ilab
play

iLab TLS and packet filters Benjamin Hof hof@in.tum.de Lehrstuhl - PowerPoint PPT Presentation

Feb 03, 2024 •746 likes •1.19k views

iLab TLS and packet filters Benjamin Hof hof@in.tum.de Lehrstuhl fr Netzarchitekturen und Netzdienste Fakultt fr Informatik Technische Universitt Mnchen Lab 7 17ws 1 / 41 Outline Trust Transport Layer Security Packet filter

  1. iLab TLS and packet filters Benjamin Hof hof@in.tum.de Lehrstuhl für Netzarchitekturen und Netzdienste Fakultät für Informatik Technische Universität München Lab 7 – 17ws 1 / 41

  2. Outline Trust Transport Layer Security Packet filter Netfilter 2 / 41

  3. Outline Trust Transport Layer Security Packet filter Netfilter 3 / 41

  4. Security in the Internet threat model ◮ secure endpoints ◮ insecure network ◮ parties have public-key pairs ◮ one party sends public key 4 / 41

  5. Establishing trust Problem: I see this key, but does it really belong to mail.in.tum.de.? Possibilities 1. certificate authorities (CA) spanning public key infrastructure (PKI) 2. web of trust 3. trust on first use 4. pin 5. . . . 5 / 41

  6. Certificate ◮ public key ◮ entity name ◮ validity period CA signs with its private key ◮ signer information + signature over all these fields 6 / 41

  7. Certification process ◮ issued by CA ◮ prove control over domain to CA ◮ CA signs with its private key: your public key, other certificate information ◮ certificate is sent to you ◮ CAs bind names to keys ◮ Browser/OS come with a list of trusted CA certificates. 7 / 41

  8. Revocation ◮ e. g. when private key is compromised ◮ collected in a signed certificate revocation list (CRL) ◮ query the CA with the online certificate status protocol (OCSP) ◮ essentially unsolved right now 8 / 41

  9. Certificate verification ◮ trusted CA ◮ name correct ◮ validity period ◮ valid signature ◮ not revoked If all conditions are fulfilled, the certificate is considered verified. Party is authenticated, but no statement on trustworthiness! 9 / 41

  10. CA/Browser Forum ◮ voluntary association ◮ negotiate the rules and controls for issuance ◮ different levels of assurance without security benefit 10 / 41

  11. Problems ◮ many trusted CAs ◮ very difficult to remove CAs ◮ any CA may sign a certificate for anyone, anywhere ◮ tons of misissuances ◮ CAs by governments ◮ CAs have been compromised ◮ CAs have sold person-in-the-middle boxes ◮ certificate revocation problematic ◮ complicated format 11 / 41

  12. Certificate transparency Idea ◮ irrevocably publish issuances ◮ enable everybody to check if presented certificate was published ◮ no hiding of misissuances anymore ◮ open and public ◮ multiple logs ◮ efficient check if certificate is in log ◮ efficient check if only append operations have been done in this log ◮ Chrome will demand CT starting April 2018 ◮ Firefox: unclear, some work has been done 12 / 41

  13. Outline Trust Transport Layer Security Packet filter Netfilter 13 / 41

  14. Transport Layer Security application ◮ confidentiality and data integrity (not signed artifacts) TLS ◮ peer authentication ◮ client-server TCP ◮ transparent for applications e. g., IMAPS, HTTPS IP ◮ 1996: SSL 3.0, 2008: TLS 1.2 ◮ TLS 1.3 in development link layer 14 / 41

  15. Subprotocols change application handshake alert cipher spec data record 15 / 41

  16. Record protocol 0 7 8 15 16 23 24 31 type major version minor version length length data 16 / 41

  17. Record processing seq#, header SDU MAC SDU MAC tag padding encrypt header ciphertext Data may be fragmented into multiple records. 17 / 41

  18. Example handshake Goals ◮ DH key agreement with server authentication ◮ establish session keys Approach 1. exchange random values 2. DH exchange 3. server signs its DH and the random values 4. use DH result and random values to: ◮ authenticate handshake ◮ derive session keys, IVs 18 / 41

  19. Conceptual view random r a n d o m random n d s ) ( D H , r n a t u r e D H , s i g DH c e r t , n d o m , r a verify certificate verify signature DH compute DH compute auth D H , a u t h e n t i c a t o r compute DH verify auth compute auth o r e n t i c a t a u t h verify auth master _ secret ≈ PRF ( DH _ result , random _ values ) authenticator ≈ PRF ( master _ secret , Hash ( handshake _ msgs )) 19 / 41

  20. TLS handshake (PFS with server authentication) C l i e n t H e l l o o n e e r H e l l o D g e S e r v y E x c h a n e r v e r K e fi c a t e S l l o C e r t i S e r v e r H e C l i e n t K e y E x c h a n g e C h a n g e C i p h e r S p e c F i n i s h e d i n i s h e d e r S p e c F n g e C i p h C h a 1. DH results: “pre master secret” (PMS) 2. use PMS and random values to generate “master secret” (MS) 3. MS and random values used to: ◮ authenticate handshake ◮ derive session keys 20 / 41

  21. Observations ◮ old, not cleanly designed (MtE, CBC. . . ) ◮ rather well studied ◮ libraries hard to use ◮ tons of options, e.g. session resumption ◮ confidentiality and integrity optional ◮ “Cloudflare problem” ◮ good for centralized authority control ◮ bad for decentralized caching ◮ we don’t know how to retire broken old versions 21 / 41

  22. Problems ◮ “security devices”, corporate “firewalls”, “virus scanners” ◮ hold back phase out of broken version ◮ hold back modernization (TLS 1.3) ◮ warnings ineffective and useless for humans ◮ plus all the CA problems 22 / 41

  23. 23 / 41

  24. Recommendations ◮ don’t go home-brewed ◮ keep your library up to date. . . ◮ offer v1.2 ◮ HSTS ◮ switch off compression ◮ ECDHE for fast forward security ◮ only AES cipher suites ◮ prefer AES-GCM Only TLS 1.2 with GCM is cryptographically secure. 24 / 41

  25. Outline Trust Transport Layer Security Packet filter Netfilter 25 / 41

  26. Network access control Establish requirements, formulate security policy, enforce them with security mechanisms. Examples: ◮ link layer ◮ MAC filter ◮ 802.1X authentication ◮ network/transport layer ◮ packet filter ◮ application layer ◮ URL filtering HTTP proxy 26 / 41

  27. Basic strategies ◮ default deny: whitelisting ◮ more secure ◮ default permit: blacklisting ◮ more convenient 27 / 41

  28. Simple example ◮ packet traverses rules ◮ traffic from 2001:db8::/32 is only allowed on HTTPS ◮ permit other incoming ◮ permit outgoing 28 / 41

  29. Simple example ◮ packet traverses rules ◮ traffic from 2001:db8::/32 is only allowed on HTTPS ◮ permit other incoming ◮ permit outgoing rule src dst proto src port dst port action 0 outside inside TCP any 443 accept 1 2001:db8::/32 inside deny 2 outside inside accept 3 inside outside accept ◮ rules are matched sequentially ◮ make IPv4 and IPv6 consistent 28 / 41

  30. Flow 5-tuple ◮ src IP ◮ dst IP ◮ layer 4 protocol ◮ src port ◮ dst port 29 / 41

  31. Packet filtering 1. stateless ◮ look only at packets ◮ fast, little memory access ◮ use for IP filters or to handle many addresses 30 / 41

  32. Packet filtering 1. stateless ◮ look only at packets ◮ fast, little memory access ◮ use for IP filters or to handle many addresses 2. stateful ◮ look at flows ◮ packets may generate state ◮ smarter, e. g.: ◮ only allow incoming UDP packets when matching previous outgoing packet to corresponding 5-tuple ◮ match ICMP port unreachable with the corresponding TCP stream ◮ need to protect against DoS, e. g. with connection rate limiting 30 / 41

  33. Architecture: simple packet filter router Internet local network 31 / 41

  34. Architecture: screened subnet DMZ ext Internet int local network bastion host 32 / 41

  35. Must have ◮ use a packet filter to implement ingress filtering (BCP 38) ◮ remember DoS using DNS spoofing/amplification! 33 / 41

  36. Limitations Packet filters do not protect against: ◮ attacks from inside (caused by phishing, drive-by) ◮ connections not going through it (WLAN, UMTS) ◮ higher-layer attacks ◮ wrong configuration 34 / 41

  37. Outline Trust Transport Layer Security Packet filter Netfilter 35 / 41

  38. nftables ◮ packet traverses rules ◮ rule: match header and take action ◮ modules provide wide variety of matching options ◮ actions: go to other chain, drop, accept, reject, SNAT. . . ◮ rules added to empty predefined and custom chains ◮ chains organized in tables Implications on performance? 36 / 41

  39. Jan Engelhardt, CC-BY-SA 37 / 41

  40. Example ruleset (incomplete) nft add rule ip6 filter input icmpv6 type echo-request accept nft add rule ip6 filter input tcp dport 443 accept 38 / 41

  41. Example ruleset (incomplete) table ip6 filter { chain input { type filter hook input priority 0; policy drop ; iifname lo accept ct state established accept tcp dport 22 ct state new accept } } States are: invalid, new, established, related, untracked, (snat, dnat) 39 / 41

  42. Chain design 1. coarse match, jump into chain 2. there: fine grained matches generally: ◮ optimize for number of matches of most packets ◮ no rejects redundant with policy ◮ ESTABLISHED only needed once 40 / 41

  43. Recommended sources ◮ Engelhardt: Towards the perfect ruleset ◮ Engelhardt: packet flow diagramme ◮ man 8 nftables ◮ wiki.nftables.org 41 / 41

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

your exercise iLab 1+2 info event online Tell your friends!

your exercise iLab 1+2 info event online Tell your friends!

The iLab Experience a blended learning hands-on course concept you set the focus Final Lecture Marc-Oliver Pahl, Jul 25, 2017 your exercise iLab 1+2 info event online Tell your friends!

1.81k views • 96 slides
ilab 2 - IPSec with IKEv2 and Strongswan Lukas Grillmayer and Linus Lotz Chair for Network

ilab 2 - IPSec with IKEv2 and Strongswan Lukas Grillmayer and Linus Lotz Chair for Network

ilab 2 - IPSec with IKEv2 and Strongswan Lukas Grillmayer and Linus Lotz Chair for Network Architectures and Services Department for Computer Science Technische Universit at M unchen June 4, 2014 Lukas Grillmayer and Linus Lotz: ilab 2 -

1.39k views • 51 slides
iLab Countersurveillance Benjamin Hof hof@in.tum.de Lehrstuhl fr Netzarchitekturen und

iLab Countersurveillance Benjamin Hof hof@in.tum.de Lehrstuhl fr Netzarchitekturen und

iLab Countersurveillance Benjamin Hof hof@in.tum.de Lehrstuhl fr Netzarchitekturen und Netzdienste Fakultt fr Informatik Technische Universitt Mnchen Surveillance and operational security 14ws 1 lecture evaluation oral

916 views • 30 slides
ilab Lab 5 DNS and DNSSec History and Motivation of DNS Problem: The Internet needs IP

ilab Lab 5 DNS and DNSSec History and Motivation of DNS Problem: The Internet needs IP

Lehrstuhl fr Netzarchitekturen und Netzdienste Institut fr Informatik Technische Universitt Mnchen ilab Lab 5 DNS and DNSSec History and Motivation of DNS Problem: The Internet needs IP addresses. Human beings do not memorize IP

779 views • 23 slides
ilab Lab 4 TCP/UDP Purpose of the Transport Layer Provides an end to end connectivity to

ilab Lab 4 TCP/UDP Purpose of the Transport Layer Provides an end to end connectivity to

Lehrstuhl fr Netzarchitekturen und Netzdienste Institut fr Informatik Technische Universitt Mnchen ilab Lab 4 TCP/UDP Purpose of the Transport Layer Provides an end to end connectivity to applications application application 4

647 views • 26 slides
iLab Onion Routing Benjamin Hof hof@in.tum.de Lehrstuhl fr Netzarchitekturen und Netzdienste

iLab Onion Routing Benjamin Hof hof@in.tum.de Lehrstuhl fr Netzarchitekturen und Netzdienste

iLab Onion Routing Benjamin Hof hof@in.tum.de Lehrstuhl fr Netzarchitekturen und Netzdienste Fakultt fr Informatik Technische Universitt Mnchen Lab 9 18ss 1 / 36 Outline Introduction Trust architecture Protocols Attacks

663 views • 45 slides
iLab Onion Routing Benjamin Hof hof@in.tum.de Lehrstuhl fr Netzarchitekturen und Netzdienste

iLab Onion Routing Benjamin Hof hof@in.tum.de Lehrstuhl fr Netzarchitekturen und Netzdienste

iLab Onion Routing Benjamin Hof hof@in.tum.de Lehrstuhl fr Netzarchitekturen und Netzdienste Fakultt fr Informatik Technische Universitt Mnchen Lab 9 16ss 1 / 38 Outline Introduction Trust architecture Protocols Attacks

879 views • 47 slides
iLab NAT / DHCP Florian Wohlfart wohlfart@in.tum.de Lehrstuhl fr Netzarchitekturen und

iLab NAT / DHCP Florian Wohlfart wohlfart@in.tum.de Lehrstuhl fr Netzarchitekturen und

iLab NAT / DHCP Florian Wohlfart wohlfart@in.tum.de Lehrstuhl fr Netzarchitekturen und Netzdienste Fakultt fr Informatik Technische Universitt Mnchen Lab 6 16ss 1 / 34 Motivation: IPv4 Address Scarcity source:

784 views • 54 slides
course evaluation room for attestations: 03.05.051 iLab Threat modelling, surveillance,

course evaluation room for attestations: 03.05.051 iLab Threat modelling, surveillance,

course evaluation room for attestations: 03.05.051 iLab Threat modelling, surveillance, operational security Benjamin Hof hof@in.tum.de Lehrstuhl fr Netzarchitekturen und Netzdienste Fakultt fr Informatik Technische Universitt

986 views • 47 slides
iLab TCP / UDP Florian Wohlfart wohlfart@in.tum.de Lehrstuhl fr Netzarchitekturen und

iLab TCP / UDP Florian Wohlfart wohlfart@in.tum.de Lehrstuhl fr Netzarchitekturen und

iLab TCP / UDP Florian Wohlfart wohlfart@in.tum.de Lehrstuhl fr Netzarchitekturen und Netzdienste Fakultt fr Informatik Technische Universitt Mnchen Lab 4 14ws 1 Outline Transport Layer UDP TCP MTCP / SCTP 2 Outline

720 views • 32 slides
ilab Lab 8 - SSL/TLS and IPSec Outlook: On Layer 4: Goal: Provide security for one

ilab Lab 8 - SSL/TLS and IPSec Outlook: On Layer 4: Goal: Provide security for one

Lehrstuhl fr Netzarchitekturen und Netzdienste Fakultt fr Informatik Technische Universitt Mnchen ilab Lab 8 - SSL/TLS and IPSec Outlook: On Layer 4: Goal: Provide security for one specific port SSL (Secure Socket Layer) /

812 views • 25 slides
iLab 2 Internet Protocol version 6 Stefan Liebald liebald@net.in.tum.de Lehrstuhl fr

iLab 2 Internet Protocol version 6 Stefan Liebald liebald@net.in.tum.de Lehrstuhl fr

iLab 2 Internet Protocol version 6 Stefan Liebald liebald@net.in.tum.de Lehrstuhl fr Netzarchitekturen und Netzdienste Fakultt fr Informatik Technische Universitt Mnchen October 18, 2017 Based on slides of Lukas Schwaighofer 1

678 views • 46 slides
iLab 2 Internet Protocol version 6 Stefan Liebald liebald@net.in.tum.de Lehrstuhl fr

iLab 2 Internet Protocol version 6 Stefan Liebald liebald@net.in.tum.de Lehrstuhl fr

iLab 2 Internet Protocol version 6 Stefan Liebald liebald@net.in.tum.de Lehrstuhl fr Netzarchitekturen und Netzdienste Fakultt fr Informatik Technische Universitt Mnchen April 25, 2017 Based on slides of Lukas Schwaighofer 1

471 views • 10 slides
iLab Static routing Minoo Rouhi rouhi@net.in.tum.de Slides by Benjamin Hof hof@in.tum.de

iLab Static routing Minoo Rouhi rouhi@net.in.tum.de Slides by Benjamin Hof hof@in.tum.de

iLab Static routing Minoo Rouhi rouhi@net.in.tum.de Slides by Benjamin Hof hof@in.tum.de Chair of Network Architectures and Services Department of Informatics Technical University of Munich Lab 2 17ws 1 / 21 Outline Meta

540 views • 27 slides
The iLab Experience a blended learning hands-on course concept you set the focus Do It Yourself

The iLab Experience a blended learning hands-on course concept you set the focus Do It Yourself

The iLab Experience a blended learning hands-on course concept you set the focus Do It Yourself - Hardware YE - Topic Outline May 29, 2018 10.4. Kick Off, IPv6 1 IPv6 BGP 17.4. 2 Minilab 1 2 mini labs Advanced Wireless Playground BGP

1.64k views • 125 slides
iLab Wireless Networks Florian Wohlfart wohlfart@in.tum.de Lehrstuhl fr Netzarchitekturen und

iLab Wireless Networks Florian Wohlfart wohlfart@in.tum.de Lehrstuhl fr Netzarchitekturen und

iLab Wireless Networks Florian Wohlfart wohlfart@in.tum.de Lehrstuhl fr Netzarchitekturen und Netzdienste Fakultt fr Informatik Technische Universitt Mnchen Lab 10 16ss 1 / 32 Oral attestations available dates Friday,

521 views • 33 slides
Textbooks Required ! Randal E. Bryant and David R. OHallaron, " Computer Systems: A

Textbooks Required ! Randal E. Bryant and David R. OHallaron, " Computer Systems: A

Textbooks Required ! Randal E. Bryant and David R. OHallaron, " Computer Systems: A Programmers Perspective 3 rd Edition, Prentice Hall 2015. Review of C Programming " csapp.cs.cmu.edu " Most of the slide materials in

698 views • 15 slides
Ken Birman i Cornell University. CS5410 Fall 2008. State Machines: History Idea was first

Ken Birman i Cornell University. CS5410 Fall 2008. State Machines: History Idea was first

Ken Birman i Cornell University. CS5410 Fall 2008. State Machines: History Idea was first proposed by Leslie Lamport in 1970s Builds on notion of a finite state automaton We model the program of interest as a black box with

875 views • 35 slides
CSCI 21 215 Soc ocial & Eth thical Iss Issues In In Com omputing Class 18 (some)

CSCI 21 215 Soc ocial & Eth thical Iss Issues In In Com omputing Class 18 (some)

CSCI 21 215 Soc ocial & Eth thical Iss Issues In In Com omputing Class 18 (some) General History Not otes Final Tomorrow Revie iew If I dont hug you because I dont want you to hug me, which ethical guideline am I

673 views • 22 slides
D9: Off-chain attacks Short-address attack Unnamed exchange uses insecure marshalling between

D9: Off-chain attacks Short-address attack Unnamed exchange uses insecure marshalling between

D9: Off-chain attacks Short-address attack Unnamed exchange uses insecure marshalling between web API and programming language (Web3/Solidity) and underlying execution environment (Ethereum Virtual Machine) Portland State University CS

996 views • 38 slides
Session 8 Database, Cloud and IoT Security Sbastien Combfis Fall 2019 This work is

Session 8 Database, Cloud and IoT Security Sbastien Combfis Fall 2019 This work is

I5020 Computer Security Session 8 Database, Cloud and IoT Security Sbastien Combfis Fall 2019 This work is licensed under a Creative Commons Attribution NonCommercial NoDerivatives 4.0 International License. Database Security

384 views • 24 slides
Applets Murray Cole Applets 1 Portability and Security JVM and bytecode make

Applets Murray Cole Applets 1 Portability and Security JVM and bytecode make

I V N E U R S E I H T Y T O H F G R E U D I B N Applets Murray Cole Applets 1 Portability and Security JVM and bytecode make portability easy facilitates sharing of programs, which can be good and

428 views • 18 slides
Object Oriented Programming and Design in Java Session 15 Instructor: Bert Huang Announcements

Object Oriented Programming and Design in Java Session 15 Instructor: Bert Huang Announcements

Object Oriented Programming and Design in Java Session 15 Instructor: Bert Huang Announcements Homework 3 out. Due Monday , Apr. 5 th Office hour change Sun Mon Tue Wed Thu Fri John 1-3 Class Class Lauren 11-12:15 11-12:15

1.37k views • 26 slides
Applications and Applets An applet is a program delivered via the web security issues,

Applications and Applets An applet is a program delivered via the web security issues,

Applications and Applets An applet is a program delivered via the web security issues, sandbox model where does code/images/etc come from? How is it delivered? what browsers support the 1.1 AWT event model (what about 1.2)? Use

382 views • 3 slides

More recommend