Date post: | 05-Apr-2018 |
Category: |
Documents |
Upload: | muktesh-mukul |
View: | 213 times |
Download: | 0 times |
of 21
8/2/2019 3.Attacks on SSL
1/21
Anisha Raghu
8/2/2019 3.Attacks on SSL
2/21
What is SSL?
Digital signatures and SSL certificates
Introduction to HTTPS
MD5 chosen-prefix collision attack
Attack on SSL
Final Thoughts
8/2/2019 3.Attacks on SSL
3/21
SSL (Secure socket Layer) is a cryptographic
protocol that provide security and data
integrity for communications over networkssuch as the internet.
8/2/2019 3.Attacks on SSL
4/21
8/2/2019 3.Attacks on SSL
5/21
8/2/2019 3.Attacks on SSL
6/21
Few of the details contained in a certificate:
Web servers host name
Issue and expire time
Public key for the Web server
Steps to view the certificates in yourcomputer:
Internet Explorer: Tools | Internet Options |Contents | Certificates (view)
Firefox: Tools | Options | Advanced |Encryption | View Certificates (view)
http://ie.htm/http://firefox.htm/http://firefox.htm/http://ie.htm/8/2/2019 3.Attacks on SSL
7/21
8/2/2019 3.Attacks on SSL
8/21
Collisions = different messages, same hash
Chosen prefix method allows two completely
arbitrary files to have the same MD5 hash, by
appending a few thousand bytes at the end
of each file.
Example of a chosen prefix collision attack
http://collision%20attack.htm/http://collision%20attack.htm/8/2/2019 3.Attacks on SSL
9/21
Two certificates that have Different Identities
Different Public keys
But have the same digital signature
Collision of these two certificates using MD5chosen-prefix attack.
Demo of colliding certificates
http://colliding%20certificates.htm/http://colliding%20certificates.htm/8/2/2019 3.Attacks on SSL
10/21
A Certification
Authoritydistributes its CA
root certificate via
browser vendors to
browsers.
8/2/2019 3.Attacks on SSL
11/21
A company that
wants its website
to be secured,
purchases a
website certificate
at the CA
8/2/2019 3.Attacks on SSL
12/21
If its signature can
be verified with
the certificate of aCA in the trust list,
the website
certificate will be
accepted.
8/2/2019 3.Attacks on SSL
13/21
1a. A legitimate
website
certificate is
obtained from
a commercial
CA
1b. A rogue CAcertificate is
constructed
8/2/2019 3.Attacks on SSL
14/21
Hackers created a
rouge Certificationauthority using a
cluster of 200 PS3s
8/2/2019 3.Attacks on SSL
15/21
2. A copy of thegenuine
website isbuilt, put onanother webserver, andequipped withthe roguewebsitecertificate.
8/2/2019 3.Attacks on SSL
16/21
3. There exist"redirectionattacks", by
which thecommunicationfrom thebrowser can be
redirected tothe roguewebsite.
Demo
http://demo.htm/http://demo.htm/8/2/2019 3.Attacks on SSL
17/21
1. VeriSign Inc
2. RSA data Security
3. Entrust.net
4. Equifax5. GTE corporation
6. IPS safeguard CA
7. NetLock Halozatbiztonsagi kft
8. StartCom Ltd9. TC trust Center for security in data
networks
10. Thawte
8/2/2019 3.Attacks on SSL
18/21
Users
CertificationAuthorities
Browser and
Operating Systemvendors
Website owners
8/2/2019 3.Attacks on SSL
19/21
http://www.win.tue.nl/hashclash/rogue-ca/
http://www.phreedom.org/research/rogue-
ca/
http://www.win.tue.nl/hashclash/TargetColl
idingCertificates/
http://blogs.techrepublic.com.com/network
ing/?p=776
http://www.win.tue.nl/hashclash/rogue-ca/http://www.phreedom.org/research/rogue-ca/http://www.phreedom.org/research/rogue-ca/http://www.win.tue.nl/hashclash/TargetCollidingCertificates/http://www.win.tue.nl/hashclash/TargetCollidingCertificates/http://blogs.techrepublic.com.com/networking/?p=776http://blogs.techrepublic.com.com/networking/?p=776http://blogs.techrepublic.com.com/networking/?p=776http://blogs.techrepublic.com.com/networking/?p=776http://www.win.tue.nl/hashclash/TargetCollidingCertificates/http://www.win.tue.nl/hashclash/TargetCollidingCertificates/http://www.phreedom.org/research/rogue-ca/http://www.phreedom.org/research/rogue-ca/http://www.phreedom.org/research/rogue-ca/http://www.win.tue.nl/hashclash/rogue-ca/http://www.win.tue.nl/hashclash/rogue-ca/http://www.win.tue.nl/hashclash/rogue-ca/8/2/2019 3.Attacks on SSL
20/21
Colliding X.509 Certificates, Arjen Lenstra,Xiaoyun Wang, and Benne de Weger
Short chosen-prefix collisions for MD5 andthe creation of a rogue CA certificate, MarcStevens, Alex Sotirov, Jake Appelbaum, ArjenLenstra, David Molnar, Dag Arne Osvik andBenne de Weger
Target Collisions for MD5 and Colliding X.509Certificates for Different Identities, MarcStevens, Arjen Lenstra, and Benne de Weger
8/2/2019 3.Attacks on SSL
21/21