bettercrypto three years in
play

BetterCrypto - three years in.. TROOPERS16, Heidelberg, DE | - PowerPoint PPT Presentation

Oct 06, 2023 •119 likes •610 views

BetterCrypto - three years in.. TROOPERS16, Heidelberg, DE | 2016-03-17 Aaron Zauner | @a_z_e_t | azet@azet.org TROOPERS16, Heidelberg, DE | 2016-03-17 BetterCrypto - three years in.. Timeline We start at the beginning. The year is 2013. June:

  1. BetterCrypto - three years in.. TROOPERS16, Heidelberg, DE | 2016-03-17 Aaron Zauner | @a_z_e_t | azet@azet.org TROOPERS16, Heidelberg, DE | 2016-03-17 BetterCrypto - three years in..

  2. Timeline We start at the beginning. The year is 2013. June: Snowden revelations Summer: More leaks start apprearing . . . People start talking about a Crypto-Apocalypse (OMG!) August: Aaron Kaplan and Adi Kriegisch start discussing this topic/guide September/October: Project goes public, a lot of contributions and ML discussion TROOPERS16, Heidelberg, DE | 2016-03-17 BetterCrypto - three years in..

  3. Motivation Lack of available guides for sysadmins/mgmt for ‘crypto hardening’ No up-to-date blog posts we could make use of Crypto-guides (ENISA, eCrypto II, NIST etc.) for experts, not end-users/admins TROOPERS16, Heidelberg, DE | 2016-03-17 BetterCrypto - three years in..

  4. BetterCrypto BetterCrypto(.org) - Applied Crypto Hardening is born Clear audience: sysadmins without expert knowledge (e.g. crypto), management, decision makers,.. Clear target: explain all decisions, have open-mailing list discussion, everything FOSS, public and auditable TROOPERS16, Heidelberg, DE | 2016-03-17 BetterCrypto - three years in..

  5. BetterCrypto (cont.) Do at least something against the Cryptocalypse Check SSL, SSH, PGP crypto settings in the most common services and certificates: – Apache, Nginx, lighthttpd – IMAP/POP servers (dovecot, cyrus, . . . ) – openssl.conf – Etc. Write down our experiences as guide Create easy, copy & paste-able settings which are “OK” (as far as we know) for sysadmins. Many eyes must check this! FOSS TROOPERS16, Heidelberg, DE | 2016-03-17 BetterCrypto - three years in..

  6. Why is this relevant for you? You run networks and services. These are targets. If you believe it or not. You produce code. Make sure it uses good crypto coding practices However good crypto is hard to achieve Crypto does not solve all problems, but it helps TROOPERS16, Heidelberg, DE | 2016-03-17 BetterCrypto - three years in..

  7. Who? Wolfgang Breyha (uni VIE), David Durvaux, Tobias Dussa (KIT-CERT), L. Aaron Kaplan (CERT.at), Christian Mock (coretec), Daniel Kovacic (A-Trust), Manuel Koschuch (FH Campus Wien), Adi Kriegisch (VRVis), Ramin Sabet (A-Trust), Aaron Zauner (azet.org), Pepi Zawodsky (maclemon.at), IAIK, A-Sit, . . . Sysadmins Engineers Devs. Cryptographers Security Engineers . . . TROOPERS16, Heidelberg, DE | 2016-03-17 BetterCrypto - three years in..

  8. Contents. About 100 pages. Rough Overview: Intro Disclaimer Methods Theory Elliptic Curve Cryptography Keylengths Random Number Generators Cipher suites – general overview & how to choose one Recommendations on practical settings Tools Links Appendix TROOPERS16, Heidelberg, DE | 2016-03-17 BetterCrypto - three years in..

  9. Methods and Principles Methods: Public review commits get discussed recommendations need references (like wikipedia) Every commit gets logged & we need your review! TROOPERS16, Heidelberg, DE | 2016-03-17 BetterCrypto - three years in..

  10. How to contribute? https://git.bettercrypto.org (master, read-only) https://github.com/BetterCrypto/ (please clone this one & send PRs) 1 discuss the changes first on the mailinglist 2 clone 3 follow the templates 4 send pull requests 5 split the commit into many smaller commits 6 don’t be cross if something does not get accepted. 7 be ready for discussion TROOPERS16, Heidelberg, DE | 2016-03-17 BetterCrypto - three years in..

  11. What do we provide? A common ‘CipherString’ Template configurations for a lot of different open source projects (also as textfiles) References, Crypto Background, Testing, Tools, etc,.. TROOPERS16, Heidelberg, DE | 2016-03-17 BetterCrypto - three years in..

  12. What we have so far Web server: Apache, nginx, MS IIS, lighttpd Mail: Dovecot, cyrus, Postfix, Exim DBs: Mysql, Oracle, Postgresql, DB2 VPN: OpenVPN, IPSec, Checkpoint, . . . Proxies: Squid, Pound GnuPG SSH IM servers (jabber, irc) DANE (this section is still WIP) Configuration code snippets TROOPERS16, Heidelberg, DE | 2016-03-17 BetterCrypto - three years in..

  13. CipherString and Suite In SSL/TLS terminology; a ciphersuite combines the previously mentioned cryptographic techniques to work together and forms part of a secure (online) communication protocol Elliptic Curve Diffie-Hellman (Ephemeral - PFS) RSA AES128 Galois Counter Mode (GCM) SHA256 IANA standardized TLS parameters TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 differs between implementations (openssl, gnutls, cryptoapi etc.) and versions! TROOPERS16, Heidelberg, DE | 2016-03-17 BetterCrypto - three years in..

  14. (Perfect) Forward Secrecy Problem: Three letter agency (TLA) records all encrypted traffic Someday TLA gains access to private-key (Brute Force, Physical Force) TLA can decrypt all recorded traffic Solution: Ephemeral session keys via Diffie Hellman ( ECDHE and DHE ) TROOPERS16, Heidelberg, DE | 2016-03-17 BetterCrypto - three years in..

  15. Keylengths http://www.keylength.com/ Recommended Keylengths, Hashing algorithms, etc. Currently: RSA: >= 3248 bits (Ecrypt II) ECC: >= 256 SHA 2+ (SHA 256,. . . ) AES 128 is good enough TROOPERS16, Heidelberg, DE | 2016-03-17 BetterCrypto - three years in..

  16. AES 128? Is that enough? „On the choice between AES256 and AES128: I would never consider using AES256, just l ike I don’t wear a helmet when I sit inside my car. It’s too much bother for the epsilon improvem ent in security.” — Vincent Rijmen in a personal mail exchange Dec 2013 Some theoretical attacks on AES-256 TROOPERS16, Heidelberg, DE | 2016-03-17 BetterCrypto - three years in..

  17. CipherString and Suite What is a SSLCipherSuite? vs. SSLProtocol Example: SSLProtocol A l l − SSLv2 − SSLv3 SSLCipherSuite ‘EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA384:EECDH+aRSA+SHA2 56:EECDH:+CAMELLIA256:+AES256:+CAMELLIA128:+AES128:+SSLv3:!aNULL:!eNULL:!LO :!DSS:!RC4:!SEED:!ECDSA:CAMELLIA256-SHA:AES256- SHA:CAMELLIA128-SHA:AES128-SHA’ TROOPERS16, Heidelberg, DE | 2016-03-17 BetterCrypto - three years in..

  18. CipherString and Suite General: Disable SSL 2.0 (weak protocol and algorithms) Disable SSL 3.0 (BEAST, POODLE) Disable RC4 cipher (RFC7465) Disable EXPORT suites (FREAK Attack) Enable TLS 1.0 or better Disable TLS-Compression (SSL-CRIME Attack) Implement HSTS (HTTP Strict Transport Security) Implement OCSP stapling (Security and performance improvement) Variant A: fewer supported clients Variant B: more clients, weaker settings TROOPERS16, Heidelberg, DE | 2016-03-17 BetterCrypto - three years in..

  19. Variant A EECDH+aRSA+AES256:EDH+aRSA+AES256:!SSLv3 Compatibility: Only clients which support TLS1.2 are covered by these cipher suites (Chrome 30, Win 7 and Win 8.1, Opera 17, OpenSSL >= 1.0.1e, Safari 6/iOS 5, Safari 7/OS X 10.9) Excellent for controlled environments, like intranet. TROOPERS16, Heidelberg, DE | 2016-03-17 BetterCrypto - three years in..

  20. Variant B weaker ciphers, broad client support TROOPERS16, Heidelberg, DE | 2016-03-17 BetterCrypto - three years in..

  21. Example Apache Selecting cipher suites: Additionally mod_rewrite: TROOPERS16, Heidelberg, DE | 2016-03-17 BetterCrypto - three years in..

  22. Testing TROOPERS16, Heidelberg, DE | 2016-03-17 BetterCrypto - three years in..

  23. Tools: openssl s_client openssl s_client -showcerts –connect git.bettercrypto.org:443 TROOPERS16, Heidelberg, DE | 2016-03-17 BetterCrypto - three years in..

  24. Tools: sslscan TROOPERS16, Heidelberg, DE | 2016-03-17 BetterCrypto - three years in..

  25. Tools: ssllabs.com TROOPERS16, Heidelberg, DE | 2016-03-17 BetterCrypto - three years in..

  26. Tools: ssllabs.com (2) TROOPERS16, Heidelberg, DE | 2016-03-17 BetterCrypto - three years in..

  27. Tools: ssllabs.com (3) TROOPERS16, Heidelberg, DE | 2016-03-17 BetterCrypto - three years in..

  28. Tools: SSLyze SSLyze is a “Fast and full-featured SSL scanner” A tool to test internally which cipher strings are supported. The tool offers these features (amongst others): get a list of targets (ip:port) from a file XML output heartbleed test OCSP stapling test SSLv2-TLS1.2 testing finding preferred and supported cipher strings STARTTLS testing (IMAP, pop, . . . ) XMPP testing SNI support HSTS testing TROOPERS16, Heidelberg, DE | 2016-03-17 BetterCrypto - three years in..

  29. Tools: SSLyze (1) TROOPERS16, Heidelberg, DE | 2016-03-17 BetterCrypto - three years in..

  30. Tools: SSLyze (2) TROOPERS16, Heidelberg, DE | 2016-03-17 BetterCrypto - three years in..

  31. Mitigated Attacks We’ve mitigated some high-profile TLS/SSL vulernabilities in the past years if you’ve deployed our guide. So far users have been pleased. TROOPERS16, Heidelberg, DE | 2016-03-17 BetterCrypto - three years in..

  32. Mitigated Attacks: CRIME Requires TLS compression to perform attack. From the very beginning we’ve always turned off TLS or application level compression (BREACH e.g. is a very similar attack on HTTP compression). TROOPERS16, Heidelberg, DE | 2016-03-17 BetterCrypto - three years in..

  33. Mitigated Attacks: POODLE Required SSLv3 (“TLS-POODLE” is specific to a certain unfamous vendor). We explicitly forbid SSLv3 - this kills the POODLE ;) TROOPERS16, Heidelberg, DE | 2016-03-17 BetterCrypto - three years in..

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

D r o u g h 33.6 -45.5 33.6 -45.5 11 years 5.4 years 11 years 5.4 years years t

D r o u g h 33.6 -45.5 33.6 -45.5 11 years 5.4 years 11 years 5.4 years years t

D r o u g h 33.6 -45.5 33.6 -45.5 11 years 5.4 years 11 years 5.4 years years t years Figure 2. Precipitation anomalies during 11 years of the dust bowl (1930-1940) Station Set-up Montana Mesonet January 2018 4 36 ranchers

533 views • 36 slides
CLASS OF 2021 Four years of English Three years of social studies Three years of

CLASS OF 2021 Four years of English Three years of social studies Three years of

CLASS OF 2021 Four years of English Three years of social studies Three years of science Three years of mathematics Two years of a world language Four years of physical education Five credits of visual/performing arts

1.04k views • 72 slides
CLASS OF 2023 Four years of English Three years of social studies Three years of

CLASS OF 2023 Four years of English Three years of social studies Three years of

CLASS OF 2023 Four years of English Three years of social studies Three years of science Three years of mathematics Two years of a world language Four years of physical education Five credits of visual/performing arts

915 views • 67 slides
CLASS OF 2020 Four years of English Three years of social studies Three years of

CLASS OF 2020 Four years of English Three years of social studies Three years of

CLASS OF 2020 Four years of English Three years of social studies Three years of science Three years of mathematics Two years of a world language Four years of physical education Five credits of visual/performing arts

1.25k views • 88 slides
Who Cares About the Impact on Performance Memory Hierarchy? Suppose a processor executes at

Who Cares About the Impact on Performance Memory Hierarchy? Suppose a processor executes at

8/20/08 Technology Trends Computer System Architecture Capacity Speed (latency) Logic: 2x in 3 years 2x in 3 years DRAM: 4x in 3 years 2x in 10 years Memory Part I Disk: 4x in 3 years 2x in 10 years DRAM Chalermek

290 views • 5 slides
Nature Education Kickoff 2018 Years of Service Recognition Heidi Brown 10 years Lois Peterson 10

Nature Education Kickoff 2018 Years of Service Recognition Heidi Brown 10 years Lois Peterson 10

Nature Education Kickoff 2018 Years of Service Recognition Heidi Brown 10 years Lois Peterson 10 years Tom Taber 10 years Gary Keeth 15 years Betty Murray 15 years Bob Walker 15 years Jackie James 25 years Carol Matthews 25 years Program

396 views • 22 slides
Who Am I 10 years factory planing 4 years live sience 3 years research assistent 12

Who Am I 10 years factory planing 4 years live sience 3 years research assistent 12

Now You Got a Search Engine MICES 14. June 2017 Peter Rieger Who Am I 10 years factory planing 4 years live sience 3 years research assistent 12 years search Dropped 3 courses of study Freelancer for 12 years CEO for 8 years

487 views • 20 slides
2 Years of Real World FP at REA @KenScambler Scala Developer at Me 14 years 5 years 5 years

2 Years of Real World FP at REA @KenScambler Scala Developer at Me 14 years 5 years 5 years

2 Years of Real World FP at REA @KenScambler Scala Developer at Me 14 years 5 years 5 years when possible when bored when forced - 3 teams @ - 17 codebases - 43K LOC Jul 13 Jan 14 Jul 14 Jan 15 Why Functional Programming?

1.95k views • 160 slides
ALL ABOUT ME JULIE EDWARDS 25 years in Marketing/PR 8 years in NPO Management 4 years

ALL ABOUT ME JULIE EDWARDS 25 years in Marketing/PR 8 years in NPO Management 4 years

ALL ABOUT ME JULIE EDWARDS 25 years in Marketing/PR 8 years in NPO Management 4 years as Executive Director Mom to rescues Roxie & Charlie Vegetarian home chef Lover of naps, folk art and happy hours Show

132 views • 11 slides
Floral Design Committee Kickoff 2018 Years of Service Recognition Irene Kane - 10 years Joan

Floral Design Committee Kickoff 2018 Years of Service Recognition Irene Kane - 10 years Joan

Floral Design Committee Kickoff 2018 Years of Service Recognition Irene Kane - 10 years Joan Upton -10 years Michelle Bosschart -16 years Debbie Kundrat - 20 years Georgine Premo - 20 years Marian Vanden Bosch - 20 years Meeting Agenda 1)

112 views • 10 slides
Migrate Python from 2.X to 3.X WHO AM I? C++ & PYTHON DEVELOPER 6,5 years in 20,5 years in

Migrate Python from 2.X to 3.X WHO AM I? C++ & PYTHON DEVELOPER 6,5 years in 20,5 years in

Migrate Python from 2.X to 3.X WHO AM I? C++ & PYTHON DEVELOPER 6,5 years in 20,5 years in CAD&Numeric C++ simulations PHILIPPE BOULANGER 3 years in 19,5 years in embedded Python programming 11,5 years in finance

879 views • 51 slides
www.agilegurgaon.com Who am I? 1. 20+ years of experience , 18+ in IT and 2 years in

www.agilegurgaon.com Who am I? 1. 20+ years of experience , 18+ in IT and 2 years in

www.agilegurgaon.com Who am I? 1. 20+ years of experience , 18+ in IT and 2 years in manufacturing 2. 6 years of experience in Agile Transformation 3. Clients worked - HP Product Division, Symantec, SKF, Healthways and Philips 4. Currently

643 views • 21 slides
Art Committee Kickoff 2018 Years of Service Recognition Debra Symons - 10 years Pathamar Park -

Art Committee Kickoff 2018 Years of Service Recognition Debra Symons - 10 years Pathamar Park -

Art Committee Kickoff 2018 Years of Service Recognition Debra Symons - 10 years Pathamar Park - 11 years Elizabeth Holman - 15 years Marian Vanden Bosch - 20 years Lillian Balliet - 39 years Meeting Agenda 1) Jane Fernald & Judy Webster,

303 views • 12 slides
Hounslow Highways Hounslow Highways 25 years and beyond First 5 Years 25 years and beyond

Hounslow Highways Hounslow Highways 25 years and beyond First 5 Years 25 years and beyond

Hounslow Highways Hounslow Highways 25 years and beyond First 5 Years 25 years and beyond www.hounslowhighways.org Hounslow PFI Update July 2017 INTRODUCTION What is included in the PFI? Core Investment Period Progress

456 views • 22 slides
BUILDING ON LIBBITCOIN L I S B O N 2 0 1 8 Libbitcoin Developer (5 years) E R I C VO S K U

BUILDING ON LIBBITCOIN L I S B O N 2 0 1 8 Libbitcoin Developer (5 years) E R I C VO S K U

BUILDING ON LIBBITCOIN L I S B O N 2 0 1 8 Libbitcoin Developer (5 years) E R I C VO S K U I L Entrepreneur (20 years) eric@voskuil.org Investor/Advisor (12 years) https://github.com/evoskuil Microsoft Architect (3 years)

479 views • 17 slides
Years Down Years To Go A WALK A W A L K A R O U N D Q U E E N AROUND E L I Z

Years Down Years To Go A WALK A W A L K A R O U N D Q U E E N AROUND E L I Z

Years Down Years To Go A WALK A W A L K A R O U N D Q U E E N AROUND E L I Z A B E T H O L Y M P I C P A R K QUEEN ELIZABETH OLYMPIC PARK LEYTON Clapton Park Forest Gate Homerton Maryland HA HACK HA

424 views • 15 slides
MacSeisApp: An Early Earthquake Warning System Shayan Mehrazarin October 28, 2015 California

MacSeisApp: An Early Earthquake Warning System Shayan Mehrazarin October 28, 2015 California

MacSeisApp: An Early Earthquake Warning System Shayan Mehrazarin October 28, 2015 California State University, Dominguez Hills Outline Introduction Background on Apples Sudden Motion Sensor (SMS) Background on Apples

436 views • 22 slides
Systematic Fuzzing and Testing of TLS Libraries Juraj Somorovsky 1 Juraj j Somorovsky vsky.

Systematic Fuzzing and Testing of TLS Libraries Juraj Somorovsky 1 Juraj j Somorovsky vsky.

Systematic Fuzzing and Testing of TLS Libraries Juraj Somorovsky 1 Juraj j Somorovsky vsky. . Syste temat atic Fuzzing and Testing g of TLS Libraries es 1 Transport Layer Security The most important crypto protocol HTTP, SMTP,

467 views • 43 slides
What is REASONABLE? Discussing the Accommodation Process within the College Environment By:

What is REASONABLE? Discussing the Accommodation Process within the College Environment By:

9/2/2017 What is REASONABLE? Discussing the Accommodation Process within the College Environment By: Tessa DiPerri & Crystal Tenan 1 About Us Tessa DiPerri Tessa DiPerri, is a higher educational professional with experience in

223 views • 11 slides
Representing Knowledge Using Rules Procedural Versus Declarative Knowledge Logic

Representing Knowledge Using Rules Procedural Versus Declarative Knowledge Logic

Representing Knowledge Using Rules Procedural Versus Declarative Knowledge Logic Programming Forward versus Backward Reasoning Matching Control Knowledge Chapter 6

518 views • 10 slides
Outline SSL/TLS DNSSEC CSci 5271 Introduction to Computer Security Announcements intermission

Outline SSL/TLS DNSSEC CSci 5271 Introduction to Computer Security Announcements intermission

Outline SSL/TLS DNSSEC CSci 5271 Introduction to Computer Security Announcements intermission Day 19: Web security, part 1 The web from a security perspective Stephen McCamant University of Minnesota, Computer Science & Engineering SQL

492 views • 9 slides
CS615 - Aspects of System Administration HTTPS, Monitoring Department of Computer Science

CS615 - Aspects of System Administration HTTPS, Monitoring Department of Computer Science

CS615 - Aspects of System Administration Slide 1 CS615 - Aspects of System Administration HTTPS, Monitoring Department of Computer Science Stevens Institute of Technology Jan Schaumann jschauma@stevens.edu

821 views • 70 slides
Object Oriented Programming in C++ Destructors Based on

Object Oriented Programming in C++ Destructors Based on

Object Oriented Programming in C++ Destructors Based on materials from Brian Balazs (USNA) Destructors Only one per class Class name with ~

728 views • 54 slides
Language and Stats 11-(7/6)61 Introduction Objectives Logistics Statistical Language Modeling

Language and Stats 11-(7/6)61 Introduction Objectives Logistics Statistical Language Modeling

Language and Stats 11-(7/6)61 Introduction Objectives Logistics Statistical Language Modeling (SLM); Computational Linguistics (CL) Bhiksha Raj 11-761 1 11-761 2 Language and Statistics Iozmne pqmnzg habfbngyeydh shahmw Language or

992 views • 81 slides

More recommend