Presentation is loading. Please wait.

Presentation is loading. Please wait.

Can SSL and TOR be intercepted? Secure Socket Layer.

Published byCornelius Ward Modified over 9 years ago

Similar presentations

Presentation on theme: "Can SSL and TOR be intercepted? Secure Socket Layer."— Presentation transcript:

1

2 Can SSL and TOR be intercepted?

3 Secure Socket Layer

4 De-facto standard to encrypt communications Can ensure the identity of the peer

5 Prerequisite to decrypt a communication: You have to monitor it!

6 Most of the SSL attacks are MITM-based

7 Physically in the middle Rogue AP, ISP, etc.

8 Logically in the middle Take a look at our 2003 BlackHat presentation…

9 Ok but…can SSL be intercepted?

10 Three attacks’ categories

11 Protocol design and math Chain of trust The User

12 Let’s start with…

13 Protocol design and math

14 Weak encryption can be easily cracked Protocol and algorithms are negotiated during the handshake This “attack” can be performed passively

15 Weak encryption can be easily cracked ~ 70%* of the Internet uses only “strong” encryption What’s “weak” and what’s “easy”? Ask the NSA… * Trustworthy Internet Movement 2014/10/3 on 151.509 web sites

16 SSLv2 Downgrade Attack No integrity check on the handshake Weaker encryption algorithms can be forced

17 SSLv2 Downgrade Attack SSLv2 disabled by default on most systems

18 SSLv3 is vulnerable as well… POODLE attack (September 2014) could be used to decrypt HTTPS cookies

19 SSLv3 is vulnerable as well… Most browsers dismissed SSLv3 Providers are going to dismiss it as well

20 Protocol versionWebsite Support SSL 2.019.4% SSL 3.098.0% TLS 1.099.3% TLS 1.142.0% TLS 1.244.3% Website coverage

21 TLS Logjam attack Published on May 2015 Forces TLS connection with weak key

22 TLS Logjam attack Vendors are patching

23 Implementation-specific attacks OpenSSL "Heartbleed" (CVE-2014-0160) Oracle Java JSSE (CVE-2014-6593) OpenSSL "Freak" (CVE-2015-0204) And many others...

24 Implementation-specific attacks Keep your system up to date! Google’s Nogotofail tests connections for known bugs and weak configurations

25 Chain of Trust

26 If you have the private key you can see the traffic! Very hard to detect This “attack” can be performed passively if no PFS is used

27 If you have the private key you can see the traffic! Don’t give your private key to anyone ;) Forward Secrecy available on almost 40% of the websites

28 Custom CA on the client device Often used by AVs to inspect traffic Sometimes used by vendors to insert Ads

29 Custom CA on the client device Don’t install untrusted CA certificates Keep your OS/AV up to date

30 Rogue CA A malicious CA can sign fake certificates CAs’ certificates were stolen in the past (eg: Diginotar 2011) Allows any “active” probe to impersonate any website

31 Rogue CA Public Key Pinning EFF SSL Observatory monitors trusted CAs Google and Facebook actively search for rogue CAs

32 Rogue CA In December 2013 0.2% of all connections to Facebook were established with forged certificates In 2014 Google found evidence from France and India of certificates signed by rogue Cas In 2015 Google removed all China NIC and EV CAs from their products

33 Future alternatives to the Chain of Trust Trust Assertion for Certificate Keys DNS-based Authentication of Named Entities

34 The User

35 SSL Strip attack Intercept the “redirect to HTTPS” reply HTTP-to-HTTPS Proxy for the whole communication Replace HTTPS with HTTP in any link

36 SSL Strip attack Pay attention to the “lock” Servers using HSTS can force HTTPS on the clients HTTPS Everywhere plugin doesn’t allow HTTP connections Mozilla pushes for full HTTPS

Download ppt "Can SSL and TOR be intercepted? Secure Socket Layer."

Similar presentations

The Dog’s Biggest Bite. Overview History Start Communication Protocol Weakness POODLE Issues.

The Dog’s Biggest Bite. Overview History Start Communication Protocol Weakness POODLE Issues.
1 Lecture 17: SSL/TLS history, architecture basic handshake session initiation/resumption key computation negotiating cipher suites application: SET.

1 Lecture 17: SSL/TLS history, architecture basic handshake session initiation/resumption key computation negotiating cipher suites application: SET.
CS470, A.SelcukSSL/TLS & SET1 CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.

CS470, A.SelcukSSL/TLS & SET1 CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.
SSLstrip Stepan Shykerynets 23.03.2013.

SSLstrip Stepan Shykerynets
Cryptography and Network Security

Cryptography and Network Security
SSL CS772 Fall 2011. Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.

SSL CS772 Fall Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.
Socket Layer Security. In this Presentation: need for web security SSL/TLS transport layer security protocols HTTPS secure shell (SSH)

Socket Layer Security. In this Presentation: need for web security SSL/TLS transport layer security protocols HTTPS secure shell (SSH)
Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.

Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.
CSE 461 Section. “Transport Layer Security” protocol Standard protocol for encrypting Internet traffic Previously known as SSL (Secure Sockets Layer),

CSE 461 Section. “Transport Layer Security” protocol Standard protocol for encrypting Internet traffic Previously known as SSL (Secure Sockets Layer),
More Trick For Defeating SSL

More Trick For Defeating SSL
By: Hassan Waqar.  A PROTOCOL for securely transmitting data via the internet.  NETWORK LAYER application.  Developed by NETSCAPE.

By: Hassan Waqar.  A PROTOCOL for securely transmitting data via the internet.  NETWORK LAYER application.  Developed by NETSCAPE.
Encryption, SSL and Certificates BY JOSHUA COX AND RACHAEL MEAD.

Encryption, SSL and Certificates BY JOSHUA COX AND RACHAEL MEAD.
SSL & SharePoint IT:Network:Applications. Agenda Secure Socket Layer Encryption 101 SharePoint Customization SharePoint Integration.

SSL & SharePoint IT:Network:Applications. Agenda Secure Socket Layer Encryption 101 SharePoint Customization SharePoint Integration.
Security Through Encryption. Different ways to achieve security of communication data Keep things under lock and key – Physical Encryption Through password.

Security Through Encryption. Different ways to achieve security of communication data Keep things under lock and key – Physical Encryption Through password.
Digital Signatures. Anononymity and the Internet.

Digital Signatures. Anononymity and the Internet.
1 Supplement III: Security Controls What security services should network systems provide? Confidentiality Access Control Integrity Non-repudiation Authentication.

1 Supplement III: Security Controls What security services should network systems provide? Confidentiality Access Control Integrity Non-repudiation Authentication.
The OWASP Foundation Risks of Insecure Communication High likelihood of attack Open wifi, munipical wifi, malicious ISP Easy to exploit.

The OWASP Foundation Risks of Insecure Communication High likelihood of attack Open wifi, munipical wifi, malicious ISP Easy to exploit.
Mar 12, 2002Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities SSL/TLS.

Mar 12, 2002Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities SSL/TLS.
K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.

K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.
Online Security Tuesday April 8, 2003 Maxence Crossley.

Online Security Tuesday April 8, 2003 Maxence Crossley.

Similar presentations

Ads by Google