240 likes | 376 Views
Eric Larsen, Colin Trettel, Mike Tripp, Curtis Desmarais. Useful Vocabulary Introduction SSL/TLP Applications A ffected Solutions Credits. Agenda. Payload - “Cargo of data transmission, actual data of transmission” ( PCMag )
E N D
Useful Vocabulary • Introduction • SSL/TLP • Applications Affected • Solutions • Credits Agenda
Payload- “Cargo of data transmission, actual data of transmission” (PCMag) • Padding- “bits or characters that fill up unused portions of data space” (PCMag) • Cipher suites-This is a list of the cryptographic options supported by the client, with the client's first preference first. • MAC(Message Authentication Code): Or “Keyed Hash Function,” protects and encapsulates message data. • Private Key- The unpublished key in a public key cryptographic system, which uses a two-part key: one private and one public. The private key is kept secret and never transmitted over a network. Useful Vocabulary
OpenSSL extension • Simple request and response • “still there?” What is the Heartbeat?
Failure of bounds checking in SSL Heartbeat • 66% of the internet uses OpenSSL security • Irony of the little green lock • Reported April 7th • Bug introduced December 11th What is Heartbleed!!!
http://www.youtube.com/watch?v=rE5dW3BTpn4 • Very Simplified • http://www.youtube.com/watch?v=hTK0pywfmDE • “best on youtube” • Time permitting Heartbleed: Video Explanation
Open source software that implements the SSL and TLS protocols. • Project founded in 1998 to invent free set of encryption tools for the code used on the Internet. (as of 2014 ⅔ of all webservers use it.) • Designed for confidentiality and prevention of eavesdropping, tampering, and middle-man attacks • a library written in the C programming language that provides routines for cryptographic primitives utilized in implementing the Secure Sockets Layer (SSL) and Transport Layer Security protocols • TLS vs. SSL What is Open SSL?
Symmetric (Private Key) Ciphers • DES • 3DES • AES Asymmetric (Public Key) Ciphers Hash Functions • Takes a long string of data and summarizes into a message (unique identifier) • If change 1 bit, the whole summary is different. MAC(Message Authentication Code) Open SSL Encryption
Composed of two levels (layered on top of reliable protocol-TCP) • TLS Handshake Protocol • Three basic properties: • Peers identity can be authenticated using asymmetric/public key cryptography (RSA, DSS) • X.509 certificates • Negotiation of shared secret is secure, shared secret is unavailable to middle man attacker • Negotiation is reliable • TLS Record Protocol • Provides connection security two basic properties • Connection Private-symmetric cryptography used for data encryption • Connection Reliable-records are secured using MAC encapsulation Transport Layer Security Authentication
Transport layer security is constantly being tested by the networking community as well corporations and governments. • Cipher Suites are used in TLS to determine the algorithms involved in authentication, encryption and the message authentication codes. (MAC) • There are hundreds of Cipher Suites for the client and server to choose from during their handshaking process. • Aging Suites such as RC4, which has been a popular standard in the past is now being phased out by TLS due to its known weaknesses in a number of cryptographic areas SSL / TLS as an evolving software
OpenSSL versions 1.0.1 through 1.0.1f had a severe memory handling bug in their implementation of the TLS Heartbeat Extension. The TLS Heartbeat extension sends and receives small records as if both sides of the client-server system are asking, “Still there?” The Incoming request data is read by type (finding out that it's a heartbeat) from the first byte, then reads the next two bytes which indicate the length of the heartbeat payload. In a valid heartbeat request, this length matches the length of the payload sent in the heartbeat request. The cause of heartbleed is that the code does not check that this length is the actual length sent in the heartbeat request, allowing the request to ask for more data than it should be able to retrieve. The code then copies the amount of data indicated by the length from the incoming message. Since the length variable is 16 bits, you can request up to 65,535 bytes from memory. How does the Heartbleed bug effect TLS?
Four Categories: 1) Primary key material: The crown jewels, the encryption keys themselves. 2) Secondary key material: User Credentials 3) Protected content: Personal or financial details, messages, etc 4) Collateral: Technical details or such as memory addresses or security measures Scanning for Primary Keys: https://www.youtube.com/watch?v=lkst_tSwB9o What is being leaked?
After the Heartbleed bug was first announced, speculation around the ease of access to private keys circled around the internet • Web security companies like CloudFlare set up a vulnerable version of SSL on a Nginx server and challenged the community to steal the private key • The company thought it to be an impossible feat, but it was solved by four different individuals within 24 hours Needle in a Haystack? Or easy access to private keys?
OpenSSL 1.0.1 through 1.0.1f (inclusive) are vulnerable to attack • Heartbleed has been around for years and the total effects are not completely known due to an attacker’s ability to silently steal information. • It is unclear how often, or how many people many have exploited this bug. What is the scale of Heartbleed?
Ironically smaller and more progressive services or those who have upgraded to latest and best encryption will be affected most. • Bug was introduced to OpenSSL in December 2011 and has been out in the wild since OpenSSL release 1.0.1 on 14th of March 2012. OpenSSL 1.0.1g released on 7th of April 2014 fixes the bug. • Apache and Nginx are two big applications that serve over TLS that are affected. • Many popular sites were affected, such as: • Facebook, Instagram, etc. • Yahoo! Mail • Dropbox Applications affected
/* Read type and payload length first */if (1 + 2 + 16 > s->s3->rrec.length)return 0; /* silently discard */hbtype = *p++;n2s(p, payload);if (1 + 2 + payload + 16 > s->s3->rrec.length)return 0; /* silently discard per RFC 6520 sec. 4 */pl = p; • Pay money for security audits of critical security infrastructure like OpenSSL • Write lots of unit and integration tests for these libraries • Start writing alternatives in safer languages Solutions
Revocation of the compromised keys and reissuing and redistributing new keys • Contact your Certificate Authority • After doing this, reset passwords • Do not reset passwords before new certificates Post-Heartbleed recovery
NSA known 2 years ago about the flaw (controversial) • Harley Geiger, senior counsel for the Center for Democracy & Technology in Washington, said “What may be a good tool for the NSA may also turn out to be a tool for organizations that are less ethical or have no ethics at all.” • Even though the bug itself has been fixed with the most recent update, if those sites that were affected did not revoke and reissue their certificates, they’re still vulnerable. • Because it’s impossible to know if a private key has been stolen from your server, it’s in best practice to assume that one exists. • Google pre-notified Cloudflare. OpenSSL and Cloudflare jointly decided to announce this before the distros fixed it. We are still waiting for several distros to roll a patch. Current Issues
https://www.openssl.org/news/secadv_20140407.txt • http://www.symantec.com/connect/articles/introduction-openssl-part-one • http://heartbleed.com/ • http://blog.cloudflare.com/answering-the-critical-question-can-you-get-private-ssl-keys-using-heartbleed • https://news.ycombinator.com/item?id=7548991 • http://tools.ietf.org/html/rfc524 • http://www.bloomberg.com/news/2014-04-11/nsa-said-to-have-used-heartbleed-bug-exposing-consumers.html Sources Cited
https://blog.perfectcloud.io/wp-content/uploads/2014/04/how-to-treat-heartbleed-bug-imageFileLarge-6-a-6731.jpg (Title Slide) • http://2.bp.blogspot.com/-WjYsN_foiGU/U1GIgyyecTI/AAAAAAAAD5I/NEcV0d3--UQ/s1600/Heartbleed.jpg (logo) • http://cnet4.cbsistatic.com/hub/i/r/2014/04/09/0f45dcc2-00fe-4080-91ac-a5afccdf6da1/resize/770x578/0f14a2be9f681c0dfc6034f126200034/heartbleed-over-web-address-770w.png • http://tedxud.com/heart-bleed-bug-infiltrates-the-likes-on-the-internet-and-this-isnt-the-first-time/ • https://www.dynadot.com/community/image?image_id=1000 Photo Credit