SSL/TLS and MITM attacks

A case study in Network SecurityBy Lars Nybom & Alexander Wall

SSL/TLS – Background

● SSL/TLS – Secure Socket Layer/Transport Layer Security (rfc 2246)

SSL/TLS – Background

● SSL/TLS – Secure Socket Layer/Transport Layer Security (rfc 2246)

● Originally developed by Netscape.

SSL/TLS – Background

● SSL/TLS – Secure Socket Layer/Transport Layer Security (rfc 2246)

● Originally developed by Netscape.● Used to deploy confidentiality, authenticity and

integrity between web client and web server.

SSL/TLS – How does it work?

Based on public key cryptography and certificate authority.

SSL/TLS - Components

● Tree structure where Certificate Authorities (CA) is nodes and Servers leafs.

SSL/TLS - Components

● Tree structure where Certificate Authorities (CA) is nodes and Servers leafs.

● Server certificate issued by CA one level above – meaning that it's signed by CA one level above.

SSL/TLS - Components

● Tree structure where Certificate Authorities (CA) is nodes and Servers leafs.

● Server certificate issued by CA one level above – meaning that it's signed by CA one level above.

● If Client doesn't trust Server identity he/she uses the CA's public key to verify that the Server certificate is legit.

SSL/TLS - Components

● Tree structure where Certificate Authorities (CA) is nodes and Servers leafs.

● Server certificate issued by CA one level above – meaning that it's signed by CA one level above.

● If Client doesn't trust Server identity he/she uses the CA's public key to verify that the Server certificate is legit.

● Root CA in top of tree – trusted by everyone.

SSL/TLS - Problem

● If there's a lot of intermediate CA's between the Server and Root CA, authenticity is weak.Server → CA 1 → CA 2 → … → Root CA

● This allowed for older form of attack SSLSniff, where a MITM generates a bogus self-signed certificate sent to Client while connecting normally to Server.

● New attack SSLStrip.

MITM

● Man-In-The-Middle attack is virtually transparent to the victim.

ARP Spoofing

● In order to become ”in the middle” attacker needs to redirect the victims network traffic through his/hers computer – acting like a gateway.

ARP Spoofing

● In order to become ”in the middle” attacker needs to redirect the victims network traffic through his/hers computer – acting like a gateway.

● Every network interface has a MAC address associated with its IP.

ARP Spoofing

● In order to become ”in the middle” attacker needs to redirect the victims network traffic through his/hers computer – acting like a gateway.

● Every network interface has a MAC address associated with its IP.

● When a computer wants to communicate with another computer within it's subnet it needs to know that computers MAC address so it sends an ARP query.

ARP Spoofing

● In a MITM attack the attacker sends out a false ARP reply telling the victim his/hers computer is the computer the victim is looking for.

SSLStrip

● Client normally connects via HTTPS (SSL/TLS) to a Server because an user tries to GET/POST information on a webpage by a link/button that begins with ”https://...” (i.e. Facebook, Gmail and Hotmail)

SSLStrip

● Client normally connects via HTTPS (SSL/TLS) to a Server because an user tries to GET/POST information on a webpage by a link/button that begins with ”https://...” (i.e. Facebook, Gmail and Hotmail)

● SSLStrip rewrites all HTTPS addresses as HTTP addresses and then saves traffic content.

SSLStrip – How does it look?

SSLStrip – How does it look?

Countermeasures

● Before logging on webpage make sure that address in address bar begins with ”https://...”. If it doesn't, retype it so it does. (This only helps against SSLStrip, not SSLSniff.)

Countermeasures

● Before logging on webpage make sure that address in address bar begins with ”https://...”. If it doesn't, retype it so it does. (This only helps against SSLStrip, not SSLSniff.)

● If the address begins with ”https://...” make sure that the certificate doesn't look fishy.

Countermeasures

SSL/TLS and MITM attacks

The End

Sida 1Sida 2Sida 3Sida 4Sida 5Sida 6Sida 7Sida 8Sida 9Sida 10Sida 11Sida 12Sida 13Sida 14Sida 15Sida 16Sida 17Sida 18Sida 19Sida 20Sida 21Sida 22Sida 23