IPv6 TLS Security Scanning Master Thesis Intermediate Talk Pirmin - - PowerPoint PPT Presentation

ipv6 tls security scanning
SMART_READER_LITE
LIVE PREVIEW

IPv6 TLS Security Scanning Master Thesis Intermediate Talk Pirmin - - PowerPoint PPT Presentation

Oct 27, 2023 38 likes •189 views

Chair of Network Architectures and Services Technical University of Munich IPv6 TLS Security Scanning Master Thesis Intermediate Talk Pirmin Blanz 28.09.2016 Chair of Network Architectures and Services Department of Informatics Technical

slide-1
SLIDE 1

Chair of Network Architectures and Services Technical University of Munich

IPv6 TLS Security Scanning

Master Thesis Intermediate Talk Pirmin Blanz

28.09.2016 Chair of Network Architectures and Services Department of Informatics Technical University of Munich Advisors: Oliver Gasser, Quirin Scheitle, Dr. Ralph Holz

Pirmin Blanz – IPv6 TLS Security Scanning 1

slide-2
SLIDE 2

Chair of Network Architectures and Services Technical University of Munich

Motivation Related Work Approach Analysis Next Steps

Pirmin Blanz – IPv6 TLS Security Scanning 2

slide-3
SLIDE 3

Chair of Network Architectures and Services Technical University of Munich

Motivation

◮ TLS Security Scanning

◮ Protocol for security sensitive services (Banking, Shopping,

etc.)

◮ TLS can be vulnerable: Weak ciphers, short keys, bad

implementations (Heartbleed, DROWN)

◮ IHK TLS-Check (2016) [6] ◮ ∼ 16,000 Server of IHK member companies ◮ ∼ 6% SSL V2.0, ∼ 22% SSL V3.0, ∼ 87% TLS 1.0 ◮ ∼ 74% offer insecure cipher suites

◮ IPv6 TLS Security Scanning

◮ Plenty of existing IPv4 security scans ◮ Growing IPv6 deployment (∼ 10% [4]) ◮ How secure are IPv6 enabled hosts? ◮ How does IPv6 stand up in a comparison with IPv4 Pirmin Blanz – IPv6 TLS Security Scanning 3

slide-4
SLIDE 4

Chair of Network Architectures and Services Technical University of Munich

Related Work

◮ Holz et al.: ”The SSL Landscape - A Thorough Analysis of

the X.509 PKI Using Active and Passive Measurements”[5]

◮ 1.5 years, ∼ 5.5M distinct X.509 certificates, ∼ 120M TLS

connections

◮ ∼ 30% with weak cipher suites, ∼ 18% valid certificates

◮ Gasser et al.: ”Scanning the IPv6 Internet: Towards a

Comprehensive Hitlist”[3])

◮ Guidelines for IPv6-Hitlist generation ◮ Alexa, DNS zone files, Passive measurements ◮ 150M IPv6 addresses, 84% AS coverage

◮ Czyz et al.: ”Don’t Forget to Lock the Back Door! A

Characterization of IPv6 Network Security Policy”[1]

◮ Unintended port openness of Dualstack hosts ◮ ∼ 50% are more open (HTTPS by ∼ 19% ) Pirmin Blanz – IPv6 TLS Security Scanning 4

slide-5
SLIDE 5

Chair of Network Architectures and Services Technical University of Munich

Approach

  • 1. Gather targets (DNS name resolution using massdns)
  • 2. Port scan (using Zmap[2], Zmapv6[3])
  • 3. Perform TLS handshakes (using goscanner) and collect

data (X.509 certificates, TLS handshake data)

  • 4. Data analysis (Jupyter Notebook with Pandas,

PyOpenSSL)

◮ Investigated subsets: IPv4, IPv6, dualstack, dualstack IPv4,

dualstack IPv6

◮ Investigated aspects: TLS (version, cipher suite ), X.509

certificates (Validity dates, signature algorithms, key length, ... )

Pirmin Blanz – IPv6 TLS Security Scanning 5

slide-6
SLIDE 6

Chair of Network Architectures and Services Technical University of Munich

Evaluation (I) - The Dataset

IP Addresses IPv4 Addresses IPv6 Addresses Dualstack Hosts

IP/Host Subsets

100,000 200,000 300,000 400,000 500,000 600,000 700,000

Number IPs/Hosts

700235 655134 45100 55157 478978 460441 18536 32574 392822 382186 10636 20849 Overview - Numbers

1) Alexa 1 Mio 2) Zmap Output 3) Goscan Output

◮ Hosts accessible on port 443: ∼ 70%, Successful TLS

handshake: ∼ 57%

◮ ∼ 390,000 TLS handshakes, ∼ 284,000 distinct certificates

Pirmin Blanz – IPv6 TLS Security Scanning 6

slide-7
SLIDE 7

Chair of Network Architectures and Services Technical University of Munich

Evaluation (II) - TLS Versions

IPv4 Addresses Dualstack IPs Dualstack IPv4 Dualstack IPv6 Sets 0.0 0.1 0.2 0.3 0.4 0.5 0.6 0.7 0.8 0.9 1.0 Percent

Protocols

TLSv1 TLSv1.1 TLSv1.2

◮ Various TLSv1 implementations are vulnerable (e.G.: to

POODLE)

◮ TLSv1 is used more frequently on IPv4 hosts

Pirmin Blanz – IPv6 TLS Security Scanning 7

slide-8
SLIDE 8

Chair of Network Architectures and Services Technical University of Munich

Evaluation (I) - TLS Cipher Suites

IPv4 Addresses Dualstack IPs Dualstack IPv4 Dualstack IPv6 IP Subsets 0.0 0.1 0.2 0.3 0.4 0.5 0.6 0.7 0.8 0.9 1.0 Percent

Ciphers

1) STRONG 2) INTERMEDIATE 3) WEAK

◮ Strong: AES-GCM ≥ 128, PFS ◮ Intermediate: Known weaknesses. E.g.: CBC in TLS 1.0 ◮ Weak: Known to be broken. E.g.: 3DES, MD5

Pirmin Blanz – IPv6 TLS Security Scanning 8

slide-9
SLIDE 9

Chair of Network Architectures and Services Technical University of Munich

Evaluation (IV) - X.509 Public Key

◮ 256-EC-RSA

= 3072-RSA/DSA

◮ 1024-RSA deprecated since 2008

Pirmin Blanz – IPv6 TLS Security Scanning 9

slide-10
SLIDE 10

Chair of Network Architectures and Services Technical University of Munich

Evaluation (V) - X.509 Signature Algorithms

sha256WithRSAEncryption sha1WithRSAEncryption ecdsa-with-SHA256 sha384WithRSAEncryption ecdsa-with-SHA384

Sets

0.0 0.1 0.2 0.3 0.4 0.5 0.6

Percent

Certificate Signature Algorithms

IPv4 Addresses IPv4 only hosts Dualstack IPs Dualstack IPv4 Dualstack IPv6

◮ Collisions for SHA1 detected [7] ◮ IPv6 resp. dualstack hosts utilize ECDSA more frequently

Pirmin Blanz – IPv6 TLS Security Scanning 10

slide-11
SLIDE 11

Chair of Network Architectures and Services Technical University of Munich

Evaluation (VI) - X.509 Validity

Expired 60 - 180 days 180 - 360 days 1 - 2 years 2 - 5 years 5 - 10 years 20 - 40 years 0.0 0.1 0.2 0.3

Certificate Validity

IPv4 Addresses Dualstack IPv6

◮ Expired certificates won’t pass verification ◮ IPv4 hosts utilize expired certificates more frequently

Pirmin Blanz – IPv6 TLS Security Scanning 11

slide-12
SLIDE 12

Chair of Network Architectures and Services Technical University of Munich

Next Steps (I)

◮ Additional scans

◮ Comparison of multiple scans over time ◮ Multiple hitlists (DNS zone files next)

◮ Refine scanning

◮ SNI ◮ Dualstack detection

◮ Extend evaluation

◮ Certificate chains ◮ Vulnerabilities Pirmin Blanz – IPv6 TLS Security Scanning 12

slide-13
SLIDE 13

Chair of Network Architectures and Services Technical University of Munich

Next Steps (II) - Estimated Schedule

2016 Jun Jul Aug Sep Oct Nov Dec Research Implement Analysis Framework Scanning Data Evaluation Thesis writing Today

Pirmin Blanz – IPv6 TLS Security Scanning 13

slide-14
SLIDE 14

Chair of Network Architectures and Services Technical University of Munich

Bibliography I

[1] J. Czyz, M. Luckie, M. Allman, and M. Bailey. Don’t Forget to Lock the Back Door! A Characterization of IPv6 Network Security Policy. In Network and Distributed System Security Symposium, Feb. 2016. [2] Z. Durumeric, E. Wustrow, and J. A. Halderman. ZMap: Fast Internet-wide Scanning and Its Security Applications. In Usenix Security, volume 2013, 2013. [3] O. Gasser, Q. Scheitle, S. Gebhard, and G. Carle. Scanning the IPv6 Internet: Towards a Comprehensive Hitlist. In 8th Int. Workshop on Traffic Monitoring and Analysis, 2016. [4] Google. Ipv6 adpoption. Technical report, Google, https://www.google.com/intl/en/ipv6/statistics.html, 2016. [5] R. Holz, L. Braun, N. Kammenhuber, and G. Carle. The SSL Landscape: A Thorough Analysis of the X.509 PKI Using Active and Passive Measurements. In Proceedings of the 2011 ACM SIGCOMM conference on Internet measurement conference, pages 427–444. ACM, 2011. [6] IHK. Pk tls-check. Technical report, IHK, 2016. [7] M. Stevens, P . Karpman, and T. Peyrin. Freestart collision for full sha-1. Cryptology ePrint Archive, Report 2015/967, 2015.

Pirmin Blanz – IPv6 TLS Security Scanning 14

slide-15
SLIDE 15

Chair of Network Architectures and Services Technical University of Munich

Backup(I) - X.509 Versions

2 3 0.0 0.2 0.4 0.6 0.8 1.0 Certificate X.509 Versions IP Addresses IPv4 Addresses IPv6 Addresses Dualstack IPs Dualstack IPv4 Dualstack IPv6

Pirmin Blanz – IPv6 TLS Security Scanning 15