SSL, CAs and keeping your stuff safe
BQSFTFOUBUJPOCZBSNJOSPOBDIFSGPSQZHSVOO
http://lucumr.pocoo.org/ — @mitsuhiko
Slide 2
Slide 2 text
SSL, CAs and keeping your stuff safe
BQSFTFOUBUJPOCZBSNJOSPOBDIFSGPSQZHSVOO
http://lucumr.pocoo.org/ — @mitsuhiko
a capitalistic and system conformant talk about encryption
Slide 3
Slide 3 text
Armin Ronacher
Independent Contractor for Splash Damage / Fireteam
Doing Online Infrastructure for Computer Games
Slide 4
Slide 4 text
… The Problem with Programmers
~ Epilogue ~
Slide 5
Slide 5 text
Programmers think everything
is a technical problem
Slide 6
Slide 6 text
Fraud
~ Chapter 1 ~
Slide 7
Slide 7 text
XXXX-XXXX-XXXX-1234
What is the worst that can happen?
Slide 8
Slide 8 text
What makes Credit Card Numbers “secure”?
Slide 9
Slide 9 text
theft
ere will always be criminals
Slide 10
Slide 10 text
prevented
But what damage can they do?
Slide 11
Slide 11 text
Bitcoin A Credit Card
Strong Encryption Potentially No Encryption
256 bit private key 16 digit number + checksum
decentralized centralized
√ x
Slide 12
Slide 12 text
But I'd rather lose my credit card …
Slide 13
Slide 13 text
Never
Slide 14
Slide 14 text
LOL
Slide 15
Slide 15 text
We Accept Stolen Creditcards
Slide 16
Slide 16 text
e Protocol
e Process
is insecure
is secure
Slide 17
Slide 17 text
If the aud percentage is smaller than
the transaction fees we're all good.
Slide 18
Slide 18 text
It's too easy to forget the
bigger picture
Slide 19
Slide 19 text
of Lock Symbols and Encryption
~ Chapter 2 ~
Slide 20
Slide 20 text
the lock symbol is a lie
Slide 21
Slide 21 text
the lock stands for secure
Slide 22
Slide 22 text
but so is encryption
8
7
Slide 23
Slide 23 text
such security
Slide 24
Slide 24 text
such buzzwords
CRIME
BEAST
Heartbleed
BREACH
PFS
Slide 25
Slide 25 text
users need to understand how to
keep good om bad lock symbols /
good om bad encryption.
=
-
Slide 26
Slide 26 text
but even developers are not sure yet …
Slide 27
Slide 27 text
remember why you encrypt
(NSA
Slide 28
Slide 28 text
Why do we Encrypt Traffic?
~ Chapter 3 ~
Slide 29
Slide 29 text
No content
Slide 30
Slide 30 text
public WiFi the unencrypted browser session
kilLed
Slide 31
Slide 31 text
?
Who is the Attacker?
Slide 32
Slide 32 text
om secret agents to idiots
Slide 33
Slide 33 text
om targeted to untargeted
Slide 34
Slide 34 text
om low to high probability
Slide 35
Slide 35 text
What You Need for Encryption
~ Chapter 4 ~
Slide 36
Slide 36 text
passive vs active eavesdropping
encryption authentication
Slide 37
Slide 37 text
$ ssh pocoo.org
The authenticity of host 'pocoo.org (148.251.50.164)' can't be established.
RSA key fingerprint is 14:23:83:02:45:f9:9c:d0:eb:39:c7:14:42:f5:9f:9c.
Are you sure you want to continue connecting (yes/no)?
Slide 38
Slide 38 text
your user does not check ngerprints
(your
Slide 39
Slide 39 text
e
Certificate Authorities
thus:
Slide 40
Slide 40 text
CAs are worthless for securing APIs
let it be known that
Slide 41
Slide 41 text
Protecting APIs and Services
~ Chapter 5 ~
(non
Slide 42
Slide 42 text
The Only Rule to Follow
Slide 43
Slide 43 text
run your own CA
issue certi cates for 24 hours
trust your own CA only
screw re ocations
Slide 44
Slide 44 text
You trust your own CA by
distributing the certi cate to
everybody.
Slide 45
Slide 45 text
If your root gets compromised,
distribute new root certi cates.
Slide 46
Slide 46 text
If an individual key gets compromised,
in less than 24 hours everything is ne.
Slide 47
Slide 47 text
from requests import get
resp = get('https://api.yourserver.com/',
verify='your/certificate.bundle')
Slide 48
Slide 48 text
“But my awesome AntiVirus says
your certi cate is not trusted.”
— Windows User
Slide 49
Slide 49 text
Certificate Authorities Again
~ Chapter 6 ~
Slide 50
Slide 50 text
Hardly news: CAs are Broken
Slide 51
Slide 51 text
But why are the broken?
Slide 52
Slide 52 text
I Trust “TÜRKTRUST Elektronik Serti ka Hizmet
Sağlayıcısı” to ouch for the identity of any domain on
the planet.
Trusting a CA:
Slide 53
Slide 53 text
trusting half the world: one shitty employee in one shitty
CA is enough to break your security.
Slide 54
Slide 54 text
I Trust “Comodo” to ouch for the identity of “Foo
Owner” foo.com.
I only trust “Foo Owner” to ouch for the identity of
api.foo.com
What we actually want:
Slide 55
Slide 55 text
if you have seen google.com being from Verisign and all
the sudden google.com becomes a StartSSL certificate you
know something might be wrong.
Slide 56
Slide 56 text
Soon: Certificate Pinning?
Slide 57
Slide 57 text
Frack OpenSSL and Question “Best Practices”
~ Chapter 7 ~
Slide 58
Slide 58 text
Self-Signed Certificates are not bad. Just in browsers.
Slide 59
Slide 59 text
Never. Ever. Look at OpenSSL's Source.
Slide 60
Slide 60 text
OpenSSL's "patches" are even worse:
Apple's OpenSSL always trusts system store :-/
Slide 61
Slide 61 text
Requests by default trusts it's own bundle :-/
(And does not even properly document how to use custom ones)
Slide 62
Slide 62 text
With Heartbleed SSL was less secure than no SSL :-/
Slide 63
Slide 63 text
Growing SSL
~ Chapter 8 ~
Slide 64
Slide 64 text
Credit Cards were made for thousands of people
Certificate Authorities were made for hundreds of sites
Slide 65
Slide 65 text
OpenSSL was probably improperly audited
Slide 66
Slide 66 text
See “OpenSSL Valhalla Rampage” :-(
“i give up. reuse problem is unixable.
dlg says puppet crashes”
— tedu
Slide 67
Slide 67 text
Plan for Failure
~ Chapter 9 ~
Slide 68
Slide 68 text
what
Slide 69
Slide 69 text
what happens to your user if he gets hacked?
(food for thought: keyloggers are still a thing)
Slide 70
Slide 70 text
what happens to your data
Slide 71
Slide 71 text
what happens to your company
Slide 72
Slide 72 text
encryption is hardened security
it must not be your only defense
Slide 73
Slide 73 text
?
Feel Free To Ask Questions
Talk slides will be online on lucumr.pocoo.org/talks
You can find me on Twitter: @mitsuhiko
And gittip: gittip.com/mitsuhiko
Or hire me: [email protected]