Академический Документы
Профессиональный Документы
Культура Документы
What is OWASP?
The Open Web Application Security
Project
Not just web anymore
Mission Driven
World wide, nonprofit, unbiased organization
Community Driven
About Me
Jeffrey Walton
Roles include
Mobile Security Architect
Senior Consultant
Security Engineer
Background
Architectures
Expectations
VPN/SSL/TLS Issues
Past Problems
Current Issues
Shared Secret
PSK
SRP
Pinning
Certificate
Public Key
Futures
Pinning (IETF)
Sovereign Keys
Convergence
Wrap Up
Questions
Data Attributes
Data Sensitivity
Low
Public Information
Contact Information
Medium
Social Security
Number
Bank Account
Single Sign On?
High
Pending Litigation,
M&A
FERPA, HIPPA, GLBA,
Data States
Data at Rest
Server/Desktop/Devi
ce
Remote and Local
Data on Display
View/Read/Write/Edit
Local
Data in Transit
Secure Channel
Local Remote
Expectations
User Expectations?
End-to-end security
Web Applications
Padlocks tell me its secure
Green Bars tell me its secure
Marketing tells me its secure
Training (Conditioning?)
Two Architectures
Security Boundaries
Sometimes Trust Zones
How many are traversed?
Architecture (Enterprise,
VPN)
Architecture (Mobile,
SSL/TLS)
Comes down to
Infrastructure
Domain Name System (DNS)
Public Key Infrastructure (PKI{X})
Certificate Authorities (CAs)
Employee Organization
Organization
http://www.wired.com/threatlevel/2010/07/intercepting-cell-phone-calls/
Can't trust some CAs they will sell you out and issue subordinate CAs for
money
http://www.net-security.org/secworld.php?id=12369
http://www.zdnet.com/trustwave-sold-root-certificate-for-surveillance-3040095011/
Can't trust some browsers they will sell you out and elide their responsibility
https://bugzilla.mozilla.org/show_bug.cgi?id=724929
Can't trust some browsers they include questionable certificates out of the box
https://bugzilla.mozilla.org/show_bug.cgi?id=542689
HTTPS is broken
http://www.thoughtcrime.org/software/sslstrip/
PKI is broken
www.cs.auckland.ac.nz/~pgut001/pubs/pkitutorial.pdf
Decisions, Decisions
Remediation
Diffie-Hellman based
Discrete logs (hard problem)
gab g{(salt + password)|verifier} + nonces
Three Flavors
PSK Key Exchange
Secret used as Premaster Secret, use only symmetric
key algorithms
General Idea
Bad Cases
Good case
Server is identified by expected cert or key
Bad case
Adversary is using a different public key
Not expected, so fail
X509 Certificate
Binds public key to entity
Version 3 information
Certificate may be rotated
Public Key
Must be static, cannot change
May violate some key rotation policies
Does not depend on certificate
Sample Code
Sample Code
Windows/.Net
Android/Java
iOS/Objective C
OpenSSL/C
Futures
Convergence
http://convergence.io
Redundant view of sites and certificates/keys
Does It Work?
Wrap Up
Wrap Up
Questions?
Hopefully useful Answers
Jeffrey Walton
jeffrey.waltn@softwareintegrit
y.cm