Fixing TLS Scott Rea VP GOV/EDU Relations & Sr. PKI Architect.

Slides:

Advertisements

Similar presentations

Public Key Infrastructure and Applications

Advertisements

SSL/TLS Protocol Network Security Gene Itkis. Basic paradigmatic application: on-line purchase Client contacts Server (possibly for the first time) Spontaneity.

Authentication Applications Kerberos And X.509. Kerberos Motivation –Secure against eavesdropping –Reliable – distributed architecture –Transparent –

1 Secure Cloud and BYOD Strategies Gaining Control Over Trust.

The Dog’s Biggest Bite. Overview History Start Communication Protocol Weakness POODLE Issues.

GOPAS TechEd 2012 PKI Design Ing. Ondřej Ševeček | GOPAS a.s. |

Conventional Encryption: Algorithms

Network Security: Lab#2 J. H. Wang Apr. 28, 2011.

© 2008 T.Zlateva, L.Burstein, A.MacNeil Virtual Laboratories for Learning Real World Security The 12 th Colloquium for Information Systems Security Education.

Performance and Efficiency in Wireless Security Terry Fletcher, Senior Security Architect Chrysalis-ITS

An Introduction to Secure Sockets Layer (SSL). Overview Types of encryption SSL History Design Goals Protocol Problems Competing Technologies.

Bradley Cowie, Barry Irwin and Richard Barnett Security and Networks Research Group Department of Computer Science Rhodes University MANAGEMENT, PROCESSING.

ITA, , 8-TLS.pptx 1 Internet Security 1 (IntSi1) Prof. Dr. Andreas Steffen Institute for Internet Technologies and Applications (ITA) 8 Transport.

Alternatives to PKI-based SSL on the web Dr. István Zsolt Berta opinions expressed here are strictly those of my own.

Computer and Network Security Mini Lecture by Milica Barjaktarovic.

Cryptographic Security Presented by: Josh Baker October 9 th, CS5204 – Operating Systems.

+1 (801) Ultralight OCSP Improving Revocation Checking.

Cryptography and Authentication Lab ECE4112 Group4 Joel Davis Scott Allen Quinn.

© 2004, The Technology Firm SSL Packet Decodes From Wikipedia, the free encyclopedia.  Secure Sockets Layer (SSL) is a cryptographic.

Secure Teleradiology Nick Collett Brookside Consulting

Session 5 Hash functions and digital signatures. Contents Hash functions – Definition – Requirements – Construction – Security – Applications 2/44.

FIT3105 Smart card based authentication and identity management Lecture 4.

Cryptography and Network Security Chapter 12 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.

SSL By: Anthony Harris & Adam Shkoler. What is SSL? SSL stands for Secure Sockets Layer SSL is a cryptographic protocol which provides secure communications.

Encryption Methods By: Michael A. Scott

Certificates ID on the Internet. SSL In the early days of the internet content was simply sent unencrypted. It was mostly academic traffic, and no one.

AJ Mancini IV Paul Schiffgens Jack O’Hara. WIRELESS SECURITY  Brief history of Wi-Fi  Wireless encryption standards  WEP/WPA  The problem with WEP.

Lecture 12 Electronic Business (MGT-485). Recap – Lecture 11 E-Commerce Security Environment Security Threats in E-commerce Technology Solutions.

Network Security. An Introduction to Cryptography The encryption model (for a symmetric-key cipher).

Electronic Submission of Medical Documentation (esMD) Author of Record Workgroup Wednesday June 20,

Bradley Cowie Supervised by Barry Irwin Security and Networks Research Group Department of Computer Science Rhodes University MANAGEMENT, PROCESSING AND.

This is my contact No and this number search with google and learn my videos

SSL/TLS after DigiNotar and BEAST

每时每刻可信安全 1The DES algorithm is an example of what type of cryptography? A Secret Key B Two-key C Asymmetric Key D Public Key A.

Computer encryption is… Based on the science of cryptography.

Introduction to Secure Sockets Layer (SSL) Protocol Based on:

Prohibiting RC4 Cipher Suites in TLS By: Andrei Popov

Digital Envelopes, Secure Socket Layer and Digital Certificates By: Anthony and James.

TLS/SSL - How and Why PCI Flags it but why do we care? By: MadHat Unspecific.

The Distribution Online Vending Pilot Project Demo Testing Certificate Management Kennedy P Subramoney 23 July 2004.

Mining Your Ps and Qs: Detection of Widespread Weak Keys in Network Devices N. Heninger, Z. Durumeric, E. Wustrow, and J. Halderman USENIX Sec’

1 SSH / SSL Supplementary material. 2 Secure Shell (SSH) One of the primary goals of the ARPANET was remote access Several different connections allowed.

TCP/IP Protocol Suite 1 Chapter 30 Security Credit: most slides from Forouzan, TCP/IP protocol suit.

Potential vulnerabilities of IPsec-based VPN

Wireless Security Rick Anderson Pat Demko. Wireless Medium Open medium Broadcast in every direction Anyone within range can listen in No Privacy Weak.

INFORMATION SECURITY MANAGEMENT P ROTECTION M ECHANISMS - C RYPTOGRAPHY.

Network and Internet Security Prepared by Dr. Lamiaa Elshenawy

CIT 380: Securing Computer SystemsSlide #1 CIT 380: Securing Computer Systems Web Security.

ANSI X9.44 and IETF TLS Russ Housley and Burt Kaliski RSA Laboratories November 2002.

SSH/SSL Attacks not on tests, just for fun. SSH/SSL Should Be Secure Cryptographic operations are secure SSL uses certificates to authenticate servers.

INFORMATION SECURITY MANAGEMENT P ROTECTION M ECHANISMS - C RYPTOGRAPHY.

By Ramesh Mannava.  Overview  Introduction  10 secure software engineering topics  Agile development with security development activities  Conclusion.

Security Systems | ST/SRM3-NA | 4/6/2016 © 2016 Robert Bosch LLC and affiliates. All rights reserved. 1 Ensure data security in a hyper-connected world.

February 3, February 2016 Securing networking traffic and authentication to cope with current and future cyber attacks.

Encryption Power Crunch Tyler Morgan. Encryption & Cryptography What it is, methods, and brief description of cryptography.

ENGR 101 Compression and Encryption. Todays Lecture  Encryption  Symmetric Ciphers  Public Key Cryptography  Hashing.

Cryptography CSS 329 Lecture 13:SSL.

Lecture 10 Page 1 CS 236 Online SSL and TLS SSL – Secure Socket Layer TLS – Transport Layer Security The common standards for securing network applications.

Project „ACH“ (Applied Crypto Hardening)

Internet security for the home Paul Norton MEng(Hons) MIEE Electronic engineer working for Pascall Electronics Ltd. on the Isle of Wight A talk on Internet.

+1 (801) Research Advisory Improving PKI Revocation An approach to improving the reach and efficiency of revocation checking.

Certificate Security For Users Obtaining and Using Your Personal Certificate using the OSG PKI Kyle Gross – OSG Operations Support Lead Elizabeth Prout.

ERCOT External Web Services and Notifications Secure Sockets Layer (SSL) Certificate Upgrade Leo Angele ERCOT Web Services.

Free Social Media Management Tool

Nessus Vulnerability Scan

Web Applications Security Cryptography 1

Practical Questions Theoretical Questions

Originally by Yu Yang and Lilly Wang Modified by T. A. Yang

Scott Miller TSM Team Lead Ray Mah Architect, Foundation

Hacking Windows Vista Security

Presentation transcript:

Fixing TLS Scott Rea VP GOV/EDU Relations & Sr. PKI Architect

Is SSL Still Secure? Not according to the media…

Is SSL Still Secure? Some high profile stories: – DigiNotar – Theoretical attacks: BEAST, CRIME, BREACH, etc. – Weak cipher suites – Weak algorithms – Weak private keys – NSA and the Snowden revelations What do most potential exploits have in common? They rely on improper SSL implementation.

What can we do better? 51% of enterprises do not know all of the keys and certs on their network *. About 2 in 3 enterprises still use ciphers vulnerable to BEAST. Most have migrated to 2048-bit key sizes or higher. SHA-1 to SHA-2 migration is next. * Based on research by Ponemon Institute

Better implementation is still needed

Our tool can help To download and use the free DigiCert Certificate Inspector, contact us at: