1 / 40

Using the New JDK 8 Security Features

Using the New JDK 8 Security Features. Sean Mullan Technical Lead, Java Security Libraries Team Oracle Corporation. Goal. Learn about the new JDK 8 security features, understand the benefits of each, and get started with code that you can use in your applications . Agenda.

marlo
Download Presentation

Using the New JDK 8 Security Features

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Using the New JDK 8 Security Features Sean MullanTechnical Lead, Java Security Libraries Team Oracle Corporation

  2. Goal Learn about the new JDK 8 security features, understand the benefits of each, and get started with code that you can use in your applications

  3. Agenda • The 11 new security features • High level overview of Java Security • Details and examples of each new security feature • More information • Q & A

  4. The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any contract. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. The development, release, and timing of any features or functionality described for Oracle’s products remains at the sole discretion of Oracle.

  5. The 11 New Security Features http://openjdk.java.net/jeps

  6. The 11 New Security Features (continued) http://openjdk.java.net/jeps

  7. Overview of Java Security • Java Language Security and Bytecode Verification • Security APIs and Libraries • Cryptography: JCA/JCE • Public-Key Infrastructure (PKI): Certificates, CertPaths • Authentication: JAAS, Kerberos • Secure Communication: JSSE (SSL/TLS), GSS-API, SASL • Access Control: Security Manager, Policy, JAAS • XML Signature • Tools: jarsigner, keytool

  8. Java Security Conceptual Diagram = JDK Enhancement-Proposal JEP Authentication 140 113 Secure Communication PKI Access Control 114 124 115 Crypto 131 123 166 121 130 129

  9. Security Provider Diagram Application MessageDigest.getInstance (“SHA-512”) SHA-512 MessageDigest from Provider B Provider Framework MessageDigest SHA-224, SHA-256 MessageDigest MD5, SHA-1 MessageDigest SHA-256, SHA-512 Provider B Provider A Provider C

  10. JEP 130: SHA-224 Message Digests • Implement the SHA-224 message digest and related algorithms • Completes support for the SHA-2 family (224, 256, 384, 512) • SHA-224 is a truncated version of SHA-256 • computed hash is 224 bits instead of 256 • uses a different initial hash value • provides 112 bits of security (same as two-key Triple DES)

  11. Examples using SHA-224 // Create a SHA-224 message digest MessageDigest md = MessageDigest.getInstance("SHA-224"); // Create a SHA-224 RSA or ECDSA signature Signature sig = Signature.getInstance("SHA224withRSA"); Signature esig = Signature.getInstance("SHA224withECDSA"); // Create a SHA-224 mac Mac mac = Mac.getInstance("HmacSHA224");

  12. JEP 121: Stronger Algorithms for Password-Based Encryption • Provide stronger Password-Based Encryption (PBE) implementations • PBE is based on PKCS #5 and includes: • key derivation functions • encryption schemes • message authentication code (MAC) schemes • Current support for PBE is lacking • Less secure PBKDF1 key derivation and PBES1 encryption algorithms • Use MD5/SHA-1 and 3-key Triple DES or RC2 encryption • No MAC algorithms

  13. JEP 121: Stronger Algorithms for Password-Based Encryption (continued) • JEP 121 adds support for stronger PKCS #5 (v 2.1) algorithms • PBKDF2 key derivation using HMAC SHA-2 pseudo-random functions • PBES2 encryption schemes using PBKDF2 and AES • PBMAC1 MAC schemes using PBKDF2 and SHA-2 • Algorithms are formed as follows: • SecretKeyFactory: PBKDF2With<prf> • Cipher: PBEWith<prf>And<encryption> • Mac: PBEWith<prf>

  14. Deriving a key from a password // Create PBE KeySpec with password, salt, // iteration count, and key length char[] password = System.console().readPassword(); byte[] salt = new byte[8]; new SecureRandom().nextBytes(salt); intiterCount = 1000; intkeyLength = 128; PBEKeySpecpks = new PBEKeySpec(password, salt, iterCount, keyLength); // Derive PBE key SecretKeyFactoryskf = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA256"); PBEKeypbeKey = (PBEKey)skf.generateSecret(pks);

  15. Combined key derivation and encryption String alg = "PBEWithHmacSHA256AndAES_128"; // Create PBE key (NOTE: key is not strong) PBEKeySpecpks = new PBEKeySpec(password); SecretKeyFactoryskf = SecretKeyFactory.getInstance(alg); SecretKeypbeKey = skf.generateSecret(pks); // Create PBE params : IV, salt and iteration count byte[] iv = new byte[16]; new SecureRandom().nextBytes(iv); IvParameterSpecivP = new IvParameterSpec(iv); PBEParameterSpecpbeParams = new PBEParameterSpec(salt, iterCount, ivP);

  16. Combined key derivation and encryption (continued) // Create PBE cipher Cipher c = Cipher.getInstance(alg); c.init(Cipher.ENCRYPT_MODE, pbeKey, pbeParams); // Encrypt byte[] cipherText = c.doFinal("Hello, world".getBytes()); // Decrypt c.init(Cipher.DECRYPT_MODE, pbeKey, c.getParameters()); byte[] clearText = c.doFinal(cipherText);

  17. JEP 131: PKCS#11 Crypto Provider for 64-bit Windows • The PKCS #11 standard defines a platform-independent API to cryptographic tokens • The SunPKCS11 provider is currently supported on Solaris, Linux, and Windows (32-bit only) • Solaris configured out-of-the box, others require additional configuration • JEP 131 adds support for 64-bit Windows • See the PKCS#11 Reference Guide for more information

  18. JEP 129: NSA Suite B Cryptographic Algorithms • Provide implementations of NSA Suite B cryptographic algorithms • NSA Suite B is a list of required cryptographic algorithms approved for use by the U.S. government for secure sharing of information • Most algorithms are already supported • JEP 129 adds support for missing pieces • 2048-bit Diffie Hellman and DSA keys • SHA224withDSA and SHA256withDSA signature algorithms • AES GCM mode completed as part of JEP 115

  19. Generating a 2048-bit DSA key // Create algorithm parameters AlgorithmParameterGeneratorapg = AlgorithmParameterGenerator.getInstance("DSA"); apg.init(new DSAGenParameterSpec(2048, 256)); AlgorithmParametersap = apg.generateParameters(); DSAParameterSpec spec = ap.getParameterSpec(DSAParameterSpec.class); // Generate DSA public-key pair KeyPairGeneratorkpg = KeyPairGenerator.getInstance("DSA"); kpg.initialize(spec); KeyPairkp = kpg.generateKeyPair();

  20. JEP 123: Configurable Secure Random-Number Generation • Provide better APIs and configuration options for secure random number generation • Add a new Security Property and SecureRandom method to obtain “strong” random numbers • Set reasonable strong default implementations for each platform • Correct the java.security file and correct minor implementation details • securerandom.source=file:/dev/random • No more "file:/dev/./urandom" or "file:///dev/urandom" • Add new NativePRNGBlocking and NativePRNGNonBlockingSecureRandom implementations

  21. Obtaining and using a strong SecureRandom // Create strong secure random number generator SecureRandomsr = SecureRandom.getStrongSecureRandom(); if (sr == null) { sr = new SecureRandom(); if (!goodEnough(sr)) { return; } } // Initialize key pair generator with SecureRandom KeyPairGeneratorkpg = KeyPairGenerator.getInstance("RSA"); kpg.initialize(2048, sr);

  22. JEP 115: AEAD CipherSuites • Implement the AEAD AES/GCM cryptographic algorithm • Cipher API was already enhanced in JDK 7 to support AEAD operations • Implement AEAD/GCM based TLS cipher suites in JSSE (RFCs 5288, 5289, 5430) • TLS_RSA_WITH_AES_128_GCM_SHA256 (RFC 5288) • TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 (RFC 5289, 5430) • TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 (RFC 5289, 5430) • Etc. • Required for NSA Suite B compliance

  23. Authenticated Encryption with AES/GCM mode // NOTE: use a different IV value for every operation GCMParameterSpecparams = new GCMParameterSpec(128, iv); Cipher c = Cipher.getInstance("AES_128/GCM/NoPadding"); // Encrypt and authenticate c.init(Cipher.ENCRYPT_MODE, key, params); c.updateAAD("Duke".getBytes()); byte[] cipherText = c.doFinal("Hello, world".getBytes()); // Decrypt and authenticate c.init(Cipher.DECRYPT_MODE, key, params); c.updateAAD("Duke".getBytes()); byte[] clearText = c.doFinal(cipherText);

  24. JEP 166: Overhaul JKS-JCEKS-PKCS12 Keystores • Facilitate migrating data from JKS and JCEKS keystores by adding equivalent support to the PKCS#12 keystore • Support added for trusted certificate and secret key entries • Enhance the KeyStore API to support new features such as entry metadata and logical views spanning several keystores • New Domain "DKS" KeyStore type • New attribute APIs • Enable the strong PBE algorithms introduced in JEP-121 to be used to protect keystore entries

  25. Example Domain KeyStore configuration file // dks.config file // domain containing two keystores domain macosx { keystoremykeystore keystoreType = "JKS" keystoreURI = "${user.home}/.keystore"; keystoremykeychain keystoreType = "KeychainStore"; };

  26. Using the Domain KeyStore // Create and load DKS keystore KeyStoreks = KeyStore.getInstance("DKS"); URI uri = new File("dks.config").toURI(); ks.load(new DomainLoadStoreParameter (uri, Collections.singletonMap("mykeystore", new PasswordProtection(password)))); // Enumerate over the trusted certificate entries Enumeration<String> aliases = ks.aliases(); for (String alias : Collections.list(aliases)) { Certificate cert = ks.getCertificate(alias); }

  27. JEP 124: Enhance the Certificate Revocation-Checking API • Enhance API to support best-effort checking, end-entity certificate checking, and mechanism-specific options and parameters • New PKIXRevocationChecker API • Best-effort checking (SOFT_FAIL) option • revocation check is not fatal if status cannot be obtained (for example, due to network connection failure, overloaded server, etc) • OCSP is preferred with fallback to CRLs (can be switched, and/or fallback disabled) • Support for stapled OCSP responses

  28. Using the PKIXRevocationChecker // Create PKIX CertPathValidator and set soft-fail option CertPathValidatorcpv = CertPathValidator.getInstance("PKIX"); PKIXRevocationCheckerprc = (PKIXRevocationChecker)cpv.getRevocationChecker(); prc.setOptions( EnumSet.of(PKIXRevocationChecker.Option.SOFT_FAIL)); // Validate certificate chain PKIXParametersparams = new PKIXParameters(keystore); params.addCertPathChecker(prc); CertPathValidatorResultcpvr = cpv.validate(path, params);

  29. JEP 114: TLS Server Name Indication (SNI) Extension • Add support for the SNI Extension to allow more flexible secure virtual hosting and virtual-machine infrastructure based on SSL/TLS protocols • Extension specifically indicates the hostname the client wants to connect to • Allows JSSE to be used by a server where multiple domains share the same IP address and each can use different certificates • Common in cloud computing environments • Several new JSSE APIs

  30. Using SNI on client side // Create SSL socket SSLSocketFactoryssf = (SSLSocketFactory)SSLSocketFactory.getDefault(); SSLSocketss = (SSLSocket)ssf.createSocket(ipAddress, 443); // Specify hostname and add to SSL parameters SNIServerNamesn = new SNIHostName("www.example.com"); SSLParametersparams = ss.getSSLParameters(); params.setServerNames(Collections.singletonList(sn)); ss.setSSLParameters(params);

  31. Using SNI on server side // Create server socket ServerSocketFactoryssf = SSLServerSocketFactory.getDefault(); SSLServerSocketsss = (SSLServerSocket)ssf.createServerSocket(443); // Specify host matching rules and add to SSL parameters SNIMatchersm = SNIHostName.createSNIMatcher ("www\\.example\\.(com|org)"); SSLParametersparams = sss.getSSLParameters(); params.setSNIMatchers(Collections.singletonList(sm)); sss.setSSLParameters(params); SSLSocketss = (SSLSocket)sss.accept();

  32. JEP 113: MS-SFU Kerberos 5 Extensions • Add support for the MS-SFU extensions to the JDK Kerberos 5 implementation • Allows a service to obtain a Kerberos service ticket on behalf of another user • Useful in firewalled environments or clients without Kerberos support • Consists of two extensions: • Service-for-User-to-Self (S4U2self) extension • Service-for-User-to-Proxy (S4U2proxy) extension

  33. S4U2self example // Create GSS manager on server and get default credentials GSSManager manager = GSSManager.getInstance(); GSSCredential self = manager.createCredential(GSSCredential.INITIATE_ONLY); // Impersonate as user “mullan” GSSName user = manager.createName("mullan", GSSName.NT_USER_NAME); GSSCredentialuserCred = ((ExtendedGSSCredential)self).impersonate(user); com.sun.security.jgss.ExtendedGSSCredential

  34. JEP 140: Limited doPrivileged • Enables code to assert a subset of its granted permissions without otherwise preventing the full access-control stack walk to check for other permissions • This is very useful when you need to enable some permissions while allowing others to continue the stack walk • New AccessController.doPrivileged methods that take list of limiting Permissions

  35. Limited doPrivileged Example // PrivilegedAction subclass that retrieves the // value of a system property class GetPropertyActionimplements PrivilegedAction<String> { private final String prop; GetPropertyAction(String prop) { this.prop = prop; } @Override public String run() { return System.getProperty(prop); } }

  36. Limited doPrivileged Example (continued) // Returns the value of the specified property. All code // is allowed to read the app.version and app.vendor // properties. public String getProperty(final String prop) { return AccessController.doPrivileged( new GetPropertyAction(prop), null, new PropertyPermission("app.version", "read"), new PropertyPermission("app.vendor", "read")); }

  37. More Information • OpenJDK Security Group: http://openjdk.java.net/groups/security/ • Mailing list: security-dev@openjdk.java.net • JEPs: http://openjdk.java.net/jeps/0 • JDK 8 downloads: https://jdk8.java.net/download.html • JDK 8 security guides: http://download.java.net/jdk8/docs/technotes/guides/security/index.html • JDK 8 javadocs: http://download.java.net/jdk8/docs/api/ • My Blog: http://blogs.oracle.com/mullan/ • Twitter: @seanjmullan

  38. Q & A

More Related