthmulders)  OGB EMEA Virtual Tour #tlsformortals
2 S C Maarten Mulders (@mthmulders)  OGB EMEA Virtual Tour #tlsformortals
A certificate contains: Serial Number Subject Validity Usage Public Key Fingerprint Algorithm Fingerprint Maarten Mulders (@mthmulders)  OGB EMEA Virtual Tour #tlsformortals
But wait... anyone could create a certificate! So we also need Signature Algorithm Signature Issuer ... and a way to sign certificates. Maarten Mulders (@mthmulders)  OGB EMEA Virtual Tour #tlsformortals
A signature is a mathematical relationship between a message , a private key and a public key . It consists of two functions: . signing function . verifying function So, given and and knowing , we can tell if is indeed signed by . x sk pk t = f (sk, x) [accept, reject] = g(pk, t, x) x t pk x sk Maarten Mulders (@mthmulders)  OGB EMEA Virtual Tour #tlsformortals
3 C A Maarten Mulders (@mthmulders)  OGB EMEA Virtual Tour #tlsformortals
An entity that issues digital certificates, certifying the ownership of a public key by the subject of the certificate. Maarten Mulders (@mthmulders)  OGB EMEA Virtual Tour #tlsformortals
I John ? Alice So, who is John, anyway? Many John's in todays browsers and operating systems! “I can trust you, because I trust John, and John trusts Alice, and Alice trusts you. Maarten Mulders (@mthmulders)  OGB EMEA Virtual Tour #tlsformortals
Top-notch security procedures, including "key ceremonies" Maarten Mulders (@mthmulders)  OGB EMEA Virtual Tour #tlsformortals
/** intentionally left blank */ Maarten Mulders (@mthmulders)  OGB EMEA Virtual Tour #tlsformortals
W Google blacklists 247 certificates in Chromium Microsoft removes the DigiNotar root certificate from all supported Windows-releases * Mozilla revokes trust in the DigiNotar root certificate in all supported versions Apple issued Security Update 2011-005 Update Certificate Revocation Lists (although these are self- signed) Maarten Mulders (@mthmulders)  OGB EMEA Virtual Tour #tlsformortals
D Trust (for what it's worth) Maarten Mulders (@mthmulders)  OGB EMEA Virtual Tour #tlsformortals
T , T T Maarten Mulders (@mthmulders)  OGB EMEA Virtual Tour #tlsformortals
Simple HTTP client with TLS support: curl -v -k <address> Troubleshoot trust issues and see certificates being used: openssl s_client -showcerts -servername <address> - connect <address>:443 Troubleshoot supported protocols, ciphers, ...: nmap --script ssl-enum-ciphers -p 443 <address> Trace (or even decrypt) TLS traffic: ssldump -i eth0 port 443 and host <address> (add -Ad -k <keyfile> -p <password> for decryption) Maarten Mulders (@mthmulders)  OGB EMEA Virtual Tour #tlsformortals
JVM S -Djavax.net.ssl.trustStore=<file> Denotes where a truststore can be found: a file that contains trusted certs. -Djavax.net.ssl.trustStorePassword=changeit is the password to that file. Maarten Mulders (@mthmulders)  OGB EMEA Virtual Tour #tlsformortals
JVM S -Djavax.net.ssl.keyStore=<file> Denotes where a keystore can be found: a file that contains public and/or private keys. -Djavax.net.ssl.keyStorePassword=changeit is the password to that file. Maarten Mulders (@mthmulders)  OGB EMEA Virtual Tour #tlsformortals
JVM S -Djavax.net.debug=ssl[:flag] Include debug logging for TLS handshake and connections. Additional flags: record session sessioncache pluggability plaintext handshake defaultctx keymanager data packet keygen sslctx trustmanager verbose Maarten Mulders (@mthmulders)  OGB EMEA Virtual Tour #tlsformortals
P Maarten Mulders (@mthmulders)  OGB EMEA Virtual Tour #tlsformortals
P 🔑 - . Don't use SSL! Use TLS v1.2 or v1.3. . Be careful whom you trust! . When in doubt, open your toolbox: openssl, curl, nmap, ssldump and Portecle Maarten Mulders (@mthmulders)  OGB EMEA Virtual Tour #tlsformortals
Q I Router by Public Key Krüpto by , , and ( ) Puss In Boots by IANA Root KSK Ceremony #36 @ Beverwijk by @ unknown author Sándor P. Fekete Sebastian Morr Sebastian Stiller @ideainstruction kisspng https://www.iana.org/dnssec/ceremonies/36 Gerard Hogervorst Wikimedia Commons Maarten Mulders (@mthmulders)  OGB EMEA Virtual Tour #tlsformortals

More Related Content

PDF
Public Key Cryptography
byAbhijit Mondal
 
PDF
SSL/TLS for Mortals (Devoxx UK)
byMaarten Mulders
 
PDF
SSL/TLS for Mortals (Lockdown Lecture)
byMaarten Mulders
 
PDF
SSL/TLS for Mortals (JavaLand)
byMaarten Mulders
 
PDF
Whispered secrets
byEleanor McHugh
 
PDF
Whispered secrets
byEleanor McHugh
 
PPTX
Technology, Process, and Strategy
byereddick
 
PPTX
Catching Pitfalls in Authentication Implementations (Yuchen Zhou)
byDavid Evans
 
Public Key Cryptography
byAbhijit Mondal
 
SSL/TLS for Mortals (Devoxx UK)
byMaarten Mulders
 
SSL/TLS for Mortals (Lockdown Lecture)
byMaarten Mulders
 
SSL/TLS for Mortals (JavaLand)
byMaarten Mulders
 
Whispered secrets
byEleanor McHugh
 
Whispered secrets
byEleanor McHugh
 
Technology, Process, and Strategy
byereddick
 
Catching Pitfalls in Authentication Implementations (Yuchen Zhou)
byDavid Evans
 

Similar to SSL/TLS for Mortals (Oracle Groundbreaker EMEA Virtual Tour)

PDF
TLS/SSL Internet Security Talk
byNisheed KM
 
PDF
SSL/TLS for Mortals (Voxxed Days Luxembourg)
byMaarten Mulders
 
PDF
Case Studies and Lessons Learned from SSL/TLS Certificate Verification Vulner...
byJPCERT Coordination Center
 
PDF
TLS and Certificates
byKarri Huhtanen
 
PDF
SSL: Past, Present and Future
byLuis Grangeia
 
PDF
Securing Data in Transit -
bywolfSSL
 
PDF
wolfSSL and TLS 1.3
bywolfSSL
 
PPTX
SSL/TLS 101
byChul-Woong Yang
 
PDF
SSL/TLS for Mortals (UtrechtJUG)
byMaarten Mulders
 
PDF
SSL/TLS for Mortals (Devoxx)
byMaarten Mulders
 
PDF
SSL/TLS for Mortals (GOTO Berlin)
byMaarten Mulders
 
PDF
SSL/TLS for Mortals (Devoxx FR 2018)
byMaarten Mulders
 
PDF
SSL/TLS for Mortals (JavaZone)
byMaarten Mulders
 
PDF
SSL/TLS for Mortals (JAX DE 2018)
byMaarten Mulders
 
PDF
SSL/TLS for Mortals (DevNexus)
byMaarten Mulders
 
PDF
SSL/TLS for Mortals (JavaOne 2017)
byMaarten Mulders
 
PDF
SSL/TLS for Mortals (J-Fall)
byMaarten Mulders
 
PDF
SSL: Past, Present and Future
byTiago Mendo
 
PDF
"The Sorry State of SSL" Hynek Schlawack, PyConRu 2014
byit-people
 
PDF
SSL/TLS 101
byChul-Woong Yang
 
TLS/SSL Internet Security Talk
byNisheed KM
 
SSL/TLS for Mortals (Voxxed Days Luxembourg)
byMaarten Mulders
 
Case Studies and Lessons Learned from SSL/TLS Certificate Verification Vulner...
byJPCERT Coordination Center
 
TLS and Certificates
byKarri Huhtanen
 
SSL: Past, Present and Future
byLuis Grangeia
 
Securing Data in Transit -
bywolfSSL
 
wolfSSL and TLS 1.3
bywolfSSL
 
SSL/TLS 101
byChul-Woong Yang
 
SSL/TLS for Mortals (UtrechtJUG)
byMaarten Mulders
 
SSL/TLS for Mortals (Devoxx)
byMaarten Mulders
 
SSL/TLS for Mortals (GOTO Berlin)
byMaarten Mulders
 
SSL/TLS for Mortals (Devoxx FR 2018)
byMaarten Mulders
 
SSL/TLS for Mortals (JavaZone)
byMaarten Mulders
 
SSL/TLS for Mortals (JAX DE 2018)
byMaarten Mulders
 
SSL/TLS for Mortals (DevNexus)
byMaarten Mulders
 
SSL/TLS for Mortals (JavaOne 2017)
byMaarten Mulders
 
SSL/TLS for Mortals (J-Fall)
byMaarten Mulders
 
SSL: Past, Present and Future
byTiago Mendo
 
"The Sorry State of SSL" Hynek Schlawack, PyConRu 2014
byit-people
 
SSL/TLS 101
byChul-Woong Yang
 

More from Maarten Mulders

PDF
React in 40 minutes (JCON)
byMaarten Mulders
 
PDF
React in 45 Minutes (Jfokus)
byMaarten Mulders
 
PDF
Dapr: Dinosaur or Developer Dream? (J-Fall)
byMaarten Mulders
 
PDF
React in 40 minutes (Voxxed Days Romania)
byMaarten Mulders
 
PDF
Dapr: Dinosaur or Developer's Dream? (v1)
byMaarten Mulders
 
PDF
React in 50 Minutes (DevNexus)
byMaarten Mulders
 
PDF
React in 50 Minutes (OpenValue)
byMaarten Mulders
 
PDF
React in 50 Minutes (JNation)
byMaarten Mulders
 
PDF
React in 50 minutes (Bucharest Software Craftsmanship Community)
byMaarten Mulders
 
PDF
Building web applications with React (Jfokus)
byMaarten Mulders
 
PDF
Building a DSL with GraalVM (CodeOne)
byMaarten Mulders
 
PDF
Building a DSL with GraalVM (Devoxx PL)
byMaarten Mulders
 
PDF
Building a DSL with GraalVM (Full Stack Antwerpen)
byMaarten Mulders
 
PDF
Building a DSL with GraalVM (Oracle Groundbreaker APAC Virtual Tour)
byMaarten Mulders
 
PDF
Building a DSL with GraalVM (javaBin online)
byMaarten Mulders
 
PDF
Making Maven Marvellous (J-Fall)
byMaarten Mulders
 
PDF
What's cooking in Maven? (Devoxx FR)
byMaarten Mulders
 
PDF
Making Maven Marvellous (Devnexus)
byMaarten Mulders
 
PDF
Making Maven Marvellous (JavaZone)
byMaarten Mulders
 
PDF
Making Maven Marvellous (Java.il)
byMaarten Mulders
 
React in 40 minutes (JCON)
byMaarten Mulders
 
React in 45 Minutes (Jfokus)
byMaarten Mulders
 
Dapr: Dinosaur or Developer Dream? (J-Fall)
byMaarten Mulders
 
React in 40 minutes (Voxxed Days Romania)
byMaarten Mulders
 
Dapr: Dinosaur or Developer's Dream? (v1)
byMaarten Mulders
 
React in 50 Minutes (DevNexus)
byMaarten Mulders
 
React in 50 Minutes (OpenValue)
byMaarten Mulders
 
React in 50 Minutes (JNation)
byMaarten Mulders
 
React in 50 minutes (Bucharest Software Craftsmanship Community)
byMaarten Mulders
 
Building web applications with React (Jfokus)
byMaarten Mulders
 
Building a DSL with GraalVM (CodeOne)
byMaarten Mulders
 
Building a DSL with GraalVM (Devoxx PL)
byMaarten Mulders
 
Building a DSL with GraalVM (Full Stack Antwerpen)
byMaarten Mulders
 
Building a DSL with GraalVM (Oracle Groundbreaker APAC Virtual Tour)
byMaarten Mulders
 
Building a DSL with GraalVM (javaBin online)
byMaarten Mulders
 
Making Maven Marvellous (J-Fall)
byMaarten Mulders
 
What's cooking in Maven? (Devoxx FR)
byMaarten Mulders
 
Making Maven Marvellous (Devnexus)
byMaarten Mulders
 
Making Maven Marvellous (JavaZone)
byMaarten Mulders
 
Making Maven Marvellous (Java.il)
byMaarten Mulders
 

Recently uploaded

PDF
Step-by-Step Guide to Building Fast Flutter Web Sites
byShiv Technolabs Pvt. Ltd.
 
PDF
Reusable technology: Saving development time with shared Unity plug-ins and S...
byBruno Cicanci
 
PDF
Guidewire Vs. Openkoda: Customizable, Open Alternative to Lagacy Core Systems
byOpenkoda
 
PDF
MGA Insurance Product Launch Acceleration
byOpenkoda
 
PPTX
OpenID AuthZEN Overview - Gartner IAM 25
byDavid Brossard
 
PPTX
The OpenChain China Mini-Summit at COSCON 2025
byShane Coughlan
 
PPTX
Magnet-AXIOM_overview_tool_cyber_tool.pptx
byashishtjoseph
 
PDF
Anchore Enterprise Q4 2025 Release Webinar
byAnchore
 
PPTX
#15 All About Anypoint MQ - Calicut MuleSoft Meetup Group
bycalicutmulesoftmeetu
 
PPTX
Binance Smart Chain Development Guide.pptx
bylakshubadai
 
PPTX
GDS Integration Solution | GDS Integration Service
byyugababu033
 
PDF
Ch2 -ENG.pdf COMPUTER ARCHITECTURE L2 INFO
byrogase8895
 
PDF
Advanced Prompt Engineering: The Art and Science
byMaxim Salnikov
 
PDF
Red Hat Summit 2025 - Triton GPU Kernel programming.pdf
bySanjeev Rampal
 
PDF
IT Estate Modernization: Transform Your Infrastructure for the Future .pdf
byAstuteBusiness
 
PPTX
Reimagining Service with AI Voice Agents | Webinar
byCEPTES Software
 
PDF
How Does AI Improve Location-Based Mobile App Development for Businesses.pdf
byNet-Craft.com
 
PDF
Resource-Levelled Critical-Path Analysis Balancing Time, Cost and Constraints
byOrangescrum
 
PDF
Data structure using C :UNIT-I Introduction to Data structures and Stacks BCA...
byKuvempu University
 
PDF
Cybersecurity Alert- What Organisations Must Watch Out For This Christmas Fes...
byCybernetic Global Intelligence
 
Step-by-Step Guide to Building Fast Flutter Web Sites
byShiv Technolabs Pvt. Ltd.
 
Reusable technology: Saving development time with shared Unity plug-ins and S...
byBruno Cicanci
 
Guidewire Vs. Openkoda: Customizable, Open Alternative to Lagacy Core Systems
byOpenkoda
 
MGA Insurance Product Launch Acceleration
byOpenkoda
 
OpenID AuthZEN Overview - Gartner IAM 25
byDavid Brossard
 
The OpenChain China Mini-Summit at COSCON 2025
byShane Coughlan
 
Magnet-AXIOM_overview_tool_cyber_tool.pptx
byashishtjoseph
 
Anchore Enterprise Q4 2025 Release Webinar
byAnchore
 
#15 All About Anypoint MQ - Calicut MuleSoft Meetup Group
bycalicutmulesoftmeetu
 
Binance Smart Chain Development Guide.pptx
bylakshubadai
 
GDS Integration Solution | GDS Integration Service
byyugababu033
 
Ch2 -ENG.pdf COMPUTER ARCHITECTURE L2 INFO
byrogase8895
 
Advanced Prompt Engineering: The Art and Science
byMaxim Salnikov
 
Red Hat Summit 2025 - Triton GPU Kernel programming.pdf
bySanjeev Rampal
 
IT Estate Modernization: Transform Your Infrastructure for the Future .pdf
byAstuteBusiness
 
Reimagining Service with AI Voice Agents | Webinar
byCEPTES Software
 
How Does AI Improve Location-Based Mobile App Development for Businesses.pdf
byNet-Craft.com
 
Resource-Levelled Critical-Path Analysis Balancing Time, Cost and Constraints
byOrangescrum
 
Data structure using C :UNIT-I Introduction to Data structures and Stacks BCA...
byKuvempu University
 
Cybersecurity Alert- What Organisations Must Watch Out For This Christmas Fes...
byCybernetic Global Intelligence
 

SSL/TLS for Mortals (Oracle Groundbreaker EMEA Virtual Tour)

  • 1.
    SSL/TLS M Maarten Mulders (@mthmulders)  OGBEMEA Virtual Tour #tlsformortals
  • 2.
    T L S AwesomeSauce, or... Maarten Mulders (@mthmulders)  OGB EMEA Virtual Tour #tlsformortals
  • 3.
    H 🤯Exception inthread "main" javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: at sun.security.ssl.Alerts.getSSLException(Alerts.java:192) at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1949) at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:302) at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:296) at sun.security.ssl.ClientHandshaker.serverCertif cate(ClientHandshaker.java:1506) at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:216) at sun.security.ssl.Handshaker.processLoop(Handshaker.java:979) at sun.security.ssl.Handshaker.process_record(Handshaker.java:914) at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1062) at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1375) at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1403) at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1387) at sun.net. .protocol.https.HttpsClient.afterConnect(HttpsClient.java:559) at sun.net. .protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185) at sun.net. .protocol.http.HttpURLConnection.getInputStream0(HttpURLConnection.java:1512) at sun.net. .protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1440) at sun.net. .protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:254) at it.mulders.maarten.Demo.main(Demo.java:13) Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderExc at sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:387) at sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:292) at sun.security.validator.Validator.validate(Validator.java:260) at sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:324) at sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:229) at sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:124) at sun.security.ssl.ClientHandshaker.serverCertif cate(ClientHandshaker.java:1488) 13 more Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to f nd valid certif cation path to requested target at sun.security.provider.certpath.SunCertPathBuilder.build(SunCertPathBuilder.java:146) at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPathBuilder.java:131) at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:280) at sun security validator PKIXValidator doBuild(PKIXValidator java:382) Maarten Mulders (@mthmulders)  OGB EMEA Virtual Tour #tlsformortals
  • 5.
    7 L OSIM data unit layers Data Data Data Segments Packets Frames Bits Application Network Process to Application Presentation Data Representation and Encryption Session Interhost Communication Transport End-to-End Connections and Reliability Network Path Determination and Logical Addressing (IP) Data Link Physical Addressing (MAC and LLC) Physical Media, Signal and Binary Transmission HostLayersMediaLayers Maarten Mulders (@mthmulders)  OGB EMEA Virtual Tour #tlsformortals
  • 6.
    H SSL TLS SSL1.0 never released SSL 2.0 1995 - 2011 (POODLE) SSL 3.0 1996 - 2014 (POODLE) TLS 1.0 1999 - 2011 (BEAST) TLS 1.1 2006 TLS 1.2 2008 TLS 1.3 2018 Maarten Mulders (@mthmulders)  OGB EMEA Virtual Tour #tlsformortals
  • 7.
    D What's the issue?! MaartenMulders (@mthmulders)  OGB EMEA Virtual Tour #tlsformortals
  • 8.
    H . public/private keyencryption . signed certificates . certificate authorities Maarten Mulders (@mthmulders)  OGB EMEA Virtual Tour #tlsformortals
  • 9.
    1 P P KE Maarten Mulders (@mthmulders)  OGB EMEA Virtual Tour #tlsformortals
  • 12.
    M . Select twoprime numbers: . Calculate product: . Select random number < product: . Find d, so that a. b. c. d. Note that varies with : when . p = 11, q = 17 p ∗ q = 187 e = 3 (d ∗ e) − 1 mod (p − 1) ∗ (q − 1) = 0 (d ∗ 3) − 1 mod (10 ∗ 16) = 0 320 mod 160 = 0 (321 − 1) mod 160 = 0 (107 ∗ 3) = 321 ⇒ d = 107 d e e = 75, d = 183 Maarten Mulders (@mthmulders)  OGB EMEA Virtual Tour #tlsformortals
  • 13.
    N , PQ . . Find d, so that Pretty hard without knowing and ! As soon as we know , calculating is trivial (again). p ∗ q = 299, e = 5 (d ∗ e) − 1 mod (p − 1) ∗ (q − 1) = 0 p q p = 13, q = 23 d = 317 Maarten Mulders (@mthmulders)  OGB EMEA Virtual Tour #tlsformortals
  • 14.
    For big enoughand , finding those factors will cost an eternity! So we can distribute and even ! p q p ∗ q e Maarten Mulders (@mthmulders)  OGB EMEA Virtual Tour #tlsformortals
  • 15.
    L "G" p ∗q = 187, e = 3, G ⇒ 7 = = 3437 e 7 3 343 mod 187 = 156 Maarten Mulders (@mthmulders)  OGB EMEA Virtual Tour #tlsformortals
  • 16.
    L "156" Since weknow and , we can calculatep q d = 107 = ≈ 4.6 ∗156 d 156 107 10 234 mod 187 = 7156 107 7 ⇒ G Maarten Mulders (@mthmulders)  OGB EMEA Virtual Tour #tlsformortals
  • 18.
    N Client Server 1 ClientHello→ 2 ← ServerHello 3 ← Certificate 4 ← ServerKeyExchange 5 ← ServerHelloDone 6 ClientKeyExchange → 7 ChangeCipherSpec → 8 Finished → 9 ← ChangeCipherSpec 10 ← Finished Maarten Mulders (@mthmulders)  OGB EMEA Virtual Tour #tlsformortals
  • 19.
    D No-one is eavesdropping! MaartenMulders (@mthmulders)  OGB EMEA Virtual Tour #tlsformortals
  • 20.
    2 S C Maarten Mulders(@mthmulders)  OGB EMEA Virtual Tour #tlsformortals
  • 21.
    A certificate contains: SerialNumber Subject Validity Usage Public Key Fingerprint Algorithm Fingerprint Maarten Mulders (@mthmulders)  OGB EMEA Virtual Tour #tlsformortals
  • 22.
    But wait... anyonecould create a certificate! So we also need Signature Algorithm Signature Issuer ... and a way to sign certificates. Maarten Mulders (@mthmulders)  OGB EMEA Virtual Tour #tlsformortals
  • 24.
    A signature isa mathematical relationship between a message , a private key and a public key . It consists of two functions: . signing function . verifying function So, given and and knowing , we can tell if is indeed signed by . x sk pk t = f (sk, x) [accept, reject] = g(pk, t, x) x t pk x sk Maarten Mulders (@mthmulders)  OGB EMEA Virtual Tour #tlsformortals
  • 25.
    3 C A Maarten Mulders(@mthmulders)  OGB EMEA Virtual Tour #tlsformortals
  • 26.
    An entity thatissues digital certificates, certifying the ownership of a public key by the subject of the certificate. Maarten Mulders (@mthmulders)  OGB EMEA Virtual Tour #tlsformortals
  • 27.
    I John ? Alice So, who isJohn, anyway? Many John's in todays browsers and operating systems! “I can trust you, because I trust John, and John trusts Alice, and Alice trusts you. Maarten Mulders (@mthmulders)  OGB EMEA Virtual Tour #tlsformortals
  • 28.
    Top-notch security procedures,including "key ceremonies" Maarten Mulders (@mthmulders)  OGB EMEA Virtual Tour #tlsformortals
  • 31.
    /** intentionally leftblank */ Maarten Mulders (@mthmulders)  OGB EMEA Virtual Tour #tlsformortals
  • 32.
    W Google blacklists 247certificates in Chromium Microsoft removes the DigiNotar root certificate from all supported Windows-releases * Mozilla revokes trust in the DigiNotar root certificate in all supported versions Apple issued Security Update 2011-005 Update Certificate Revocation Lists (although these are self- signed) Maarten Mulders (@mthmulders)  OGB EMEA Virtual Tour #tlsformortals
  • 33.
    D Trust (for whatit's worth) Maarten Mulders (@mthmulders)  OGB EMEA Virtual Tour #tlsformortals
  • 34.
    T , TT Maarten Mulders (@mthmulders)  OGB EMEA Virtual Tour #tlsformortals
  • 35.
    Simple HTTP clientwith TLS support: curl -v -k <address> Troubleshoot trust issues and see certificates being used: openssl s_client -showcerts -servername <address> - connect <address>:443 Troubleshoot supported protocols, ciphers, ...: nmap --script ssl-enum-ciphers -p 443 <address> Trace (or even decrypt) TLS traffic: ssldump -i eth0 port 443 and host <address> (add -Ad -k <keyfile> -p <password> for decryption) Maarten Mulders (@mthmulders)  OGB EMEA Virtual Tour #tlsformortals
  • 36.
    JVM S -Djavax.net.ssl.trustStore=<file> Denotes wherea truststore can be found: a file that contains trusted certs. -Djavax.net.ssl.trustStorePassword=changeit is the password to that file. Maarten Mulders (@mthmulders)  OGB EMEA Virtual Tour #tlsformortals
  • 37.
    JVM S -Djavax.net.ssl.keyStore=<file> Denotes wherea keystore can be found: a file that contains public and/or private keys. -Djavax.net.ssl.keyStorePassword=changeit is the password to that file. Maarten Mulders (@mthmulders)  OGB EMEA Virtual Tour #tlsformortals
  • 38.
    JVM S -Djavax.net.debug=ssl[:flag] Include debuglogging for TLS handshake and connections. Additional flags: record session sessioncache pluggability plaintext handshake defaultctx keymanager data packet keygen sslctx trustmanager verbose Maarten Mulders (@mthmulders)  OGB EMEA Virtual Tour #tlsformortals
  • 39.
    P Maarten Mulders (@mthmulders)  OGBEMEA Virtual Tour #tlsformortals
  • 40.
    P 🔑 - .Don't use SSL! Use TLS v1.2 or v1.3. . Be careful whom you trust! . When in doubt, open your toolbox: openssl, curl, nmap, ssldump and Portecle Maarten Mulders (@mthmulders)  OGB EMEA Virtual Tour #tlsformortals
  • 41.
    Q I Router by Public KeyKrüpto by , , and ( ) Puss In Boots by IANA Root KSK Ceremony #36 @ Beverwijk by @ unknown author Sándor P. Fekete Sebastian Morr Sebastian Stiller @ideainstruction kisspng https://www.iana.org/dnssec/ceremonies/36 Gerard Hogervorst Wikimedia Commons Maarten Mulders (@mthmulders)  OGB EMEA Virtual Tour #tlsformortals