NCSC conference, january 23, 2013 Marco Davids Technical Advisor. DANE, the next big thing (after DNSSEC)

Similar documents

Websense Security Gateway Encryption

Global Chambersign Root 2003 Sep Sep SHA-1 Websites Code

Websense TRITON AP- Message Encryption

Decrease Your Circle of Trust: An Investigation of PKI CAs on Mobile Devices

Internet SSL Survey 2010! Black Hat USA 2010

Information on secure communication. ALDI SOUTH group

WEB SERVICES CERTIFICATE GUIDE

DNSSEC - Why Network Operators Should Care And How To Accelerate Deployment

Comodo Certification Practice Statement

ECC Certificate Addendum to the Comodo EV Certification Practice Statement v.1.03

Global SSL Certification Market

Do you TRUST me? Author: Bill Corbitt

Boundary Encryption Service. MTA Setup Guide

Introduction to the DANE Protocol

Public Key Infrastructures

SSL and Browsers: The Pillars of Broken Security

Siemens PKI Certificate Authority (CA) Hierarchy

An Observatory for the SSLiverse. Peter Eckersley, Jesse Burns

Securing End-to-End Internet communications using DANE protocol

Windows Mobile SSL Certificates

Support Advisory: ArubaOS Default Certificate Expiration

Creating Trust Online TM. Identity & Trust Assurance in a changing standards environment. *(Extended Validation)

ALTERNATIVES TO CERTIFICATION AUTHORITIES FOR A SECURE WEB

SSL/TLS: The Ugly Truth

Overview of CSS SSL. SSL Cryptography Overview CHAPTER

Deploying DNSSEC: From End-Customer To Content

A Step-by-Step guide for implementing DANE with a Proof of Concept

3. April 2013 IT ZERTIFIKATE. Zertifizierungsstellen / Certification Center. IT Sicherheit UNTERNEHMENSBEREICH IT

BT Office Anywhere Configuring Mobile Outlook Synchronisation with Exchange Server

Digital Certificates (Public Key Infrastructure) Reshma Afshar Indiana State University

Analyzing DANE's Response to Known DNSsec Vulnerabilities

CA/Browser Forum. Baseline Requirements for the Issuance and Management of Publicly-Trusted Certificates, v.1.2.3

DNSSEC Applying cryptography to the Domain Name System

DomainWire. Edition 11 Q Council of European National Top level Domain Registries -

Overview. SSL Cryptography Overview CHAPTER 1

Comodo Certification Practice Statement

Why strong Validation processes for SSL are essential for the preservation of trust in the Internet economy

One year of DANE Tales and Lessons Learned. sys4.de

Introduction to Network Security Key Management and Distribution

More on SHA-1 deprecation:

BEGINNERS GUIDE TO SSL CERTIFICATES: Making the BEST choice when considering your online security options

SSL BEST PRACTICES OVERVIEW

A Proper Foundation: Extended Validation SSL

EMET 4.0 PKI MITIGATION. Neil Sikka DefCon 21

GlobalSign Digital IDs for Adobe AIR Code Signing

CA/Browser Forum. Baseline Requirements for the Issuance and Management of Publicly-Trusted Certificates, v.1.0

The USP Maker for the hosting industry Welcome to my presentation Christian Heutger WorldHostingDay

Entrust Managed Services PKI. Getting an end-user Entrust certificate using Entrust Authority Administration Services. Document issue: 2.

Extended SSL Certificates

Dr. Cunsheng DING HKUST, Hong Kong. Security Protocols. Security Protocols. Cunsheng Ding, HKUST COMP685C

Security Model For Windows Mobile 5.0 and Windows Mobile 6. Date February 2007 Applies to: Windows Mobile Version 5.

The SSL Landscape. Ralph Holz, Thomas Riedmaier, Lothar Braun, Nils Kammenhuber. Network Architectures and Services Technische Universität München

How to check if I care for the safety of my Clients?

Our partnerships. Our accreditations

Public Key Infrastructure (PKI)

Certificates and network security

Support Advisory: ArubaOS Default Certificate Expiration

GlobalSign Customers. Enterprise PKI Client Authentication User Guide. Employing authentication as an additional security layer to the EPKI platform

GlobalSign Enterprise Solutions

Securing the SSL/TLS channel against man-in-the-middle attacks: Future technologies - HTTP Strict Transport Security and Pinning of Certs

Tel: Tel: +44 (0) Comodo Group.

BEGINNERS GUIDE BEGINNERS GUIDE TO SSL CERTIFICATES: MAKING THE BEST CHOICE WHEN CONSIDERING YOUR ONLINE SECURITY OPTIONS

High Assurance SSL Sub CA Addendum to the Comodo Certification Practice Statement v.3.0

Apache Security with SSL Using Ubuntu

GlobalSign Integration Guide

QualitySSL by BitEngines Nellikevaenget Vallensbaek Denmark. WWW:

Next Steps In Accelerating DNSSEC Deployment

Criminal charges are not pursued: Hacking PKI

Securing your Online Data Transfer with SSL

A quick overview of the DANE WG. * DNS-based Authentication of Named Entities

BREAKING HTTPS WITH BGP HIJACKING. Artyom Gavrichenkov R&D Team Lead, Qrator Labs

BEGINNER S GUIDE TO SSL CERTIFICATES: Making the best choice when considering your online security options

Secure Socket Layer (SSL) and Transport Layer Security (TLS)

Implementing Secure Sockets Layer on iseries

Enterprise SSL FEATURES & BENEFITS

Part III-a. Universität Klagenfurt - IWAS Multimedia Kommunikation (VK) M. Euchner; Mai Siemens AG 2001, ICN M NT

THE DOMAIN NAME INDUSTRY BRIEF VOLUME 11 ISSUE 1 APRIL 2014

beginners guide Beginners Guide Certificates the best decision when considering your online security options.

Web Security: Encryption & Authentication

CSC574 - Computer and Network Security Module: Public Key Infrastructure

DANE Secured Demonstration. Wes Hardaker Parsons

Comodo Extended Validation (EV) Certification Practice Statement

Web Security. Crypto (SSL) Client security Server security 2 / 40. Web Security. SSL Recent Changes in TLS. Protecting the Client.

Secure Sockets Layer (SSL) / Transport Layer Security (TLS)

Savitribai Phule Pune University

A Study of What Really Breaks SSL HITB Amsterdam 2011

Transcription:

NCSC conference, january 23, 2013 Marco Davids Technical Advisor DANE, the next big thing (after DNSSEC) 1

SIDN Foundation for Internet Domain Registration in the Netherlands (SIDN) Registry for.nl 2

.nl in figures Top 10 cctld s 1.DE (Germany) 15,2 m 2.TK (Tokalau) 10,8 m 3.UK (United kingdom) 10,2 m 4.NL (Netherlands) 5 m 5. CN (PR of China) 4,1 m 6.RU (Russian Fed.) 4 m 7.EU (European Union) 3,67 m 8. BR (Brazil) 3 m 9. AR (Argentine) 2,7 m 10.AU (Australia) 2,5 m (source: CENTR, sept 2012) (source: SIDN) 3

.nl today High domain density 1 th TLD in terms of DNSSEC 4

The problem 5

PKI system drawbacks: Complex Lack of quality Architectural weaknesses Implementation issues But, more important (in this context) 6

PKI system drawbacks User confusion Problems with CA s 7

PKI: SSL/TLS 8

Where do you pay attention to in your browser? And what about your mobile device? 9

Many CA s A-Trust-nQual-03 Chambers of Commerce Root Global Chambersign Root Chambers of Commerce Root - 2008 Global Chambersign Root - 2008 Actalis Authentication Root CA AddTrust Class 1 CA Root AddTrust External CA Root AddTrust Public CA Root AddTrust Qualified CA Root AffirmTrust Commercial AffirmTrust Networking AffirmTrust Premium AffirmTrust Premium ECC EC-ACC America Online Root Certification Authority 1 America Online Root Certification Authority 2 Juur-SK EE Certification Centre Root CA 20 10

Many CA s Autoridad de Certificacion Firmaprofesional CIF A62634068 Autoridad de Certificacion Firmaprofesional CIF A62634068 Baltimore CyberTrust Root Buypass Class 2 CA 1 Buypass Class 3 CA 1 Buypass Class 2 Root CA Buypass Class 3 Root CA Certinomis - Autorité Racine 40 Class 2 Primary CA certsign ROOT CA epki Root Certification Authority CNNIC ROOT COMODO ECC Certification Authority AAA Certificate Services Secure Certificate Services Trusted Certificate Services COMODO Certification Authority ComSign Secured CA ComSign CA Cybertrust Global Root Deutsche Telekom Root CA 2 11

Many CA s S-TRUST Authentication and Encryption Root CA 2005:PNS Certigna DigiCert Assured ID Root CA DigiCert Global Root CA DigiCert High Assurance EV Root CA [DISABLED] DigiNotar Root CA DST ACES CA X6 Digital Signature Trust Co. Global CA 1 60 Digital Signature Trust Co. Global CA 3 DST Root CA X3 CA Disig EBG Elektronik Sertifika Hizmet Sağlayıcısı ACEDICOM Root e-guven Kok Elektronik Sertifika Hizmet Saglayicisi Entrust Root Certification Authority Entrust.net Secure Server Certification Authority Entrust.net Certification Authority (2048) [DISABLED] Digisign Server ID - (Enrich) Equifax Secure CA Equifax Secure ebusiness CA 2 [DISABLED] MD5 Collisions Inc. (http://www.phreedom.org/md5) 12

Many CA s Equifax Secure Global ebusiness CA-1 Equifax Secure ebusiness CA-1 Root CA Generalitat Valenciana GeoTrust Global CA GeoTrust Global CA 2 GeoTrust Universal CA GeoTrust Universal CA 2 GeoTrust Primary Certification Authority 80 GeoTrust Primary Certification Authority - G2 GeoTrust Primary Certification Authority - G3 GlobalSign GlobalSign Root CA Go Daddy Root Certificate Authority - G2 Taiwan GRCA GTE CyberTrust Global Root Digisign Server ID (Enrich) Hellenic Academic and Research Institutions RootCA 2011 Hongkong Post Root CA 1 Izenpe.com SecureSign RootCA11 13

Many CA s ApplicationCA - Japanese Government Microsec e-szigno Root CA Microsec e-szigno Root CA 2009 NetLock Minositett Kozjegyzoi (Class QA) Tanusitvanykiado NetLock Kozjegyzoi (Class A) Tanusitvanykiado NetLock Uzleti (Class B) Tanusitvanykiado NetLock Expressz (Class C) Tanusitvanykiado NetLock Arany (Class Gold) Főtanúsítvány 100 Network Solutions Certificate Authority IGC/A QuoVadis Root Certification Authority QuoVadis Root CA 2 QuoVadis Root CA 3 RSA Security 2048 v3 Security Communication RootCA2 Security Communication EV RootCA1 Security Communication Root CA SecureTrust CA Secure Global CA AC Raíz Certicámara S.A. 14

Many CA s Sonera Class1 CA Sonera Class2 CA Staat der Nederlanden Root CA Staat der Nederlanden Root CA - G2 Starfield Class 2 CA Starfield Root Certificate Authority - G2 Starfield Services Root Certificate Authority - G2 StartCom Certification Authority 120 StartCom Certification Authority StartCom Certification Authority G2 Swisscom Root CA 1 SwissSign Platinum CA - G2 SwissSign Gold CA - G2 SwissSign Silver CA - G2 T-TeleSec GlobalRoot Class 3 TWCA Root Certification Authority TC TrustCenter Class 2 CA II TC TrustCenter Class 3 CA II TC TrustCenter Universal CA I TC TrustCenter Universal CA III TDC OCES CA 15

Many CA s TDC Internet Root CA Thawte Server CA Thawte Premium Server CA thawte Primary Root CA thawte Primary Root CA - G2 thawte Primary Root CA - G3 140 Go Daddy Class 2 CA UTN-USERFirst-Network Applications UTN - DATACorp SGC UTN-USERFirst-Client Authentication and Email UTN-USERFirst-Hardware UTN-USERFirst-Object Trustis FPS Root CA TÜBİTAK UEKAE Kök Sertifika Hizmet Sağlayıcısı - Sürüm 3 TÜRKTRUST Elektronik Sertifika Hizmet Sağlayıcısı Certum CA Certum Trusted Network CA http://www.valicert.com/ 16

Many CA s VeriSign Class 3 Public PCA - G5 VeriSign Class 3 Public PCA VeriSign Class 1 Public PCA VeriSign Class 1 Public PCA G2 VeriSign Class 3 Public PCA - G4 VeriSign Class 2 Public PCA G2 VeriSign Class 3 Public PCA G2 VeriSign Class 1 Public PCA - G3 VeriSign Class 2 Public PCA - G3 VeriSign Class 3 Public PCA - G3 VeriSign Class 4 Public PCA - G3 VeriSign Universal Root Certification Authority Visa ecommerce Root Wells Fargo Root Certificate Authority WellsSecure Public Root Certificate Authority OISTE WISeKey Global Root GA CA XRamp Global Certification Authority 160 Source: http://www.mozilla.org/projects/security/certs/ 17

Bottom line: o o o o o There are many CA s ( Certificate Authorities ) There is risk of are bad apples No proper way of matching certificate with website No easy way to trust some CA s more than others Unclear for Mr. Joe Average 18

Solution? o o o o o Certificate pinning Not really scalable, but it saved Google s butt a number of times Notaries (like converge.io ) No uniform standard Not very user-friendly 19

How DANE helps 20

The goal of DANE is to use the DNS (and DNSSEC) to provide clients with additional information about the cryptographic credentials associated with a domain DNS-Based Authentication of Named Entities 21

The problem in pictures! ClientHello 22

Handshake ServerHello? Is the certificate valid? Yes/No If Yes: proceed with handshake If No, abort with a warning A valid certificate Is not expired or revoked Validates with one of the many CA s Has a matching common name 23

Man-in-the-Middle ServerHello ServerHello 24

Man-in-the-Middle ServerHello ServerHello The (fake) certificate is Not expired or revoked Validates with one of the many CA s Has a matching common name 25

Man-in-the-Middle ServerHello ServerHello The (fake) certificate is Not expired or revoked Validates with one of the many CA s Has a matching common name 26

DANE to the rescue ServerHello ServerHello 27

DNS query for TLSA record ServerHello ServerHello? 28

Does it match? ServerHello ServerHello _443._tcp.www.example.nl. IN TLSA ( 1 0 1 d2abde240d7cd3ee6b4b28c54df034b9 7983a1d16e8a410e4561cb106618e971 ) 29

Genuine certificate matches the TLSA, fake certificate does not == _443._tcp.www.example.nl. IN TLSA ( 1 0 1 d2abde240d7cd3ee6b4b28c54df034b9 7983a1d16e8a410e4561cb106618e971 )!= _443._tcp.www.example.nl. IN TLSA ( 1 0 1 d2abde240d7cd3ee6b4b28c54df034b9 7983a1d16e8a410e4561cb106618e971 ) 30

Genuine certificate matches the TLSA, fake certificate does not == _443._tcp.www.example.nl. IN TLSA ( 1 0 1 d2abde240d7cd3ee6b4b28c54df034b9 7983a1d16e8a410e4561cb106618e971 )!= _443._tcp.www.example.nl. IN TLSA ( 1 0 1 d2abde240d7cd3ee6b4b28c54df034b9 7983a1d16e8a410e4561cb106618e971 ) 31

Without DANE _443._tcp.www.example.nl. IN TLSA ( 1 0 1 d2abde240d7cd3ee6b4b28c54df034b9 7983a1d16e8a410e4561cb106618e971 )? _443._tcp.www.example.nl. IN TLSA ( 1 0 1 d2abde240d7cd3ee6b4b28c54df034b9 7983a1d16e8a410e4561cb106618e971 ) 32

Without DANE both certificates would have been accepted _443._tcp.www.example.nl. IN TLSA ( 1 0 1 d2abde240d7cd3ee6b4b28c54df034b9 7983a1d16e8a410e4561cb106618e971 ) _443._tcp.www.example.nl. IN TLSA ( 1 0 1 d2abde240d7cd3ee6b4b28c54df034b9 7983a1d16e8a410e4561cb106618e971 ) 33

DNSSEC _443._tcp.www.example.nl. IN TLSA ( 1 0 1 d2abde240d7cd3ee6b4b28c54df034b9 7983a1d16e8a410e4561cb106618e971 ) 34

DNSSEC _443._tcp.www.example.nl. IN TLSA ( 1 0 1 d2abde240d7cd3ee6b4b28c54df034b9 7983a1d16e8a410e4561cb106618e971 ) 35

DNSSEC the enabling technology _443._tcp.www.example.nl. IN TLSA ( 1 0 1 d2abde240d7cd3ee6b4b28c54df034b9 7983a1d16e8a410e4561cb106618e971 ) _443._tcp.www.example.nl. IN RRSIG TLSA 8 5 300 ( 20130423112228 20130115102228 52044 example.nl. bnmynbco3mwravvmix7khpuggidpbfmz2icmq0gjz7ud A3tz0EKmBjqxOdwZaZNj2KrtxFJ2ta7elURYIHTpFFl9 +hjftpebjlklj636ilcyqcsxaytleiu7vop2nnx8y6+m g+toku4xnpk/hsolelmia+zxkj8zxj+yxdedulo= ) 36

Current status 37

DANE standard IETF RFC6698 (august 2012) Early adopter stage Tools to generate TLSA records Support in BIND 9.9.1 and up Support in various other software 38

DANE standard No widespread use of it (yet) Mozilla / Google Chrome are looking into it and experimenting Add-ons / extensions exist 39

DANE standard DANE patrol By CZ.NIC labs (fork of Certificate Patrol ) https://labs.nic.cz/page/1207/dane-patrol/ 40

DANE standard DNSSEC/TLSA validator By Paul Wouters (based on work done by CZ.NIC and D. Groenewegen) http://people.redhat.com/pwouters/ 41

Hype cycle by courtesy of: SURFnet 42

Hype cycle by courtesy of: SURFnet 43

The state of DNSSEC Uptake of DNSSEC signed domains in.com,.net,.edu.edu : 0.9%.net : 0.2 %.com: 0.15 % source: Verisign labs 44

The state of DNSSEC Uptake of DNSSEC signed domains in.nl,.cz,.br and.se For.nl it is 26%! source: PowerDNS 45

The state of DNSSEC validation Worldwide ~4% DNSSEC validation source: Verisign labs 46

The state of DNSSEC validation Some countries are doing really well source: RIPE labs / Geoff Huston 47

Wrap up 48

Wrap up o o o o o o o o DANE adds additional layer of security to the PKI The standard is ratified by the IETF DANE is easy to implement, without much risk DNSSEC is required DNSSEC adoption is well on it s way Early adopters are already playing with it Browser-vendors are interested Things are looking good! 49

THANK YOU 50