TU Wien • Teaching “Digital Forensics” and “Privacy Enhancing Technologies” • Certified expert witness Private: • Member of C3Wien • Old-timer enthusiast • Meme artist • @fr333k (private) 2
GCM-AES-128 • Including IP packets, ARP & DHCP • But only LAN History: • Specified in 2006 by IEEE as 802.1AE • Amendment in 2011 as 802.1AEbn • Part of the Linux kernel since 4.6 (May 2016) 9
type macsec encrypt on host1:~$ ip macsec add macsec0 rx port 1 address C0:FF:EE:C0:FF:EE host1:~$ ip macsec add macsec0 tx sa 0 pn 1 on key 00 -> <128-bit send key> host1:~$ ip macsec add macsec0 rx port 1 address C0:FF:EE:C0:FF:EE -> sa 0 pn 1 on key 01 <128-bit receive key> host1:~$ <add route> Same for host2, done! 17
Kernel Network Tunnel” • Written & maintained by Jason Donenfeld Inner workings: • Implemented as kernel module • Authentication similar to SSH’s authenticated_keys • Roughly 4,000 LoC • Uses UDP 20
dead (Export cipher, POODLE, Drown, …) • TLS 1.0, 1.1: minor changes, better not use* • TLS 1.2: can be made to fly Soon: TLS 1.3 • IETF approved • Final version is 28 (see on github) • Mostly implement = draft version 23 27
v63 • Already 2% of traffic from Cloudflare’s perspective • Firefox, supported since v58 • OpenSSL 1.1.1., BoringSSL, rustls, Go, … • This will change in 2018! 33