1 / 63

Internet Security for Java

Internet Security for Java. Steve Kapp Chief Technologist, EMRT Consultants skapp@emrt.com. Agenda. Internet Security Basics What is it? What are the building blocks? JCA/JCE Protocols SSL/TLS JSSE Authentication JAAS. What is Internet Security?. A set of network services for:

jiro
Download Presentation

Internet Security for Java

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Internet Security for Java Steve Kapp Chief Technologist, EMRT Consultants skapp@emrt.com http://www.emrt.com

  2. Agenda • Internet Security Basics • What is it? • What are the building blocks? • JCA/JCE • Protocols • SSL/TLS • JSSE • Authentication • JAAS EMRT Consultants http://www.emrt.com

  3. What is Internet Security? • A set of network services for: • Safely transmitting data across the network • Establishing trust relationships • Each product must determine what security threats exist for that product • Network protocols • Customer deployment environment • Value of data EMRT Consultants http://www.emrt.com

  4. Why Secure at All? • Due diligence during design • Reduces potential failure modes • Reduces access • Threat mitigation • Marketing device EMRT Consultants http://www.emrt.com

  5. Misuse Cases • Use case for actor with hostile intent • Two goals: • Elicit security requirements • Plan mitigation strategy Set system clock Threatens Set invalidtime NTP server @ stratum 3 Mitigates Synchronize w/lower stratum Includes Rogue NTP server @stratum 1 Authenticatelower stratum EMRT Consultants http://www.emrt.com

  6. IP Reference Model IP Stack OSI Stack Message Application Application 7 Segment Transport Presentation 6 Packet Internet Session 5 Frame Link Transport 4 Physical Network 3 Data Link 2 Physical 1 EMRT Consultants http://www.emrt.com

  7. Where is Security??? • Traditionally left to application layers OR • Not dealt with at all EMRT Consultants http://www.emrt.com

  8. The Risks: Poor Passwords User name: jsmithPassword: sunset EMRT Consultants http://www.emrt.com

  9. The Risks: Open Ports • Any open port is a risk • Most notably telnet, FTP, NetBIOS, or one of the well-known port numbers • Exploit buffer overruns • Block any ports not absolutely needed EMRT Consultants http://www.emrt.com

  10. The Risks: Buffer Overrun “An attack in which a malicious user exploits an unchecked buffer in a program and overwrites the program code with their own data. If the program code is overwritten with new executable code, the effect is to change the programs operation as dictated by the attacker. If overwritten with other data, the likely effect is to cause the program to crash.“ - from Microsoft’s web site Len = 300;Buffer[0] = 10;Buffer[1] = 20;Buffer[2] = 30;Buffer[3] = 40; EMRT Consultants http://www.emrt.com

  11. The Risks: Eavesdropping • Passive attack EMRT Consultants http://www.emrt.com

  12. The Risks: Masquerade EMRT Consultants http://www.emrt.com

  13. The Risks: Man-in-the-Middle EMRT Consultants http://www.emrt.com

  14. The Risks: Packet Forgery/Alteration • Active attack “ABC” “DEF” EMRT Consultants http://www.emrt.com

  15. The Risks: Replay “ABC” “ABC” “ABC” “ABC” “ABC” EMRT Consultants http://www.emrt.com

  16. The Risks: Denial of Service DOS DistributedDOS EMRT Consultants http://www.emrt.com

  17. Think Bad Guys Don’t Exist? … 204.210.11.26 - - [18/Jun/2002:07:05:06 -0400] "GET /scripts/root.exe?/c+dir HTTP/1.0" 404 284 204.210.11.26 - - [18/Jun/2002:07:05:08 -0400] "GET /MSADC/root.exe?/c+dir HTTP/1.0" 404 282 204.210.11.26 - - [18/Jun/2002:07:05:10 -0400] "GET /c/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 292 204.210.11.26 - - [18/Jun/2002:07:05:12 -0400] "GET /d/winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 292 204.210.11.26 - - [18/Jun/2002:07:05:14 -0400] "GET /scripts/..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 306 204.210.11.26 - - [18/Jun/2002:07:05:16 -0400] "GET /_vti_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 323 204.210.11.26 - - [18/Jun/2002:07:05:18 -0400] "GET /_mem_bin/..%255c../..%255c../..%255c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 323 204.210.11.26 - - [18/Jun/2002:07:05:22 -0400] "GET /scripts/..%c1%1c../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 305 204.210.11.26 - - [18/Jun/2002:07:05:25 -0400] "GET /scripts/..%c0%2f../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 305 204.210.11.26 - - [18/Jun/2002:07:05:27 -0400] "GET /scripts/..%c0%af../winnt/system32/cmd.exe?/c+dir HTTP/1.0" 404 305 … from the access log of my personal web server McAfee Firewall blocked an incoming UDP packet. The remote address associated with the traffic was 212.205.240.117. The remote port was 1030 [ephemeral]. The local port on your PC was 137 [NetBIOS]. The network adapter for the traffic was "3Com 3C920 Integrated Fast Ethernet Controller (3C905C-TX Compatible)". The binary data contained in the packet was "00 06 5b d4 c3 84 08 00 3e 19 30 e5 08 00 45 00 00 4e bd 70 00 00 6e 11 a3 42 d4 cd f0 75 18 5d 0e 4c 04 06 00 89 00 3a cf b5 01 00 00 10 00 01 00 00 00 00 00 00 20 43 4b 41 41 41 41 41 41 41 ".  from the access log of McAfee Firewall EMRT Consultants http://www.emrt.com

  18. Trust Pyramid IncreasingLevel ofTrust Authorization Confidentiality Non-Repudiation Integrity Authentication EMRT Consultants http://www.emrt.com

  19. Building Blocks • Encryption algorithms (ciphers) • Random number generation • Message digests • Digital signatures • Public-key infrastructure • Certificates EMRT Consultants http://www.emrt.com

  20. Encryption • Guarantees confidentiality of data sent over the wire • Provide protection against passive attacks • Plaintext -> ciphertext -> plaintext • Symmetric encryption • Nodes share secret key • Asymmetric encryption (e.g. public-key) • Nodes do not share a secret key EMRT Consultants http://www.emrt.com

  21. Symmetric Encryption Shared Secret Key Bob Alice Ciphertext OriginalInformation Original Information EncryptionAlgorithm DecryptionAlgorithm Plaintext Plaintext EMRT Consultants http://www.emrt.com

  22. Symmetric Encryption (2) • DES, 3DES, AES, RC4 • Advantages • Generally much faster than asymmetric encryption • Conceptually simple • Disadvantages • Key distribution!!! EMRT Consultants http://www.emrt.com

  23. Public-Key Encryption Alice’sPublicKey Alice’sPrivateKey Bob Alice Ciphertext Original Information Original Information EncryptionAlgorithm DecryptionAlgorithm Plaintext Plaintext EMRT Consultants http://www.emrt.com

  24. Public-Key Encryption (2) • RSA, ECC • Advantages • Partially solves the key distribution problem • Disadvantages • Introduces other key management issues • Much slower than symmetric key encryption • Generally combined with symmetric encryption EMRT Consultants http://www.emrt.com

  25. Random Number Generation • Random number generation is used to produce unguessable keys • Keys must be unguessable!!! • Strength of cipher depends upon: • Secrecy of key • Length of key • Cipher algorithm EMRT Consultants http://www.emrt.com

  26. Message Digests • Guarantees integrity of data sent over the wire • Provide protection against active attacks • Used to calculate MACs • Secure version of a checksum • Secret key included in one-way function • SHA-1, MD5 EMRT Consultants http://www.emrt.com

  27. Original Information Authentication via MACs Shared Secret Key Bob Alice Original Data + MAC Original Information MACAlgorithm MACAlgorithm Plaintext Plaintext EMRT Consultants http://www.emrt.com

  28. Original Information Digital Signatures with Public Keys Bob’sPrivateKey Bob’sPublicKey Bob Alice Original Data + Signature Original Information EncryptionAlgorithm DecryptionAlgorithm Plaintext Plaintext EMRT Consultants http://www.emrt.com

  29. Key Exchange • How do Alice and Bob share a secret key? • Static or dynamic methods • Diffie-Hellman key agreement Alice Bob a priori agreement on n and g, such that g is primitive root mod n X (= gA modn) where A is random 1. Y (= gB mod n) where B is random 2. K = YX mod n 3. where K = K’ = gAB mod n K’ = XYmod n 4. EMRT Consultants http://www.emrt.com

  30. Public-Key Infrastructure (PKI) • Certificate authorities (CA) validate identity of public-key holder • This involves money changing hands • Certificate authorities issue certificates • Certificates are digitally signed by the CA • X.509 used by TLS, IPSec, S/MIME • Certificates have a lifetime • Trust relationship is a tree model EMRT Consultants http://www.emrt.com

  31. VersionSerial NumberSignature AlgorithmIssuer NamePeriod of ValiditySubject NameSubject Public KeyIssuer Unique IDSubject Unique IDExtensionsSignature X.509 Certificate Processing trusts YourDevice Root CA vouches for CA CA vouches for vouches for CA CA CA CA providescertificate … … … … CA signed by X.509 Certificate NetworkNode EMRT Consultants http://www.emrt.com

  32. PKI Limitations • Updating trusted root authorities • Certificate distribution • LDAP is frequently used • Certificate verification • Certificate revocation lists (CRLs) • Online Certificate Status Protocol (OCSP) • Shifts burden to a separate server • Key archival EMRT Consultants http://www.emrt.com

  33. JCA • Java Cryptography Architecture • Framework for accessing, developing, and plugging in cryptographic services • Encryption • Key generation and agreement • Digital signatures • Message digests and MACs • Secure streams • Sealed objects EMRT Consultants http://www.emrt.com

  34. Provider and Security Classes • Provider • Encapsulates a service provider • Provides cryptographic services • Security • Maintains lists of Provider objects • Adds or removes Providers • List is in preference order • Manages system-wide security properties • Default “SUN” Provider class • Message digests with MD5, SHA1 • Digital signatures with DSA • Certificate support (X.509) • Key management • Random number generation via SHA-1 EMRT Consultants http://www.emrt.com

  35. JCE • Java Cryptography Extension • Separated because of export restrictions • New services for: • Encryption • Key generation and agreement • MACs • Secure streams • Sealed objects EMRT Consultants http://www.emrt.com

  36. JCE (2) • DES, 3DES, AES, Blowfish • Password-based encryption with DES/3DES • Diffie-Hellman amongst multiple parties • HMAC with MD5, SHA1 • But no public-key encryption EMRT Consultants http://www.emrt.com

  37. Cryptix Library • Many more algorithms • RSA!! • RC4, RC5, RC6 • No export restrictions EMRT Consultants http://www.emrt.com

  38. Questions EMRT Consultants http://www.emrt.com

  39. SSL/TLS • Secure Sockets Layer (v. 2.0, 3.0) • Transport Layer Security (v. 3.1) • Provides transport layer security for applications • Must run over reliable protocol (e.g. TCP) • Features include • Algorithm negotiation • Encryption/decryption • MACs • Key exchange HTTP SMTP Application Protocol SSL / TLS TCP UDP IP EMRT Consultants http://www.emrt.com

  40. Internet TLS Communication Scenario Client B Client A Client C Server EMRT Consultants http://www.emrt.com

  41. TLS Workflow Application Data 1. Fragment 2. Compress 3. Add MAC 4. Encrypt 5. Add Header EMRT Consultants http://www.emrt.com

  42. TLS Session Initiation with RSA Client Server Client Hello (version, random numbers, supported MAC/compression/cipher suite) 1. Suggested that first 4 bytes of random value include timestamp EMRT Consultants http://www.emrt.com

  43. Server Hello (version, random numbers, session ID, MAC/compression/cipher suite) 2. Server Certificate (X.509, including server’s public key) 3. Server Hello Done 4. TLS Session Initiation with RSA (2) Client Server Client Hello (version, random numbers, supported MAC/compression/cipher suite) 1. EMRT Consultants http://www.emrt.com

  44. Client Key Exchange (encrypted premaster secret) Server Hello (version, random numbers, session ID, MAC/compression/cipher suite) 2. Server Certificate (X.509, including server’s public key) 3. Server Hello Done 4. 5. Change Cipher Spec 6. Finished 7. TLS Session Initiation with RSA (3) Client Server Client Hello (version, random numbers, supported MAC/compression/cipher suite) 1. Encrypted with the client write key, authenticated with client MAC key Major Version (1) Minor Version (1) Random (46) Encrypted with the public key of the server EMRT Consultants http://www.emrt.com

  45. Client Key Exchange (encrypted premaster secret) Server Hello (version, random numbers, session ID, MAC/compression/cipher suite) 2. Server Certificate (X.509, including server’s public key) 3. Server Hello Done 4. 5. Change Cipher Spec 6. Finished 7. Change Cipher Spec 8. Finished 9. TLS Session Initiation with RSA (4) Client Server Client Hello (version, random numbers, supported MAC/compression/cipher suite) 1. Encrypted with the server write key, authenticated with server MAC key Write State Read State Read State Write State EMRT Consultants http://www.emrt.com

  46. Client Key Exchange (encrypted premaster secret) Server Hello (version, random numbers, session ID, MAC/compression/cipher suite) 2. Server Certificate (X.509, including server’s public key) 3. Server Hello Done 4. 5. Change Cipher Spec 6. Finished 7. Change Cipher Spec 8. Application Data Finished 9. 10. 11. TLS Session Initiation with RSA (5) Client Server Client Hello (version, random numbers, supported MAC/compression/cipher suite) 1. Application Data EMRT Consultants http://www.emrt.com

  47. Client Key Exchange (encrypted premaster secret) Server Hello (version, random numbers, session ID, MAC/compression/cipher suite) 2. Server Certificate (X.509, including server’s public key) 3. Server Hello Done 4. 5. Change Cipher Spec 6. Finished 7. Change Cipher Spec 8. Application Data Finished 9. 10. 11. Alert (warning, close notify) TLS Session Initiation with RSA (6) Client Server Client Hello (version, random numbers, supported MAC/compression/cipher suite) 1. Application Data 12. EMRT Consultants http://www.emrt.com

  48. 10. Application Data 11. 12. 13. TLS with Client Authentication Client Server Client Hello (version, random numbers, supported MAC/compression/cipher suite) 1. Server Hello (version, random numbers, session ID, MAC/compression/cipher suite) 2. Server Certificate (X.509, including server’s public key) 3. Certificate Request 4. Server Hello Done 5. Client Certificate 6. Client Key Exchange (encrypted premaster secret) 7. Change Cipher Spec 8. Finished 9. Change Cipher Spec Finished Application Data Alert (warning, close notify) 14. EMRT Consultants http://www.emrt.com

  49. JSSE • Java Secure Sockets Extension • Wrapper around TLS and SSL protocols • Remember: • Server always authenticates • Mechanism to update server certificates • Client may authenticate EMRT Consultants http://www.emrt.com

  50. JSSE Client Code SSLSocketFactory factory = (SSLSocketFactory)SSLSocketFactory.getDefault(); SSLSocket socket = (SSLSocket)factory.createSocket("www.verisign.com", 443); socket.startHandshake(); // Optional !!! PrintWriter out = new PrintWriter( new BufferedWriter(new OutputStreamWriter(socket.getOutputStream()))); out.println("GET http://www.verisign.com/index.html HTTP/1.1"); out.println(); out.flush(); BufferedReader in = new BufferedReader(new InputStreamReader(socket.getInputStream())); String inputLine; while ((inputLine = in.readLine()) != null) System.out.println(inputLine); in.close(); out.close(); socket.close(); * From the javasoft web site EMRT Consultants http://www.emrt.com

More Related