SSL/TLS
O Encrypted Communication –
Eavesdropping and Tampering
O Secure Identification of a
Network – Are you talking to the
right server?
Slide 5
Slide 5 text
Attacking The Encryption Algorithm
O Attack like the BEAST (Browser Exploit
Against SSL/TLS ) target the underlying
encryption.
O Usually the encryption has held against
attacks. Even BEAST requires injecting client
side JavaScript to work
O http://threatpost.com/en_us/blogs/new-
attack-breaks-confidentiality-model-ssl-
allows-theft-encrypted-cookies-091611
Slide 6
Slide 6 text
Attacking The Authenticity
O The low hanging fruit. Most of the times
when that sslstrip guy talks about SSL
issues he talks about attacking the
authenticity.
O Why is the authenticity important?
O How do you bypass it?
Slide 7
Slide 7 text
How is the authenticity maintained?
O A implicitly trusted certificate will tell you
that a server’s particular certificate is trust
worthy or not.
O When a server got a certificate trusted by a
root CA they get added to a list.
O If a server is removed from the trusted listed
they get added to a revocation list.
Slide 8
Slide 8 text
Is your browser checking the revocation
list?
O Chrome relies on frequent updates for this.
O Firefox ?
O IE - Online Certificate List
O Online Certificate Status Protocol
Slide 9
Slide 9 text
Bad Things can Happen
O Comodo an affiliate of a root CA was
hacked.
O DigiNotar was hacked.
O Hundreds of certificates for google, yahoo,
mozilla, MS windows update were released.
O SSL assumes that both end points aren’t
evil
Slide 10
Slide 10 text
I hacked the internet and all I
have is a t-shirt
O Attack against the PKI because of MD5
O The attack was against Intermediate CAs
O There were theoretical attacks against MD5
since 2004
O They found out that RapidSSL had issued
97% certificates with MD5 hash.
Slide 11
Slide 11 text
I hacked the internet and all I
have is a t-shirt
O Also the certificate serial number was
sequential and time could be predicted
O Used 200 PS3s to generate a certificate
which had most parts from a legitimate cert
but something different.
O http://www.trailofbits.com/resources/creati
ng_a_rogue_ca_cert_paper.pdf
Slide 12
Slide 12 text
No content
Slide 13
Slide 13 text
SSLStrip attacks HTTP
O Attacked correct attributes not being setup
in Certificates
O Now looks at HTTP traffic going by.
O Has a valid certificate for a weird looking
domain name whose puny code looks like /
?
Slide 14
Slide 14 text
Akash Mahajan | That Web
Application Security Guy
O [email protected]
O @makash | akashm.com
O http://slideshare.net/akashm
O OWASP Bangalore Chapter Lead
O Null Co-Founder and
Community Manager
Slide 15
Slide 15 text
References
O SSL Lock image from http://elie.im/blog/security/evolution-of-the-https-lock-icon-
infographic/
O http://arstechnica.com/business/news/2011/09/new-javascript-hacking-tool-can-
intercept-paypal-other-secure-sessions.ars
O http://technet.microsoft.com/en-us/library/cc962078.aspx
O https://freedom-to-tinker.com/blog/sroosa/flawed-legal-architecture-certificate-
authority-trust-model
O http://arstechnica.com/security/news/2011/08/earlier-this-year-an-iranian.ars
O http://arstechnica.com/security/news/2011/03/independent-iranian-hacker-claims-
responsibility-for-comodo-hack.ars
O http://en.wikipedia.org/wiki/Certificate_authority#cite_note-3
O http://vnhacker.blogspot.in/2011/09/beast.html
O http://threatpost.com/en_us/blogs/new-attack-breaks-confidentiality-model-ssl-allows-
theft-encrypted-cookies-091611