TLS/SSL in distributed systems. Eugen Babinciuc

Transcription

1 TLS/SSL in distributed systems Eugen Babinciuc

2 Contents 1. Introduction to TLS/SSL 2. A quick review of cryptography 3. TLS/SSL in distributed systems 4. Conclusions

3 Introduction to TLS/SSL

4 TLS/SSL History Secure Sockets Layer (SSL) was originally developed by Netscape SSL 1.0 was never publicly released SSL 2.0 was released in 1995 SSL 3.0 was released in 1996 Transport Layer Security (TLS) TLS 1.0 was defined in 1999 and was an upgrade of SSL 3.0 TLS 1.1 was defined in 2006 TLS 1.2 was defined in 2008

5 Transport Layer Security (TLS) TLS is a security protocol that provides secure communication between applications over unsecured channels. It provides the following security properties: Privacy Data integrity

6 A quick review of Cryptography Symmetric Cryptography One shared key Asymmetric/Public Cryptography Key Pair Public Key Private Key

7 Symmetric Cryptography One Key

8 Asymmetric Cryptography Key Pair

9 Key Exchange Cl Client Server S Cl S

10 Secure data transmission Cl Client Server S Cl S S Cl S

11 A A A S Man in the Middle Attack (MiTM) Cl Client Server S Cl S Attacker

12 X.509 Certificate (TLS/SSL Certificate) example.com Server example.com S h CA Certificate Authority S CA S CA

13 Certificate Authority Cl S Client Server Cl S? CA =? h Certificate Authority S h CA S h CA CA

14 TLS/SSL protocol TLS protocol has two layers: - TLS Handshake Protocol - TLS Record Protocol

15 TLS/SSL Handshake protocol TLS Version Session ID Selected Cipher Random Number Client Verify Certificate ClientHello ServerHello Server Certificate ClientCertificate* ClientKeyExchange Finished Finished TLS Version Session ID List of Cipher Suites Random number Server Pre Master Key

16 TLS/SSL Handshake protocol - Agree on protocol version - Select cryptographic algorithms - Optionally authenticate each other - Establish a shared secret (master key)

17 TLS/SSL Record protocol - Uses the master key that was established during Handshake Protocol - Uses symmetric key cryptography - Ensures data confidentiality - Ensures data integrity

18 TLS/SSL Vulnerabilities What about the Heartbleed vulnerability? Isn t TLS/SSL broken?

19 Openssl Heartbleed Vulnerability Please send me back: Ping (4 letters) Ping (4 letters) Client Server

20 Openssl Heartbleed Vulnerability - TLS has a Heartbeat Extension, which is similar to an echo service. - It may be used for a Liveliness Check - It has two types of messages: HeartbeatRequest HeartbeatResponse

21 Openssl Heartbleed Vulnerability Please send me back: Ping; user=admin; Ping (100 letters) password=qwerty; private_key= (100 letters) Attacker Server

22 Openssl Heartbleed Vulnerability HeartbeatRequest Payload PayloadSize Attacker Payload = 1 byte PayloadSize = 64KB HeartbeatResponse Payload + other data PayloadSize Server Memory Payload

23 Cryptography summary - TLS is based on public key cryptography - Certificates should be signed by a CA - Self-Signed certificates are vulnerable to MiTM - Only the owner of the private key can decrypt the message that was encrypted with his public key

24 Typical HTTPS Communication HTTP + TLS = HTTPS HTTPS Client Server

25 Encapsulation of data TLS TCP Client Server

26 TLS in TCP/IP Stack Application Layer Transport Layer HTTP TCP, UDP TLS Network Layer IP Data link layer Ethernet

27 TLS in OSI Model Application Layer Presentation Layer Session Layer Transport layer Network layer Data link layer Physical layer HTTP TCP, UDP IP Ethernet TLS

28 Distributed applications

29 Distributed applications Client Load Balancer Back-end services

30 Distributed applications Load balancer features: Stickiness Client IP forwarding

31 Load Balancer with Stickiness Client Load Balancer Back-end services

32 Load Balancer without Stickiness Client Load Balancer Back-end services

33 Load Balancer and Client IP IP: IP: IP: IP: Client IP: Load Balancer IP: Back-end services

34 Case Studies on application architectures that use TLS

35 Different Architectures TLS architectures in distributed systems: HTTPS HTTP HTTPS HTTPS TCP TCP

36 First Case HTTPS - HTTP HTTPS Client Load Balancer Back-end services

37 Second Case HTTPS - HTTPS HTTPS Client Load Balancer Back-end services

38 Third Case TCP - TCP TCP HTTPS Client Load Balancer Back-end services

39 Proxy Protocol IP TCP Proxy Protocol DATA

40 "PROXY TCP \r\n" Proxy Protocol Proxy Protocol format: TCP/IPv4 (maximum 56 chars) "PROXY TCP \r\n TCP/IPv6 : (maximum 104 chars) "PROXY TCP6 ffff:f...f:ffff ffff:f...f:ffff \r\n"

41 Summary HTTPS-HTTP Supports Sticky Sessions Supports X-Forwarded-For header Internal network should be trusted HTTPS-HTTPS Supports Sticky Sessions Supports X-Forwarded-For header SSL certificate should be installed on load balancer

42 Summary TCP-TCP Generic TCP load balancer Should be used Proxy Protocol header Provides best security

43 TLS in AWS Client Elastic Load Balancer EC2 Instances AWS Cloud

44 Conclusions You should use TLS for secure communication between applications. There are multiple architectures that use TLS in distributed systems, your choice should be made based on your needs.

45 ?