Lesson 10: Attacks to the SSL Protocol

Similar documents
SSL/TLS: The Ugly Truth

SSL and Browsers: The Pillars of Broken Security

You re FREE Guide SSL. (Secure Sockets Layer) webvisions

Web Payment Security. A discussion of methods providing secure communication on the Internet. Zhao Huang Shahid Kahn

Overview Most of the documentation out there on the transition from SHA-1 certificates to SHA-2 certificates will tell you three things:

Securing the SSL/TLS channel against man-in-the-middle attacks: Future technologies - HTTP Strict Transport Security and Pinning of Certs

SSL BEST PRACTICES OVERVIEW

VIDEO Intypedia013en LESSON 13: DNS SECURITY. AUTHOR: Javier Osuna García-Malo de Molina. GMV Head of Security and Process Consulting Division

Securing VMware View Communication Channels with SSL Certificates TECHNICAL WHITE PAPER

HTTPS is Fast and Hassle-free with CloudFlare

Is Your SSL Website and Mobile App Really Secure?

BEGINNERS GUIDE TO SSL CERTIFICATES: Making the BEST choice when considering your online security options

Secure Web Appliance. SSL Intercept

Vulnerabilità dei protocolli SSL/TLS

Michael Coates michael-coates.blogspot.com

VIDEO Intypedia012en LESSON 12: WI FI NETWORKS SECURITY. AUTHOR: Raúl Siles. Founder and Security Analyst at Taddong

NIST ITL July 2012 CA Compromise

Introduction to Securing Data in Transit

WHITE PAPER. FortiWeb and the OWASP Top 10 Mitigating the most dangerous application security threats

OPENID AUTHENTICATION SECURITY

Where every interaction matters.

Transport Layer Security Protocols

Contents. Identity Assurance (Scott Rea Dartmouth College) IdM Workshop, Brisbane Australia, August 19, 2008

SSL Report: ebfl.srpskabanka.rs ( )

Dashlane Security Whitepaper

Bugzilla ID: Bugzilla Summary:

Secure HTTP

Best Practice Guide (SSL Implementation) for Mobile App Development 最 佳 行 事 指 引. Jointly published by. Publication version 1.

RFG Secure FTP. Web Interface

Secure Transfers. Contents. SSL-Based Services: HTTPS and FTPS 2. Generating A Certificate 2. Creating A Self-Signed Certificate 3

Analyzing DANE's Response to Known DNSsec Vulnerabilities

HTTPS Inspection with Cisco CWS

Topics in Network Security

Digital Certificates (Public Key Infrastructure) Reshma Afshar Indiana State University

SSL: Paved With Good Intentions. Richard Moore

Contents. Platform Compatibility. Known Issues

SSL Interception Proxies. Jeff Jarmoc Sr. Security Researcher Dell SecureWorks. and Transitive Trust

Public Key Infrastructure (PKI)

Certificate Management. PAN-OS Administrator s Guide. Version 7.0

BREAKING HTTPS WITH BGP HIJACKING. Artyom Gavrichenkov R&D Team Lead, Qrator Labs

Running head: SSL CERTIFICATE AUTHORITY ISSUES 1. Investigating Implementations Designed. to Resolve SSL Certificate Authority Issues.

SSL Certificate Verification

Three attacks in SSL protocol and their solutions

Server Security. Contents. Is Rumpus Secure? 2. Use Care When Creating User Accounts 2. Managing Passwords 3. Watch Out For Aliases 4

Security Issues with Integrated Smart Buildings

Installation and usage of SSL certificates: Your guide to getting it right

Using etoken for SSL Web Authentication. SSL V3.0 Overview

ADFS Integration Guidelines

ARPKI: Attack Resilient Public-Key Infrastructure

beginners guide Beginners Guide Certificates the best decision when considering your online security options.

Cleaning Encrypted Traffic

Welcome to the TransPerfect Translations Secure File Transfer Website What is Secure FTP?

Public Key Infrastructures

Implementation Vulnerabilities in SSL/TLS

Guidelines for Web applications protection with dedicated Web Application Firewall

SY system so that an unauthorized individual can take over an authorized session, or to disrupt service to authorized users.

CITRIX TROUBLESHOOTING TIPS

User Guide Supplement. S/MIME Support Package for BlackBerry Smartphones BlackBerry Pearl 8100 Series

Chapter 17. Transport-Level Security

Two Factor Authentication in SonicOS

SSL A discussion of the Secure Socket Layer

PROCEDURE FOR UPDATING LISTS THROUGH WEB INTERFACE

Last update: February 23, 2004

Web Application Firewall

Introduction. Purpose. Background. Details

A Study of What Really Breaks SSL HITB Amsterdam 2011

3.2: Transport Layer: SSL/TLS Secure Socket Layer (SSL) Transport Layer Security (TLS) Protocol

Experian Secure Transport Service

Websense Content Gateway HTTPS Configuration

Securing End-to-End Internet communications using DANE protocol

How to break in. Tecniche avanzate di pen testing in ambito Web Application, Internal Network and Social Engineering

SSL-TLS VPN 3.0 Certification Report. For: Array Networks, Inc.

Security Protocols/Standards

Credit Card Security

Extended SSL Certificates

New Tricks For Defeating SSL In Practice. Moxie Marlinspike

Security Guide. BlackBerry Enterprise Service 12. for ios, Android, and Windows Phone. Version 12.0

Setting Up SSL From Client to Web Server and Plugin to WAS

OpenAutonomy Authentication

ITL BULLETIN FOR JULY Preparing for and Responding to Certification Authority Compromise and Fraudulent Certificate Issuance

Check list for web developers

Scan Report Executive Summary. Part 2. Component Compliance Summary IP Address :

ISY994 Series Network Security Configuration Guide Requires firmware version Requires Java 1.7+

Proto Balance SSL TLS Off-Loading, Load Balancing. User Manual - SSL.

VIDEO intypedia007en LESSON 7: WEB APPLICATION SECURITY - INTRODUCTION TO SQL INJECTION TECHNIQUES. AUTHOR: Chema Alonso

Realize Greater Profits As An Authorized Reseller Of Network Solutions nsprotect Secure SSL Certificates

UNITED STATES OF AMERICA BEFORE THE FEDERAL TRADE COMMISSION. Julie Brill Maureen K. Ohlhausen Joshua D. Wright Terrell McSweeny

SSL Certificates 101

Understanding Digital Certificates and Secure Sockets Layer (SSL)

CHAPTER 7 SSL CONFIGURATION AND TESTING

Web Security (SSL) Tecniche di Sicurezza dei Sistemi 1

Web Application Penetration Testing

Transcription:

Lesson 10: Attacks to the SSL Protocol Luciano Bello - luciano@debian.org Chalmers University Dr. Alfonso Muñoz - amunoz@diatel.upm.es T>SIC Group. Universidad Politécnica de Madrid

Security of the SSL Protocol SSL is secure in its theoretical design; although this is a necessary, but insufficient condition. The "real security" of the SSL protocol must be specified. For example, its use on the Web goes far beyond the misconception that a page is secure if, and only if, it shows the famous "yellow padlock". 2

Security of the SSL Protocol Issues Programming failures Weaknesses Cryptanalysis and downgrade Misconfiguration Attacking OCSP Tricking the user Theft or compromising a trusted authority 3

Programming Failures Weaknesses Programming errors in implementations of the SSL Protocol affect its security Example: in 2008 the researcher Luciano Bello discovered problems with the OpenSSL/Debian random functions. This allowed to reverse random processes, forging X.509 certificates, SSH keys, etc. 4

Programming Failures Weaknesses Example: NULL byte attack (2009) Moxie Marlinspike discovered that the standards for SSL and the X.509 certificate define the CN (Common Name) string as a PASCAL string (the length of the string is declared in position 0 and the chain is inserted in the other positions). Interestingly, most certificate processing software is written in C. Such software usually handles the string as a C string, inserting a NULL "\0" at the end of the string to indicate where it ends. The problem comes when someone obtains a certificate using www.realbank.com\0www.atacker.org. When processed by a browser, only the first part will be read (www.realbank.com), making it easy to falsify the bank. 5

Cryptanalysis and Downgrade Weaknesses The use of cryptographic algorithms with vulnerabilities makes it easier to attack the protocol. Example: in the 25 th edition of the Chaos Communication Congress (2008) a SSL certificate was forged attacking the MD5 cryptographic algorithm. The use of older versions or downgrades forced by attackers should be avoided. 6

Misconfiguration Attacking OCSP If an attacker is performing a man-in-the-middle attack, they can intercept and use OCSP requests to their advantage. In a normal operation, a server using this protocol could send a Try Later response telling the client that it can't answer a request. The attacker could simulate this response, which has code 3 assigned, to tell the client that it is unable to attend its request at that moment. Given this situation, many Web clients will accept the digital certificate since they can't verify its validity. This is an obvious failure. 7

Tricking the User 1. Digital certificate created by the attacker. The web browser warns the user that the certificate isn't valid. The attack only takes place if the user accepts it. 8

Tricking the User 2. The SSLStrip Tool (Moxie Marlinspike, 2009) automates the man-in-the-middle attack to the SSL protocol. All the links with https are replaced by http, so the communication between the client and the attacker is done through http and the communication between attacker and server through https. 9

Tricking the User 3. In a hypothetical scenario, valid certificates of specific business entities for government forces could be created, for example, by court order. This would make a man-in-the-middle hardly detectable, as long as the certificate is valid and signed by a trusted authority. This could be done, for example, for a digital certificate with a specific serial number. 10

Theft or Compromising a Trusted Authority Fraudulent certificates signed by a trusted authority March 2011: SSL Certificates business line of the company Comodo in March 2011 Signing petitions were carried out without proper verification. This led to the issuance of false certificates for popular sites such as Google, Yahoo, Mozilla, etc. July 2011: Diginotar 11

Practical Advice The latest version of the TLS protocol with its recommended extensions is considered to be secure against known attacks. September 2011 (ekoparty Conference). Chosenplaintext attack against TLS v1.0 (no afecta TLS v1.1 y v1.2) Attacks that violate its security focus mainly on tricking the user with the URL to which they are connecting or with the digital certificate that authenticates the server. 12

Tips for Web Browsing 1. Use an updated Web browser 2. Connect directly to the https address using the URL. The "HTTPS Everywhere" add-on for Firefox can help automate this 3. Deny access to a website when the certificate is invalid 13

Tips for Web Browsing 4. Configure Web browsers so that they make OCSP checks by default 5. If the OCSP connection fails, the default certificate shouldn't be accepted as valid 14

Contact: info@intypedia.com

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information