My TLS was broken - Speaker Deck

Slide 1

Slide 1 text

My TLS is broken and probably yours too.

Slide 2

Slide 2 text

My TLS was broken My TLS is broken My TLS was broken My TLS is broken My TLS was broken My TLS will be broken

Slide 3

Slide 3 text

Part 1: The GreenLock

Slide 4

Slide 4 text

HTTPS func main() { http.ListenAndServeTLS(":443", "server.crt", "server.key", nil) }

Slide 5

Slide 5 text

Picture or it didn’t happen

Slide 6

Slide 6 text

HTTPS Server

Slide 7

Slide 7 text

Part 2: TCP TLS

Slide 8

Slide 8 text

TCP TLS Server func main() { cer, err := tls.LoadX509KeyPair("server.crt", "server.key") config := &tls.Config{Certificates: []tls.Certificate{cer}} ln , err := tls.Listen("tcp", ":443", config) conn, err := ln.Accept() go handleConnection(conn) }

Slide 9

Slide 9 text

TLS Client func main() { conf := &tls.Config{//InsecureSkipVerify: true} conn, err := tls.Dial("tcp", "ldap.ha.tsengine.io:847", conf) n, err := conn.Write([]byte("hello\n")) buf := make([]byte, 100) n, err = conn.Read(buf) log.Println(n, err) }

Slide 10

Slide 10 text

Server Client TCP

Slide 11

Slide 11 text

Part 3: Opportunistic TLS

Slide 12

Slide 12 text

func main() { listener, _ := net.Listen("tcp", "127.0.0.1:8000") conn, err := listener.Accept() bytesRead, err := conn.Read(...) if string(buffer[0:bytesRead]) == STARTTLS { conn := tls.Server(unenc_conn, &config) var buffer = make([]byte, 1024) conn.Handshake() ... } } TLS Client

Slide 13

Slide 13 text

Part 4

Slide 14

Slide 14 text

TLS Client Auth Handshake

Slide 15

Slide 15 text

TLS Exchange

Slide 16

Slide 16 text

Certiﬁcates

Slide 17

Slide 17 text

meson10@DESKTOP-S7PEUGG:~$ openssl x509 -in <(openssl s_client -connect wikipedia.com:443 2>&1 < /dev/null | sed -n '/-----BEGIN/,/-----END/p') -text Certificate: Data: Version: 3 (0x2) Serial Number: 08:30:94:62:d1:fe:a6:0a:e0:ba:bf:f5:ef:8b:c5:45 Validity Not Before: Dec 21 00:00:00 2017 GMT Not After : Jan 24 12:00:00 2019 GMT X509v3 CRL Distribution Points: Full Name: URI:http://crl3.digicert.com/sha2-ha-server-g6.crl Full Name: URI:http://crl4.digicert.com/sha2-ha-server-g6.crl Authority Information Access: OCSP - URI:http://ocsp.digicert.com

Slide 18

Slide 18 text

Sharing is not Caring, Your parents have been lying.

Slide 19

Slide 19 text

Part 5: Client Authentication

Slide 20

Slide 20 text

Client Authentication

Slide 21

Slide 21 text

Why is Client Auth needed?

Slide 22

Slide 22 text

But we use API Keys

Slide 23

Slide 23 text

Client Certiﬁcate Certificate: Issuer: C = IN, ST = MH, L = Pune, OU = TS Sre Certificate Authority, CN = TS Sre CA Validity Not Before: Jan 18 06:53:00 2019 GMT Not After : Jan 17 06:53:00 2024 GMT Subject: C = IN, ST = MH, L = Pune, OU = TrustingSocial, CN = tls_demo_client Authority Information Access: OCSP - URI:http://ca.ha.tsengine.io:7889 CA Issuers - URI:http://ca.ha.tsengine.io:1500/intermediate/intermediate.crt X509v3 CRL Distribution Points: Full Name: URI:http://ca.ha.tsengine.io:6688/api/v1/cfssl/crl

Slide 24

Slide 24 text

certificate, err := tls.LoadX509KeyPair(cert, key) tlsConfig := &tls.Config{ ServerName: "my-server", ClientAuth: tls.RequireAndVerifyClientCert, Certificates: []tls.Certificate{certificate}, } ln, err := tls.Listen("tcp", ":443", config) conn, err := ln.Accept() go handleConnection(conn) Accepting Client Certs

Slide 25

Slide 25 text

Deprecation of Internal & Reserved IP Addresses Circa 2012

Slide 26

Slide 26 text

Part 6: PKI

Slide 27

Slide 27 text

PKI Infrastructure

Slide 28

Slide 28 text

certPool := x509.NewCertPool() b, err := ioutil.ReadFile(rootPath) certPool.AppendCertsFromPEM(bs) tlsConfig := &tls.Config{ ServerName: "my-server", ClientAuth: tls.RequireAndVerifyClientCert, Certificates: []tls.Certificate{certificate}, ClientCAs: certPool, } Accepting Client Certs

Slide 29

Slide 29 text

certificate, err := tls.LoadX509KeyPair(cert, key) certPool := x509.NewCertPool() b, err := ioutil.ReadFile(rootPath) certPool.AppendCertsFromPEM(bs) tlsConfig := &tls.Config{ Certificates: []tls.Certificate{certificate}, RootCAs: certPool, } Accepting Server Certs

Slide 30

Slide 30 text

Part 7: Take it Back

Slide 31

Slide 31 text

How do you take-back a Cert?

Slide 32

Slide 32 text

CRL

Slide 33

Slide 33 text

meson10@DESKTOP-S7PEUGG:~$ openssl x509 -in <(openssl s_client -connect wikipedia.com:443 2>&1 < /dev/null | sed -n '/-----BEGIN/,/-----END/p') -text Certificate: Data: Version: 3 (0x2) Serial Number: 08:30:94:62:d1:fe:a6:0a:e0:ba:bf:f5:ef:8b:c5:45 Validity Not Before: Dec 21 00:00:00 2017 GMT Not After : Jan 24 12:00:00 2019 GMT X509v3 CRL Distribution Points: Full Name: URI:http://crl3.digicert.com/sha2-ha-server-g6.crl Authority Information Access: OCSP - URI:http://ocsp.digicert.com

Slide 34

Slide 34 text

CRL

Slide 35

Slide 35 text

CRL

Slide 36

Slide 36 text

Problems with CRL

Slide 37

Slide 37 text

OCSP

Slide 38

Slide 38 text

meson10@DESKTOP-S7PEUGG:~$ openssl x509 -in <(openssl s_client -connect wikipedia.com:443 2>&1 < /dev/null | sed -n '/-----BEGIN/,/-----END/p') -text Certificate: Data: Version: 3 (0x2) Serial Number: 08:30:94:62:d1:fe:a6:0a:e0:ba:bf:f5:ef:8b:c5:45 Validity Not Before: Dec 21 00:00:00 2017 GMT Not After : Jan 24 12:00:00 2019 GMT X509v3 CRL Distribution Points: Full Name: URI:http://crl3.digicert.com/sha2-ha-server-g6.crl Authority Information Access: OCSP - URI:http://ocsp.digicert.com

Slide 39

Slide 39 text

OCSP Flow

Slide 40

Slide 40 text

- Server Down? - DDOS CA - Privacy Compromise OCSP Challenges

Slide 41

Slide 41 text

Soft Fail

Slide 42

Slide 42 text

Soft Fail: Firefox

Slide 43

Slide 43 text

Soft Fail: Chrome

Slide 44

Slide 44 text

Hard Fail?

Slide 45

Slide 45 text

What’s the most fragile thing in the Universe? a) Silence b) Taylor Swift’s heart. c) Neymar’s Shin d) Internet Security

Slide 46

Slide 46 text

Part 7

Slide 47

Slide 47 text

Why do you revoke keys?

Slide 48

Slide 48 text

https://github.com/indutny/heartbleed

Slide 49

Slide 49 text

cert, err := x509.ParseCertificate(cert) // ok := callOCSPServer(cert) if !ok { // Certificate is revoked } tlsConfig := &tls.Config{ ServerName: "my-server", ClientAuth: tls.RequireAndVerifyClientCert, Certificates: []tls.Certificate{certificate}, ClientCAs: certPool, VerifyPeerCertificate: certValidator, } Accepting Client Certs

Slide 50

Slide 50 text

Part 8

Slide 51

Slide 51 text

CAtoolkit http:/ /github.com/tsocial/ca toolkit

Slide 52

Slide 52 text

Maybe, Security is just a feeling?

Slide 53

Slide 53 text

xps:~$ whoami Piyush Verma Site Reliability Engineering Trusting Social Twitter: meson10