Beruflich Dokumente
Kultur Dokumente
ece
1/39
UnderstandingSSL/TLS
WhatisIt? HowDoesItWork? WhyisItImportant?(Whatdoesitdo?) But,MostImportantly
ece
>Thingstheaverageusershouldknow!
2/39
WhatisIt?
SomethingaboutencryptionofWebpages
https://... Thelockiconatthebottomofyourbrowser
ece
>CanSafelyTypeinYourCreditCardNumber!
(...areyousureitssafe?)
Inshort,veryfewpeopleknowwhatSSL/TLSis!
3/39
HowDoesItWork?
ece
4/39
HowDoesItWork?
Alittlemath:
Forproperlychosen(e,d,n)
ece
e
5/39
HowDoesItWork?
(Somehandwaving:eisnotcritical,almost allRSAusee=65537)
ece
e
Think:
m=message c=cypher(encryptedmessage)
Wecall:
n>thePublickey d>thePrivatekey
6/39
HowDoesItWork?
Forproperlychosen(e,d,n)
ece
e
Wecall:
n>thePublickey d>thePrivatekey
>Givenncannot(easily)findd!
7/39
Encryption
Standardusage: Alice>Bob
ece
c=m mod n
e
m=c mod n
d
8/39
Encryption
Standardusage:
ece
c=m mod n
e
VeryImportantandSubtlePoint:
Bobsendspublickey(n)toAlice(How?)
m=c mod n
d
9/39
DigitalSignatures
SigningDigitalDocuments: DigitalSignatures Bob>Alice
ece
e
10/39
DigitalSignatures
SigningDigitalDocuments:
ece
e
c=m mod n
VeryImportantandSubtlePoint:
Bobsendspublickey(n)toAlice(How?)
m=c mod n
d
11/39
DigitalSignatures
SigningDigitalDocuments:
ece
e
12/39
HowDoesItWork?
Pointstoremember:
ece
e
13/39
HowDoesItWork?
VeryImportantandSubtlePoint:
ece
e
Bobsendspublickey(n)toAlice(How?)
Why?ManintheMiddleAttack
14/39
ManintheMiddleAttack
AliceBob Charlie
ece
c=m mod n
e
m=c mod n
d
15/39
ManintheMiddleAttack
AliceBob Charlie BecauseAlicedoesnothaveBob'spublickey
ece
c=m mod n
e
m=c mod n
d
16/39
ManintheMiddle
AliceBob Charlie
ece
e
HowtogetBob'spublickeysafelyto Alice?
17/39
ManintheMiddle
AliceBob Charlie
ece
e
18/39
TrustedThirdParty
IntroducingTrustedThirdParty,Vera:
ece
Generally,everyone'swebbrowserhasthembuilt in(InternetExplorer,FireFox,Safari)
(ThinkVera>Verisign)
19/39
TrustedThirdParty
ece
BobsendshispublickeytoVera
CertificateSigningRequest(.csr)
VeraverifiesthatBob iswhohesaysheis(How?)
Thisiswhatyouarepayingfor!
VeradigitallysignsandreturnsthistoBob
SSL/TLSCertificate(.crt)
20/39
TrustedThirdParty
Vera publickey(n) (somehow widelypublished) Generates publickey privatekey (e,d,n) Generates publickey privatekey (e,d,n) Bob publickey(n) certificate signingrequest .csr Vera
ece
verifiesBob'sidentity (callsonthephone?)
Alice
Bob
21/39
TrustedThirdParty
NowthecommunicationsbetweenAliceandBob:
ece
TrustedThirdParty
(m) Alice Alice (m) hello SSL/TLS certificate .crt Bob
ece
Bob
c=m mod n
e
m=c mod n
d
(m)
23/39
That'sHowSSL/TLSWorks
That'sit!That'showSSL/TLSworks!
ece
...Simple,right?
Dependsupon:
TrustingVera:
VeraactuallyverifiesthatBobiswhohesaysheis DistributionofVera'spublickeys(rootcertificates)
24/39
That'sHowSSL/TLSWorks
But,thinkaboutthisalittle:
ece
25/39
That'sHowSSL/TLSWorks
But,thinkaboutthisalittle:
ece
So,westillhavetheproblem,butwehavemadetheproblem muchsmaller,andpossiblytractable.
26/39
WhatisIt?
ece
ConnectionisEncryptedbutthat'seasy Verificationoftheotherend
(viathetrustedthirdparty) ThisistherealreasonforSSL/TLS!!!
...Isitanythingelse?
NO!
27/39
LingeringIssues
ece
28/39
TrustEndsWherethe CreditCardBegins
ece
Duetohighvolumeofcertificatesissued Nohumanintheloop!!!
29/39
Who'sCertificateisThis?
A.K.A.DNS/URLspoofing
ece
AliceBob Charlie
c=m mod n
e
m=c mod n
d
30/39
Who'sCertificateisThis?
e
ece
AliceBob Charlie
>CertificatehasBob'snameonit
31/39
Who'sCertificateisThis?
CertificatehasBob'snameonit?
WhatisBob'sname? Bob'snameishisDNSname
ece
>AlwayschecktheURL!
32/39
AlwaysChecktheURL?
IscheckingtheURLsufficient? Whataboutsimilarnames
ece
AlwaysChecktheURL?
IscheckingtheURLsufficient? Whataboutsimilarnames
ece
RevocationLists
RevocationListsandShortvalidtimes
ece
Certificatesusuallyvalidonlyfor12years Widelypublishedlistofcertificatesthathavebeenrevoked
Largelyunused!
Idefyyoutofindthesewidelypublishedrevocationlist!!!
35/39
RootCertificatePoisoning
Thisisabigdeal!Mostpeoplejustignorethis.
ece
36/39
YourOwnGovernment
(Getoutyourtinfoilhats!)
ece
Recommendations fortheAverageUser
ece
Recommendationsforthe SysAdminsandDevelopers
ece
UnderstandingSSL/TLS
Endoffirsthalfoftalk Secondhalf,willbeatechnicalhowto
(Ifyou'reapointyhairedboss,nowwouldbeagoodtimetomakefortheexit.)
ece
40/39
OpenSSLHowTo
Therearetwothingswewouldliketocover
ece
(ThiswillbeaLinuxpointofviewhowto)
41/39
OpenSSLHowTo
SSL/TLSisusuallyonesided
ece
Akeyconceptthatwasleftoutofthefirsthalf:
Anonymousclientwantstoconnecttoaverified server Typicalwebsituation
SSL/TLScanbemutual(twosided),justneeda certificateforbothends
Therehavebeensuggestionsthatallmailservers shoulduseandrequiremutualSSL/TLS
42/39
StandardSSLUse
ece
Haverealsignersignyourcertificatewhat mostpeoplewanttodo
SSL/TLSSetup
Vera publickey(n) Bob publickey(n) certificate signingrequest .csr Vera
ece
verifiesBob'sidentity (callsonthephone?)
Alice
builtintothe webbrowser akarootcertificates
VerisignDoesThis
44/39
OpenSSLHowTo
ece
Beforewegetstarted,somequestionsthatneed answers:
45/39
OpenSSLHowTo
Aretheredifferenttypesofcertificates?
Notreally.
ece
46/39
OpenSSLHowTo
Where(whatdirectory)doIdothis?
ece
47/39
OpenSSLHowTo
ToPassphraseornottopassphrase?
ece
48/39
GeneratePublic&PrivateKeys
opensslgenrsaoutserver.key1024
ece
Createadirectorysomewhere,gothereandtype:
49/39
Public&PrivateKeys
Now,letslookinsidethisfile:
opensslrsainserver.keytextnoout
ece
50/39
ece
c=m mod n
e
m=c mod n
d
51/39
CreateaCertificateSigningRequest
opensslreqnewkeyserver.keyoutserver.csr Asksforyour name!! ThisMUSTbe correct.
ece
52/39
CertificateSigningRequest
Toseewhatisinsidethe.csr:
opensslreqinserver.csrtextnoout
ece
53/39
CertificateSigningRequest
Hasonlypublickey andname
ece
c=m mod n
e
m=c mod n
d
54/39
CertificateSigningRequest
The.csrisPEMencodedtextformat:
ece
55/39
SendYourCSR
ece
56/39
ReceiveYourCertificate(X.509)
VerisignsendsyouyourX.509certificate! Andfortheobligatorylookinside:
opensslx509inserver.crtnoouttext
ece
57/39
ece
58/39
ConfiguringApache
ece
O.k.,soyougotyourshinynewcertificate,lets seeitgo.
Apachesetup: vi/etc/httpd/conf.d/ssl.conf
c=m mod n
e
m=c mod n
d
59/39
TestingApache
Restartyouwebserver,andtry
https://<machine.domain>
ece
Ifallgoeswell,youseethelittlelockappear withnocertificateerrorpopups.
60/39
Debugging
ece
Debugging
Andlastly,try
ece
openssls_clientconnect<machine>:<port>debugstate
62/39
Debugging
ece
openssls_clientconnectfilebox.ece.vt.edu:443debugstate
Morevoluminousoutput,butyoushouldsee someHTMLlookingstuff.
63/39
StandardUse
opensslgenrsaoutserver.key1024 opensslreqnewinserver.keyoutserver.csr
ece
Thatsit!Itsthatsimple,onlytwocommands:
Note(s)toself:
64/39
SelfSignedCertificates
Selfsignedcertificates Beyourownsigningauthority
ece
WhatDoYouMeanby SelfSignedCertificate?
ece
66/39
WhyWouldYouWanttodoThis?
ece
67/39
SelfSignedCertificates
ece
Whathappenswhenyouuseyourselfsigned certificate?
SelfSignedCertificates
ece
...Butallthesewebpagesgivedifferent instructions!
69/39
SelfSignedCertificates
Beforewegetstarted,oneimportantpoint:
ece
SelfSignedCertificates
O.k.,enoughadieu,letsgetstarted. Weneed:
ece
Twosetsofkeys:
TheCA'skeys(CertificateAuthority) Thecertificateyouaregoingtosign
71/39
SSL/TLSSetup
CA publickey(n) Server publickey(n) certificate signingrequest .csr CA
ece
Identity Verification?
CA
Distributed Somehow
Server
72/39
SelfSignedCertificates
Step1:CreatetheCA'skeypair
opensslgenrsaoutCA.key1024
ece
73/39
SelfSignedCertificates
Step2:TheCAneedsitsowncertificate
Why?
ece
SelfSignedCertificates
Create CA'sroot Create rootcert (asksfor Name)
ece
75/39
SelfSignedCertificates
ece
Note:Forthepedanticmindedpeople,theroot certificateistheonlyselfsignedcertificate.
76/39
SelfSignedCertificates
Step3:Createtheprivatekeyfortheserver.
ece
(Theserverinthiscase,isyouwebserver.) Justlikeanyotherpublic/privatekeygeneration:
opensslgenrsaoutserver.key1024
77/39
SelfSignedCertificates
ece
Step4:CreateaCertificateSigningRequest
opensslreqnewkeyserver.keyoutserver.csr
Thiswillaskyouforthenameofthemachine. InthiscaseyoumustusetheDNSname!!!
78/39
SelfSignedCertificates
Step5:Signthecertificate.
opensslx509req days3650 CACA.crtCAkeyCA.key set_serial01 inserver.csr outserver.crt
ece
79/39
ece
80/39
SelfSignedCertificates
ece
81/39
SelfSignedCertificates
ece
O.k.,soyou'vecreatedyourownselfsigned certificate,nowwhat?
CertificateErrorPopup
ece
Alwaysgetthecertificateerrorpopupjustclick OK
83/39
ExaminetheCertificate
Sureenough, weseeour certificate.
ece
84/39
AccepttheCertificate
ece
Youcanblessthiscertificateandgetridofthe popup.
85/39
AccepttheCertificate
ece
86/39
InstallRootCertificate
ece
87/39
InstallRootCertificate
ece
88/39
ece
>
89/39
InstallRootCertificate
ece
90/39
InstallRootCertificate
ece
91/39
SelfSignedSummery
ece
GenerateCA(.keyand.crt):
opensslgenrsaoutCA.key1024 opensslreqnewx509days3650keyCA.keyoutCA.crt
Generateserver(.keyand.csr):
opensslgenrsaoutserver.key1024 opensslreqnewkeyserver.keyoutserver.csr
Signthecertificate(.crt):
opensslx509reqdays3650set_serial01 CACA.crtCAkeyCA.key inserver.csroutserver.crt
92/39
UnderstandingSSL/TLS
Wrappingup,lastcomments
ece
93/39
WhatAboutTLS?
ece
94/39
SomethingAboutDSA
ece
95/39
ProtocolsThatSupportSSL/TLS
ece
96/39
ThingsNotCoveredinThisTalk:
ece
UnderstandingSSL/TLS
References:
ece
98/39
UnderstandingSSL/TLS
TheEnd(Finally!)
ece
99/39