A Primer on SSL and the Heartbleed Bug

Transcript

1. CVE-2014-0160 (aka Heartbleed) or: The Day The Internet Broke or:

   International Buy Your Sysadmin a Drink Day or: AW F*CK, REALLY?

2. Topics How does cryptography work? How does TLS/SSL work? How

   does CVE-2014-0160 (aka Heartbleed) affect SSL/TLS? How is it fixed? How screwed are we, exactly?

3. How does cryptography work? There are three major types of

   cryptography: 1. One-time pad 2. Symmetric 3. Asymmetric (aka public key)

4. One time pads One time pads are random streams of

   data that make up a key. Two copies of equal length are produced. They can only be used once (hence one-time pad)

5. Symmetric cryptography Both parties are issued the same key. Both

   keys are kept secret. If your key algorithm is good, and the key is kept secret, this is incredibly strong crypto.

6. Asymmetric cryptography Each user generates a keypair based on an

   algorithm. • Public keys are widely distributed. • Private keys are known only to their owner. This keypair is based on really, really difficult math (usually involving very large prime numbers) that is difficult to reverse-engineer.

7. Asymmetric digital signatures Asymmetric cryptography can also be used for

   verifying a digital identity. • Public verification key: distributed everywhere • Private signing key: held only by the owner.

8. Public-key cryptography in use Alice wants to talk to Bob

   securely. Alice and Bob have exchanged public keys. 1. Alice writes a message to Bob and encrypts it using Bob’s public key. 2. Alice sends her encrypted message to Bob. 3. Later, Bob decrypts the message from Alice with his private key and reads it.

9. Digital signatures in use Alice has written some code that

   she wishes to send to Bob. 1. Alice signs her code with her private signing key and sends it to Bob. 2. Bob opens the code and uses Alice’s public verification key to check that the code belongs to Alice. 3. Bob can now be reasonably sure that the code is authentic and wasn’t tampered with in transit.

10. Topics How does cryptography work? How does TLS/SSL work? How

    does CVE-2014-0160 (aka Heartbleed) affect SSL/TLS? How is it fixed? How screwed are we, exactly?

11. Transport Layer Security (TLS) TLS and its predecessor, SSL (Secure

    Socket Layer), are used to transfer sensitive or confidential information over the internet. TLS/SSL is a combination of asymmetric and symmetric cryptography.

12. The TLS Handshake and you 1. The client sends the

    server its crypto information. 2. The server sends the client its corresponding information, including its X.509 Certificate. 3. The client takes a look at the certificate, looks up the server’s Certificate Authority (CA), and verifies that the certificate is valid. 4. If the CA info checks out, the client generates a pre-master secret. 5. The client and server use the pre- master secret to generate a master secret. 6. Both the client and the server use the master secret to generate a symmetric session key. 7. The client tells the server that it will only use the session key to send information (and vice versa). There is now a secure, trustworthy TLS connection.

13. Topics How does cryptography work? How does TLS/SSL work? How

    does CVE-2014-0160 (aka Heartbleed) affect SSL/TLS? How is it fixed? How screwed are we, exactly?

14. What’s the problem, exactly? OpenSSL can be configured to use

    something called a TLS heartbeat. This is used to reduce the network and computational overhead required for secure connections.

15. So? Heartbleed is a flaw with how TLS heartbeats are

    implemented in OpenSSL. Essentially, every heartbeat query can return the contents of up to 64K of memory. This means that the server’s private key can be obtained, along with anything else in memory.

16. Topics How does cryptography work? How does TLS/SSL work? How

    does CVE-2014-0160 (aka Heartbleed) affect SSL/TLS? How is it fixed? How screwed are we, exactly?

17. How do you fix it? Two ways: 1. Add one

    line of code to OpenSSL. 2. Recompile OpenSSL so that TLS heartbeat is disabled. Then, revoke and reissue your keys and certs. This is what every competent sysadmin in the world did on Monday night and Tuesday morning.

18. What versions are affected? OpenSSL 1.0.1 through 1.0.1f. OpenSSL 1.0.1g

    is the patched version. (Debian’s version of OpenSSL [1.0.1e] contains the patch if the build date is > 04/07/2014 -- check this by running openssl version -a in a terminal)

19. Topics How does cryptography work? How does TLS/SSL work? How

    does CVE-2014-0160 (aka Heartbleed) affect SSL/TLS? How is it fixed? How screwed are we, exactly?

20. Pretty screwed.

21. Really? Not quite that bad, but it’s pretty serious. This

    bug has been in the wild since December 2011. It can be assumed that any server running a vulnerable version of OpenSSL has been compromised. Its certificate and keypair should no longer be considered valid. Furthermore, any information exchanged using that certificate can be assumed to be compromised.

22. Ok, so… what do I do? Verify that the bug

    has been patched for sites you use: http://filippo.io/Heartbleed/ Change your online passwords. All of them. Now. Start using multi-factor authentication (MFA) for everything.

23. Questions? Grant Dobbe Besparq LLC [email protected] @grantdobbe