Bradley Cowie Supervised by Barry Irwin Security and Networks Research Group Department of Computer Science Rhodes University MANAGEMENT, PROCESSING AND.

Slides:

Advertisements

Similar presentations

Chapter 17: WEB COMPONENTS

Advertisements

Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.

1 Lecture 17: SSL/TLS history, architecture basic handshake session initiation/resumption key computation negotiating cipher suites application: SET.

CS470, A.SelcukSSL/TLS & SET1 CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.

Cryptography Chapter 7 Part 4 Pages 833 to 874. PKI Public Key Infrastructure Framework for Public Key Cryptography and for Secret key exchange.

TLS Introduction 14.2 TLS Record Protocol 14.3 TLS Handshake Protocol 14.4 Summary.

Cryptography and Network Security

Secure Socket Layer.

SSL CS772 Fall Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.

Socket Layer Security. In this Presentation: need for web security SSL/TLS transport layer security protocols HTTPS secure shell (SSH)

An Introduction to Secure Sockets Layer (SSL). Overview Types of encryption SSL History Design Goals Protocol Problems Competing Technologies.

Chapter 7 Web Security MSc. NGUYEN CAO DAT Dr. TRAN VAN HOAI.

Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.

CSE 461 Section. “Transport Layer Security” protocol Standard protocol for encrypting Internet traffic Previously known as SSL (Secure Sockets Layer),

More Trick For Defeating SSL

Bradley Cowie, Barry Irwin and Richard Barnett Security and Networks Research Group Department of Computer Science Rhodes University MANAGEMENT, PROCESSING.

BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.

Mar 19, 2002Mårten Trolin1 This lecture On the assignment Certificates and key management SSL/TLS –Introduction –Phases –Commands.

Java Security Model Lab#1 I. Omaima Al-Matrafi. Safety features built into the JVM Type-safe reference casting Structured memory access (no pointer arithmetic)

Apr 9, 2002Mårten Trolin1 Previous lecture TLS details –Phases Handshake Securing messages –What the messages contain –Authentication The second assignment.

SSL By: Anthony Harris & Adam Shkoler. What is SSL? SSL stands for Secure Sockets Layer SSL is a cryptographic protocol which provides secure communications.

Topic 11: Key Distribution and Agreement 1 Information Security CS 526 Topic 11: Key Distribution & Agreement, Secure Communication.

Chapter 8 Web Security.

Apache Security with SSL Using FreeBSD SANOG VI IP Services Workshop July 18, 2005 Hervey Allen Network Startup Resource Center.

JSSE API University of Palestine Eng. Wisam Zaqoot April 2010.

How HTTPS Works J. David Giese. Hyper Text Transfer Protocol BrowserHTTP Server GET / HTTP/1.1 HOST: edge-effect.github.io HEADERS BODY HTTP/ OK.

11 Secure Sockets Layer (SSL) Protocol (SSL) Protocol Saturday, University of Palestine Applied and Urban Engineering College Information Security.

OpenVPN OpenVPN: an open source, cross platform client/server, PKI based VPN.

SSL / TLS in ITDS Arun Vishwanathan 23 rd Dec 2003.

Cosc 4765 SSL/TLS and VPN. SSL and TLS We can apply this generally, but also from a prospective of web services. Multi-layered: –S-http (secure http),

Introduction to Secure Sockets Layer (SSL) Protocol Based on:

E-Commerce Security Professor: Morteza Anvari Student: Xiaoli Li Student ID: March 10, 2001.

Security Protocols and E-commerce University of Palestine Eng. Wisam Zaqoot April 2010 ITSS 4201 Internet Insurance and Information Hiding.

Cryptography and Network Security (CS435) Part Fourteen (Web Security)

Cryptography and Network Security (SSL)

1 SSL - Secure Sockets Layer The Internet Engineering Task Force (IETF) standard called Transport Layer Security (TLS) is based on SSL.

1 Security Protocols in the Internet Source: Chapter 31 Data Communications & Networking Forouzan Third Edition.

CS 4244: Internet Programming Security 1.0. Introduction Client identification and cookies Basic Authentication Digest Authentication Secure HTTP.

SARVAJANIK COLLEGE OF ENGINEERING & TECHNOLOGY. Secure Sockets Layer (SSL) Protocol Presented By Shivangi Modi Presented By Shivangi ModiCo-M(Shift-1)En.No

Can SSL and TOR be intercepted? Secure Socket Layer.

INFORMATION SECURITY MANAGEMENT P ROTECTION M ECHANISMS - C RYPTOGRAPHY.

Secure Sockets Layer (SSL) Protocol by Steven Giovenco.

Gold Coast Campus School of Information Technology 2003/16216/3112INT Network Security 1Copyright © Griffith University, INT / 3112INT Network.

Network and Internet Security Prepared by Dr. Lamiaa Elshenawy

1 Chapter 7 WEB Security. 2 Outline Web Security Considerations Secure Socket Layer (SSL) and Transport Layer Security (TLS) Secure Electronic Transaction.

Secure Socket Layer SSL and TLS. SSL Protocol Peer negotiation for algorithm support Public key encryptionPublic key encryption -based key exchange and.

Mar 28, 2003Mårten Trolin1 This lecture Certificates and key management Non-interactive protocols –PGP SSL/TLS –Introduction –Phases –Commands.

This courseware is copyrighted © 2016 gtslearning. No part of this courseware or any training material supplied by gtslearning International Limited to.

Lecture 6 (Chapter 16,17,18) Network and Internet Security Prepared by Dr. Lamiaa M. Elshenawy 1.

Cryptography CSS 329 Lecture 13:SSL.

Henric Johnson1 Chapter 7 WEB Security Henric Johnson Blekinge Institute of Technology, Sweden

APACHE Apache is generally recognized as the world's most popular Web server (HTTP server). Originally designed for Unix servers, the Apache Web server.

SSL: Secure Socket Layer By: Mike Weissert. Overview Definition History & Background SSL Assurances SSL Session Problems Attacks & Defenses.

PRESENTATION ON SECURE SOCKET LAYER (SSL) BY: ARZOO THAKUR M.E. C.S.E (REGULAR) BATCH

Network security Presentation AFZAAL AHMAD ABDUL RAZAQ AHMAD SHAKIR MUHAMMD ADNAN WEB SECURITY, THREADS & SSL.

Cryptography and Network Security

Secure Sockets Layer (SSL)

Using SSL – Secure Socket Layer

The Secure Sockets Layer (SSL) Protocol

Transport Layer Security (TLS)

Cryptography and Network Security

Presentation transcript:

Bradley Cowie Supervised by Barry Irwin Security and Networks Research Group Department of Computer Science Rhodes University MANAGEMENT, PROCESSING AND ANALYSIS OF CRYPTOGRAPHIC PROTOCOLS

The use of cryptographic protocols as a means to provide security to web servers and applications at the transport layer is becoming increasingly popular. However it is difficult to analyze this sort of traffic as it is encrypted ISP's are often served with court orders to provide logs of clients activity; this data is often encrypted. Attacks that use HTTPS as their means of entry are harder to detect once again as they are encrypted. Its often difficult to debug errors related to cryptographic protocols once again due to the encrypted nature of the data PROBLEM STATEMENT 1

So it would be nice if a set of tools existed for dealing with these problems. We approach this problem statement from the prospective of having legitimate access to encrypted traffic for doing analysis, debugging or data collection. There are a number of systems that implement parts of the problem statement. We are looking at building a system that is easy to managed, cross platform and can be extended to implement a number of different protocols. From the popular web-comic XKCD, PROBLEM STATEMENT 2

Given encrypted data in the form of stored pcap files ( extending to live pcap streams) can we determine the algorithm used and then together with the recovered session key to decrypt to plain text. Of course the algorithm used for encryption is dependant on the protocol used and the algorithms that were negotiated between client and server. Investigate sensible means to store symmetric keys for later use. Provide some analysis on data that may be useful for detection of possible attacks or for debugging purposes. Initially provide implementation for SSL then TLS following up with possible implementation for SSH. OBJECTIVES OF RESEARCH 1

Possible extensions Develop plug-ins for Wireshark to allow for similar functionality Implement for a wide variety of different protocols. OBJECTIVES OF RESEARCH 2 The approach taken by one of the Debian openSSL developers. Removing the randomness from a cryptographic function can’t have too negative a effect …

RELEVANCE AND BACKGROUND 1 Recent concerns : SSLStripper: Moxie Marlinspike announced at the 2009 Black Hat Federal that he had developed a tool for performing "man-in-the-middle” attacks on secure websites that make use of SSL. Rogue CA’s exploiting MD5 A research group at the Eindhoven University of Technology has developed a method to create rogue CA (Certification Authority) certificates from commercial CA certificates which are trusted by all common web browsers.

Bradley Cowie SANS one of the most respected Information Security trainers and certifiers released a list of the top 10 security menaces for 2008 (compiled by 10 security veterans). The number 1 security menace for 2008 was : “Increasingly Sophisticated Web Site Attacks - Especially On Trusted Web Sites” “..web site attacks have migrated from simple ones based one or two exploits posted on a web site to more sophisticated attacks based on scripts.. attackers are actively placing exploit code on popular, trusted web sites where users have an expectation of effective security” Taken from : RELEVANCE AND BACKGROUND 2

Existing tool suites which partially solve the problem statement The CSUR project : CSUR is a project about automatic analysis of cryptographic protocols written in C. However its distributed under copyright and is still in its beta phase. HTTP Analyzer 4 : HTTP Analyzer is a utility that allows you to capture HTTP/HTTPS traffic in real-time. It can trace and display a wide range of information. However its not sufficiently generic. RELEVANCE AND BACKGROUND 3

APPROACH AND DESIGN 1 Research related protocols : develop my own flowcharts and psuedo-code to understand how they function. Setup, configuration and gaining of experience in the use of valuable software like TCPDump, SSLDump, openSSL and modSSL. Experimentation with generation of CA certificates using openSSL and TinyCA Choose the platform for development (currently considering a web-platform using PHP for scripting) Develop tools to perform decryption and develop a front end to the tool set

Bradley Cowie Secure Socket Layer SSLv2 Record Layer: Client Hello Length: 103 Handshake Message Type: Client Hello (1) Version: SSL 3.0 (0x0300) Cipher Spec Length: 78 Session ID Length: 0 Challenge Length: 16 Cipher Specs (26 specs) Cipher Spec: SSL2_RC4_128_WITH_MD5 (0x010080) [ more Cipher Specs deleted ] Challenge

Bradley Cowie Implementation of analysis of data (entropy) Possibly compare to other tools that perform similar functions. APPROACH AND DESIGN 2

APPROACH AND DESIGN 3 Prototype design of system

Bradley Cowie QUESTIONS ?