BULLETPROOF SSL and TLS Understanding and Deploying SSL/TLS and PKI to Secure Servers and Web Applications
Total Page:16
File Type:pdf, Size:1020Kb
Load more
Recommended publications
-
Certified Malware: Measuring Breaches of Trust in the Windows Code-Signing PKI
Certified Malware: Measuring Breaches of Trust in the Windows Code-Signing PKI Doowon Kim Bum Jun Kwon Tudor Dumitras, University of Maryland University of Maryland University of Maryland College Park, MD College Park, MD College Park, MD [email protected] [email protected] [email protected] ABSTRACT To establish trust in third-party software, we currently rely on Digitally signed malware can bypass system protection mechanisms the code-signing Public Key Infrastructure (PKI). This infrastruc- that install or launch only programs with valid signatures. It can ture includes Certification Authorities (CAs) that issue certificates also evade anti-virus programs, which often forego scanning signed to software publishers, vouching for their identity. Publishers use binaries. Known from advanced threats such as Stuxnet and Flame, these certificates to sign the software they release, and users rely this type of abuse has not been measured systematically in the on these signatures to decide which software packages to trust broader malware landscape. In particular, the methods, effective- (rather than maintaining a list of trusted packages). If adversaries ness window, and security implications of code-signing PKI abuse can compromise code signing certificates, this has severe impli- are not well understood. We propose a threat model that highlights cations for end-host security. Signed malware can bypass system three types of weaknesses in the code-signing PKI. We overcome protection mechanisms that install or launch only programs with challenges specific to code-signing measurements by introducing valid signatures, and it can evade anti-virus programs, which often techniques for prioritizing the collection of code-signing certificates neglect to scan signed binaries. -
Introduction to Cryptography
Mag. iur. Dr. techn. Michael Sonntag Introduction to Cryptography Institute of Networks and Security Johannes Kepler University Linz, Austria E-Mail: [email protected] Thanks to Rudolf Hörmanseder for some slides (esp. drawings!) Why cryptography? Security is a very important aspect, especially if money (or equivalents) are affected by transactions Not every information should be available to everyone Note: Data is sent in the Internet over numerous "open systems", where anyone can listen it! Security is needed! The technical aspect of security is cryptography Encrypting data against disclosure and modifications Signing data against modifications and repudiation Note: Cryptography does not solve all security problems! Example: Communication analysis (who talks to whom when) Other aspects of security are also needed » E.g.: Do you know what your employees actually do with data? Solutions: DRM, deactivation codes, anonymizers, … Michael Sonntag Introduction to Cryptography 2 Application areas Storing data in encrypted form Even access will not lead to disclosure (stolen laptops!) Example: File/-system encryption, password storage Transmitting data securely Enc. transmission prevents eavesdropping and tampering Example: TLS Identifying your partner Preventing man-in-the-middle attacks Example: TLS with uni-/bidirectional certificates Proof of identity & authority Avoiding impersonation Example: GPG E-Mail signatures, digital signatures (Austria: "Bürgerkarte“ – “citizen card”) Michael Sonntag Introduction to -
Digital Security for Activists
Training the Motivated: Digital Security for Activists Glencora Borradaile Kelsy Kretschmer Abstract School of Electrical Engineering School of Public Policy The state of global surveillance and the political and Computer Science Sociology Program environment has many activists caring more about their Oregon State University Oregon State University online security culture. We report on the initiation of a Corvallis, OR 97331, USA Corvallis, OR 97331, USA Digital Security for Activists program and a pilot study of an [email protected] [email protected] introductory seminar. Pre- and post-surveys of the seminar will form an initial assessment of what kind of intervention might increase the security practices of activists and to inform the design of program offerings. We report on the pre-surveys from three offerings of the seminar. Introduction In collaboration with the Civil Liberties Defense Center (CLDC), the first author had been offering informal digital security trainings for activists and their lawyers. After the fall elections in the U.S., requests for these trainings increased dramatically and shortly thereafter we launched a Digital Security for Activists (DSA) program. The DSA program’s intent is to align with the CLDC mission (“to defend and uphold civil liberties through education, outreach, litigation, legal support, and assistance”) and enable citizen activists to assert their constitutional rights while organizing online. Copyright is held by the author/owner. Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee. Poster In order to provide trainings that are useful and effective, we presented at the 13th Symposium on Usable Privacy and Security (SOUPS 2017). -
Legal Responses and Countermeasures to National Security Letters
Washington University Journal of Law & Policy Volume 47 Intellectual Property: From Biodiversity to Technical Standards 2015 Legal Responses and Countermeasures to National Security Letters Brett Weinstein Washington University School of Law Follow this and additional works at: https://openscholarship.wustl.edu/law_journal_law_policy Part of the National Security Law Commons Recommended Citation Brett Weinstein, Legal Responses and Countermeasures to National Security Letters, 47 WASH. U. J. L. & POL’Y 217 (2015), https://openscholarship.wustl.edu/law_journal_law_policy/vol47/iss1/15 This Note is brought to you for free and open access by the Law School at Washington University Open Scholarship. It has been accepted for inclusion in Washington University Journal of Law & Policy by an authorized administrator of Washington University Open Scholarship. For more information, please contact [email protected]. Legal Responses and Countermeasures to National Security Letters Brett Weinstein INTRODUCTION In early June of 2013, governmental surveillance suddenly and dramatically entered the public consciousness, prompting a torrent of debate and backlash. The Guardian published a top secret court order requiring Verizon to hand over all telephone call records to the National Security Agency (NSA); the Washington Post disclosed a secret but widespread Internet surveillance program, and months of similar revelations followed, all stemming from leaks by former NSA contractor, Edward Snowden.1 As a result, the public and the press began to question the tools that the government uses for surveillance, including National Security Letters (NSLs), and the relationship between the government and the technology and telecommunications companies that seemingly possess all personal and private information generated in the modern, digital world.2 J.D. -
FBI–Apple Encryption Dispute - Wikipedia, the Free Encyclopedia 6/2/16, 6:59 AM
FBI–Apple encryption dispute - Wikipedia, the free encyclopedia 6/2/16, 6:59 AM FBI–Apple encryption dispute From Wikipedia, the free encyclopedia The FBI–Apple encryption dispute concerns whether and to what extent courts in the United States can compel manufacturers to assist in unlocking cell phones whose contents are cryptographically protected.[1] There is much debate over public access to strong encryption.[2] In 2015 and 2016, Apple Inc. has received and objected to or challenged at least 11 orders issued by United States district courts under the All Writs Act of 1789. Most of these seek to compel Apple "to use its existing capabilities to extract data like contacts, photos and calls from locked iPhones running on operating systems iOS 7 and older" in order to assist in criminal investigations and prosecutions. A few requests, however, involve phones with more extensive security protections, which Apple has no current ability to break. These orders would compel Apple to write new software that would let the government bypass these device's security and unlock the phones.[3] The most well-known instance of the latter category was a February 2016 court case in the United States District Court for the Central District of California. The FBI wanted Apple to create and electronically An iPhone 5C, the model used by one sign new software that would enable the FBI to unlock a work-issued of the perpetrators of the 2015 San iPhone 5C it recovered from one of the shooters in a December 2015 Bernardino attack terrorist attack in San Bernardino, California, that killed 14 people and injured 22. -
Blockchain-Based Certificate Transparency and Revocation
Blockchain-based Certificate Transparency and Revocation Transparency? Ze Wang1;2;3, Jingqiang Lin1;2;3??, Quanwei Cai1;2, Qiongxiao Wang1;2;3, Jiwu Jing1;2;3, and Daren Zha1;2 1 State Key Laboratory of Information Security, Institute of Information Engineering, Chinese Academy of Sciences, Beijing 100093, China. 2 Data Assurance and Communication Security Research Center, Chinese Academy of Sciences, Beijing 100093, China. 3 School of Cyber Security, University of Chinese Academy of Sciences, Beijing 100049, China. {wangze,linjingqiang,caiquanwei,wangqiongxiao}@iie.ac.cn Abstract. Traditional X.509 public key infrastructures (PKIs) depend on certification authorities (CAs) to sign certificates, used in SSL/TLS to authenticate web servers and establish secure channels. However, recent security incidents indicate that CAs may (be compromised to) sign fraud- ulent certificates. In this paper, we propose blockchain-based certificate transparency and revocation transparency. Our scheme is compatible with X.509 PKIs but significantly reinforces the security guarantees of a certificate. The CA-signed certificates and their revocation status in- formation of an SSL/TLS web server are published by the subject (i.e., the web server) as a transaction, and miners of the community append it to the global certificate blockchain after verifying the transaction and mining a block. The certificate blockchain acts as append-only public logs to monitor CAs' certificate signing and revocation operations, and an SSL/TLS web server is granted with the cooperative control on its certificates to balance the absolute authority of CAs in traditional PKIs. We implement the prototype system with Firefox and Nginx, and the experimental results show that it introduces reasonable overheads. -
Mission Accomplished? HTTPS Security After Diginotar
Mission Accomplished? HTTPS Security after DigiNotar Johanna Amann* ICSI / LBL / Corelight Oliver Gasser* Technical University of Munich Quirin Scheitle* Technical University of Munich Lexi Brent The University of Sydney Georg Carle Technical University of Munich Ralph Holz The University of Sydney * Joint First Authorship Internet Measurement Conference (IMC) 2017 TLS/HTTPS Security Extensions • Certificate Transparency • HSTS (HTTP Strict Transport Security) • HPKP (HTTP Public Key Pinning) • SCSV (TLS Fallback Signaling Cipher Suite Value) • CAA (Certificate Authority Authorization) • DANE-TLSA (DNS Based Authentication of Named Entities) Methodology • Active & passive scans • Shared pipeline where possible • Active measurements from 2 continents • Largest Domain-based TLS scan so far • More than 192 Million domains • Passive measurements on 3 continents • More than 2.4 Billion observed TLS connections Certificate Transparency CA Issues Certificates Provides publicly auditable, append-only Log of certificates CT Log Also provides proof of inclusion Browser Verifies Proof of Inclusion Certificate Transparency CT Log CA Webserver Browser Certificate Transparency CT Log CA Certificate Webserver Browser Certificate Transparency CT Log CA Certificate Certificate Webserver Browser Certificate Transparency CT Log CA SCT Certificate Certificate Webserver Browser Certificate Transparency CT Log CA SCT Certificate Certificate Webserver Browser Certificate, SCT in TLS Ext. Certificate Transparency CT Log CA Webserver Browser Certificate Transparency Precertificate -
Web Content Guidelines for Playstation®4
Web Content Guidelines for PlayStation®4 Version 9.00 © 2021 Sony Interactive Entertainment Inc. [Copyright and Trademarks] "PlayStation" and "DUALSHOCK" are registered trademarks or trademarks of Sony Interactive Entertainment Inc. Oracle and Java are registered trademarks of Oracle and/or its affiliates. "Mozilla" is a registered trademark of the Mozilla Foundation. The Bluetooth® word mark and logos are registered trademarks owned by the Bluetooth SIG, Inc. and any use of such marks by Sony Interactive Entertainment Inc. is under license. Other trademarks and trade names are those of their respective owners. Safari is a trademark of Apple Inc., registered in the U.S. and other countries. DigiCert is a trademark of DigiCert, Inc. and is protected under the laws of the United States and possibly other countries. Symantec and GeoTrust are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners. VeriSign is a trademark of VeriSign, Inc. All other company, product, and service names on this guideline are trade names, trademarks, or registered trademarks of their respective owners. [Terms and Conditions] All rights (including, but not limited to, copyright) pertaining to this Guideline are managed, owned, or used with permission, by SIE. Except for personal, non-commercial, internal use, you are prohibited from using (including, but not limited to, copying, modifying, reproducing in whole or in part, uploading, transmitting, distributing, licensing, selling and publishing) any of this Guideline, without obtaining SIE’s prior written permission. SIE AND/OR ANY OF ITS AFFILIATES MAKE NO REPRESENTATION AND WARRANTY, EXPRESS OR IMPLIED, STATUTORY OR OTHERWISE, INCLUDING WARRANTIES OR REPRESENTATIONS WITH RESPECT TO THE ACCURACY, RELIABILITY, COMPLETENESS, FITNESS FOR PARTICULAR PURPOSE, NON-INFRINGEMENT OF THIRD PARTIES RIGHTS AND/OR SAFETY OF THE CONTENTS OF THIS GUIDELINE, AND ANY REPRESENTATIONS AND WARRANTIES RELATING THERETO ARE EXPRESSLY DISCLAIMED. -
Exploring CA Certificate Control
What’s in a Name? Exploring CA Certificate Control Zane Ma† Joshua Mason† Manos Antonakakis‡ Zakir Durumeric§ Michael Bailey† ‡Georgia Institute of Technology §Stanford University †University of Illinois at Urbana-Champaign Abstract other transgressions, prompted root store operators to begin discussions about removing trust in WoSign certificates. In TLS clients rely on a supporting PKI in which certificate July 2016, a new discovery revealed that StartCom, a seem- authorities (CAs)—trusted organizations—validate and cryp- ingly unaffiliated CA in Israel, was able to issue certificates tographically attest to the identities of web servers. A client’s signed by WoSign (a Chinese company). A deeper investiga- confidence that it is connecting to the right server depends tion of the incident eventually revealed that “the transaction entirely on the set of CAs that it trusts. However, as we demon- which completed the chain to give WoSign 100% ownership strate in this work, the identity specified in CA certificates is of StartCom completed on November 1st 2015” [59]. Further frequently inaccurate due to lax naming requirements, owner- evidence emerged that StartCom’s CA certificates had likely ship changes, and long-lived certificates. This not only mud- been integrated with WoSign operations as early as December dles client selection of trusted CAs, but also prevents PKI 2015 [56], when the removal of WoSign certificates from root operators and researchers from correctly attributing CA cer- stores appeared imminent. WoSign’s stealthy acquisition of tificate issues to CA organizations. To help Web PKI par- StartCom emphasizes the importance of transparency around ticipants understand the organizations that control each CA operational CA control for a secure web. -
Analysis of the HTTPS Certificate Ecosystem
Analysis of the HTTPS Certificate Ecosystem∗ Zakir Durumeric, James Kasten, Michael Bailey, J. Alex Halderman Department of Electrical Engineering and Computer Science University of Michigan, Ann Arbor, MI 48109, USA {zakir, jdkasten, mibailey, jhalderm}@umich.edu ABSTRACT supporting public key infrastructure (PKI) composed of thousands We report the results of a large-scale measurement study of the of certificate authorities (CAs)—entities that are trusted by users’ HTTPS certificate ecosystem—the public-key infrastructure that un- browsers to vouch for the identity of web servers. CAs do this by derlies nearly all secure web communications. Using data collected signing digital certificates that associate a site’s public key with its by performing 110 Internet-wide scans over 14 months, we gain domain name. We place our full trust in each of these CAs—in detailed and temporally fine-grained visibility into this otherwise general, every CA has the ability to sign trusted certificates for any opaque area of security-critical infrastructure. We investigate the domain, and so the entire PKI is only as secure as the weakest CA. trust relationships among root authorities, intermediate authorities, Nevertheless, this complex distributed infrastructure is strikingly and the leaf certificates used by web servers, ultimately identify- opaque. There is no published list of signed website certificates ing and classifying more than 1,800 entities that are able to issue or even of the organizations that have trusted signing ability. In certificates vouching for the identity of any website. We uncover this work, we attempt to rectify this and shed light on the HTTPS practices that may put the security of the ecosystem at risk, and we certificate ecosystem. -
US Technology Companies and State Surveillance in the Post-Snowden Context: Between Cooperation and Resistance Félix Tréguer
US Technology Companies and State Surveillance in the Post-Snowden Context: Between Cooperation and Resistance Félix Tréguer To cite this version: Félix Tréguer. US Technology Companies and State Surveillance in the Post-Snowden Context: Be- tween Cooperation and Resistance. [Research Report] CERI. 2018. halshs-01865140 HAL Id: halshs-01865140 https://halshs.archives-ouvertes.fr/halshs-01865140 Submitted on 30 Aug 2018 HAL is a multi-disciplinary open access L’archive ouverte pluridisciplinaire HAL, est archive for the deposit and dissemination of sci- destinée au dépôt et à la diffusion de documents entific research documents, whether they are pub- scientifiques de niveau recherche, publiés ou non, lished or not. The documents may come from émanant des établissements d’enseignement et de teaching and research institutions in France or recherche français ou étrangers, des laboratoires abroad, or from public or private research centers. publics ou privés. Distributed under a Creative Commons Attribution| 4.0 International License UTIC Deliverable 5 US Technology Companies and State Surveillance in the Post-Snowden Context: Between Cooperation and Resistance Author: Félix Tréguer (CERI-SciencesPo) 1 tech Executive Summary This deliverable looks at the growing hybridization between public and private actors in the field of communications surveillance for national security purposes. Focusing on US-based multinationals dominating the digital economy globally which became embroiled in the post-Snowden debates (companies like Google, Apple, Facebook, Microsoft, Yahoo), the report aims at understanding the impact of the Snowden scandal on the strategies of these companies in relation to state Internet surveillance. To that end, the report identifies seven factors that are likely to influence the stance of a given company and its evolution depending on the changing context and constraints that it faces across time and space. -
Post-Snowden Cryptography
Post-Snowden Crypto June 2016 Bart Preneel Post-Snowden Cryptography Bart Preneel COSIC KU Leuven and iMinds, Belgium Bart.Preneel(at)esat.kuleuven.be June 2016 1 2 NSA calls the iPhone users public 'zombies' who pay for their own surveillance 3 4 Outline NSA: • Snowden revelation and mass surveillance “Collect it all, • Going after crypto know it all, • The end of crypto exploit it all” • Security research www.wired.com 5 6 1 Post-Snowden Crypto June 2016 Bart Preneel Snowden revelations Snowden revelations (2) most capabilities could have been extrapolated from open Most spectacular: active defense sources • networks But still… – Quantum insertion: answer before the legitimate website massive scale and impact (pervasive) – inject malware in devices level of sophistication both organizational and technical • devices – redundancy: at least 3 methods to get to Google’s data – malware based on backdoors and 0-days (FoxAcid) – many other countries collaborated (beyond five eyes) – supply chain subversion – industry collaboration through bribery, security letters*, … Translation in human terms: complete control of networks and • including industrial espionage systems, including bridging the air gaps undermining cryptographic standards with backdoors No longer deniable (Bullrun) … and also the credibility of NIST Oversight weak * Impact of security letters reduced by Freedom Act (2 June 2015) 7 8 Rule #1 of cryptanalysis: search for plaintext [B. Morris] AliceEve/NSA Bob CRY Clear Clear CRY Clear Clear PTO PTO text text text text BOX BOX 9 10 Where do you find plaintext? SSO: Special Source Operations 1. PRISM (server) 2. Upstream (fiber) 11 12 2 Post-Snowden Crypto June 2016 Bart Preneel Muscular (GCHQ) 3.