Presentation is loading. Please wait.

Presentation is loading. Please wait.

Project „ACH“ (Applied Crypto Hardening) www.bettercrypto.org.

Published byAugust Garrison Modified over 8 years ago

Similar presentations

Presentation on theme: "Project „ACH“ (Applied Crypto Hardening) www.bettercrypto.org."— Presentation transcript:

1 Project „ACH“ (Applied Crypto Hardening) www.bettercrypto.org

2 Motivation

3 Don‘t give them anything for free It‘s your home, you fight

4 TL;DR - Quickinfos Website: www.bettercrypto.orgwww.bettercrypto.org Git repo: https://git.bettercrypto.orghttps://git.bettercrypto.org Mailing list: http://lists.cert.at/cgi- bin/mailman/listinfo/achhttp://lists.cert.at/cgi- bin/mailman/listinfo/ach

5 Idea Do at least something against the Cryptocalypse Check SSL, SSH, PGP crypto Settings in the most common services and certificates: – Apache, Nginx, lighthttp – IMAP/POP servers (dovecot, cyrus,...) – openssl.conf – Etc. Create easy, copy & paste-able settings which are „OK“ (as far as we know) for sysadmins. Keep it short. There are many good recommendations out there written by cryptographers for cryptographers Many eyes must check this! (Aaron)

6 Table of contents so far Disclaimer Methods PKIs Elliptic Curve Cryptography Key lengths Random Number Generators Cipher suites Recommendations on practical settings Tools Links Reviewers

7 Additionally covered in this talk Attacks: BEAST, CRIME etc.

8 METHODS (Aaron)

9 Previous work (Aaron) Qualys blog / book (Ivan Rstic): – SSL/TLS Deployment Best Practices – OpenSSL Cookbook ENISA recommendations: Algorithms, Key Sizes and Parameters Report BSI: Technische Richtlinie TR-02102-2, Kryptographische Verfahren: Empfehlungen und Schlüssellängen. Jan. 2013 G-sec.lu (Thierry Zoller): TLS/SSL hardening and compatibility Report 2011 NIST: Recommendation for Key Management, July 2013

10 SOME THOUGHTS ON ECC (Azet)

11 Some general thoughts on settings General – Disable SSL 2.0 (weak algorithms) – Disable SSL 3.0 (BEAST vs IE/XP) – Enable TLS 1.0 or better – Disable TLS-Compression (SSL-CRIME Attack) – Implement HSTS (HTTP Strict Transport Security) Variant A: fewer supported clients Variant B: more clients, weaker settings Ramin

12 Strong settings. Variant A

13 Weaker, compatible settings, Variant B

14 RANDOM NUMBER GENERATORS Azet

15 KEYLENGTHS (cm, Azet)

16 A BRIEF OVERVIEW OF COMMON CRYPTO SOFTWARE: LIBRARIES (cm, Adi)

17 ATTACKS: BEAST, CRIME ETC. (Azet)

18 TESTING TESTING TESTING

19

20 How to test? - Tools (Pepi) ssllabs.com xmpp.net Sslscan (CLI tool) What can people do to test themselves? What does a test result mean? Potential for a config file generator (as discussed)?

21 Ssllabs.com Example

22 Recommendations on practical settings – our findings so far Apache (Adi, Azet) Nginx (Adi, Pepi) MS IIS (Ramin) Postfix, dovecot (cm) Opportunistic TLS, what is that? (cm) ssh (Azet)

23 Current state as of 2013/11/13 Initial ongoing work in the git repository More testing needed. Especially compatibility with clients and when to simply ignore old clients (RC4,...) Need to fill in other sections (PGP, Exchange server,...)

24 Practical settings – still missing UW, Cyrus Exim4 OpenVPN – troubles on mac (pepi) IPSec vendor specific applications: Juniper VPN, Cisco... Proxies (squid) Exchange PGP

25 Participation Authors: cryptologists, sysadmins, hackers Apply for write-perms World-readable Variantes: – (A) reviewer: the harder job ;-) – (B) co-author: add a section

26 Links Website: www.bettercrypto.orgwww.bettercrypto.org Git repo: https://git.bettercrypto.org/ach- master.githttps://git.bettercrypto.org/ach- master.git Mailing list: http://lists.cert.at/cgi- bin/mailman/listinfo/achhttp://lists.cert.at/cgi- bin/mailman/listinfo/ach

27 Git Repo

28 Thank you! Authors: L. Aaron Kaplan kaplan@cert.atkaplan@cert.at Manuel Koschuch Adi Kriegisch adi@kriegisch.atadi@kriegisch.at Christian Mock Ramin Sabet Aaron Zauner Pepi Zawodsky pepi@maclemon.atpepi@maclemon.at

Download ppt "Project „ACH“ (Applied Crypto Hardening) www.bettercrypto.org."

Similar presentations

SSL CS772 Fall 2011. Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.

SSL CS772 Fall Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.
17.1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 17 Security at the Transport Layer: SSL and TLS.

17.1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 17 Security at the Transport Layer: SSL and TLS.
CMSC 414 Computer and Network Security Lecture 26 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 26 Jonathan Katz.
Module 5: TLS and SSL 1. Overview Transport Layer Security Overview Secure Socket Layer Overview SSL Termination SSL in the Hosted Environment Load Balanced.

Module 5: TLS and SSL 1. Overview Transport Layer Security Overview Secure Socket Layer Overview SSL Termination SSL in the Hosted Environment Load Balanced.
COMP043-Cryptology Week 4 – Certs and Sigs. Digital Signatures Digital signatures provide –Integrity –Authenticity and –Non-repudiation How do they work?

COMP043-Cryptology Week 4 – Certs and Sigs. Digital Signatures Digital signatures provide –Integrity –Authenticity and –Non-repudiation How do they work?
CSE 461 Section. “Transport Layer Security” protocol Standard protocol for encrypting Internet traffic Previously known as SSL (Secure Sockets Layer),

CSE 461 Section. “Transport Layer Security” protocol Standard protocol for encrypting Internet traffic Previously known as SSL (Secure Sockets Layer),
Bradley Cowie, Barry Irwin and Richard Barnett Security and Networks Research Group Department of Computer Science Rhodes University MANAGEMENT, PROCESSING.

Bradley Cowie, Barry Irwin and Richard Barnett Security and Networks Research Group Department of Computer Science Rhodes University MANAGEMENT, PROCESSING.
Securing Network Communication. 2 Security Issues in Communication Privacy  Anyone can see content Integrity  Someone might alter content Authentication.

Securing Network Communication. 2 Security Issues in Communication Privacy  Anyone can see content Integrity  Someone might alter content Authentication.
Introduction to PKI, Certificates & Public Key Cryptography Erwan Lemonnier.

Introduction to PKI, Certificates & Public Key Cryptography Erwan Lemonnier.
A Survey of WAP Security Architecture Neil Daswani

A Survey of WAP Security Architecture Neil Daswani
OAAIS Enterprise Information Security Security Awareness, Training & Education (SATE) Program or 415.514-3333 UCSF Campus VPN.

OAAIS Enterprise Information Security Security Awareness, Training & Education (SATE) Program or UCSF Campus VPN.
© 2004, The Technology Firm WWW.THETECHFIRM.COM SSL Packet Decodes From Wikipedia, the free encyclopedia.  Secure Sockets Layer (SSL) is a cryptographic.

© 2004, The Technology Firm SSL Packet Decodes From Wikipedia, the free encyclopedia.  Secure Sockets Layer (SSL) is a cryptographic.
Security Overview Hofstra University University College for Continuing Education - Advanced Java Programming Lecturer: Engin Yalt May 24, 2006.

Security Overview Hofstra University University College for Continuing Education - Advanced Java Programming Lecturer: Engin Yalt May 24, 2006.
An Introduction to Security Concepts and Public Key Infrastructure (PKI) Mary Thompson.

An Introduction to Security Concepts and Public Key Infrastructure (PKI) Mary Thompson.
Java Security Model Lab#1 I. Omaima Al-Matrafi. Safety features built into the JVM Type-safe reference casting Structured memory access (no pointer arithmetic)

Java Security Model Lab#1 I. Omaima Al-Matrafi. Safety features built into the JVM Type-safe reference casting Structured memory access (no pointer arithmetic)
 Key exchange o Kerberos o Digital certificates  Certificate authority structure o PGP, hierarchical model  Recovery from exposed keys o Revocation.

 Key exchange o Kerberos o Digital certificates  Certificate authority structure o PGP, hierarchical model  Recovery from exposed keys o Revocation.
TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 30 Internet Security.

TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 30 Internet Security.
FIT3105 Smart card based authentication and identity management Lecture 4.

FIT3105 Smart card based authentication and identity management Lecture 4.
Dr. Sarbari Gupta Electrosoft Services Tel: (703)757-9096 Security Characteristics of Cryptographic.

Dr. Sarbari Gupta Electrosoft Services Tel: (703) Security Characteristics of Cryptographic.
Topic 11: Key Distribution and Agreement 1 Information Security CS 526 Topic 11: Key Distribution & Agreement, Secure Communication.

Topic 11: Key Distribution and Agreement 1 Information Security CS 526 Topic 11: Key Distribution & Agreement, Secure Communication.

Similar presentations

Ads by Google