the matter of heartbleed
play

The Matter of Heartbleed IMC 2014 Zakir Durumeric, Frank Li, James - PowerPoint PPT Presentation

Aug 16, 2022 •513 likes •705 views

The Matter of Heartbleed IMC 2014 Zakir Durumeric, Frank Li, James Kasten, Johanna Amann, Jethro Beekman, Mathias Payer, Nicholas Weaver, David Adrian, Vern Paxson, Michael Bailey, J. Alex Halderman U.C. Berkeley CS294-105 Fall 2014 1

  1. The Matter of Heartbleed IMC 2014 Zakir Durumeric, Frank Li, James Kasten, Johanna Amann, Jethro Beekman, Mathias Payer, Nicholas Weaver, David Adrian, Vern Paxson, Michael Bailey, J. Alex Halderman U.C. Berkeley CS294-105 Fall 2014 1

  2. Heartbleed  2014 catastrophic information disclosure vulnerability in OpenSSL  Leakage of private data, encryption keys, etc.  Many websites affected This study: measure global response U.C. Berkeley CS294-105 Fall 2014 2

  3. Data overview Data Source Analysis Size/Amount Estimate initial impact, patching rate, 43,142,864 Heartbleed ZMap scans and notification reactions datapoints=89GiB Trustworthy Internet 200,000 HTTPS Estimate initial impact Movement's SSL Pulse websites Press releases, bug reports, Estimate initial impact and vulnerable ~60 documents security advisories products Michigan daily scans of the Quantify certificate revocation and ~3.5 billion scans= HTTPS ecosystem replacement 250 GB ICSI Certificate Notary Quantify certificate replacement 3 million certificates Network traces from ICSI, LBNL, Investigate pre-disclosure and 50+ TB of network NERSC, and an EC2 honeypot postdisclosure wide-spread attacks traces Debian weak keys vulnerability Compare Heartbleed with the Debian 10,224,300 data [Yilek et al, 2008] weak keys vulnerability datapoints=500 MiB Email exchanges with >4000 Understand notification sentiment > 1000 emails operator abuse contacts and measure responses U.C. Berkeley CS294-105 Fall 2014 3

  4. zmap: How was the data obtained? output zmap zgrab output files output files output files output files files Test TCP connection Test SSL connection, Detect Heartbleed U.C. Berkeley CS294-105 Fall 2014 4

  5. zmap: How much data was obtained? 144 measurements between April 14 and August 5 2014  1% samples  3×/day, later 1×/day  Each measurement about 300,000 datapoints  2KiB/datapoint (650MiB per measurement)  43,142,864 datapoints total (89GiB) U.C. Berkeley CS294-105 Fall 2014 5

  6. zmap: Data format random.20140414T1144.json random.20140415T2020.json random.20140416T0635.json random.20140416T1435.json … {"host":"50.97.227.237","error":null,"tls_handshake":{"ServerHelloMsg":{"v ersion":771,"random":"U0wCVfr6qytUEGrvGlHyt7lkaOaKzOheRRMYjcRuudY =","session_id":"UFdf9Mk5i4rjja+odAlhyToDD+lEr6Wx54EQummqm/Y=","ci pher_suite":49199,"compression_method":0,"next_protocol_negotiation":f alse,"next_protocols":null,"ocsp_stapling":false,"ticket_supported":false,"he artbeat_supported":true,"heartbleed_vulnerable":true},"ServerCertificates Msg":{"certificates":[" 2KB_base64_blob "," 2KB_base64_blob "," 2KB_base64_ blob "]},"ServerKeyExchangeMsg":{"key":" 1KB_key_blob "},"ServerFinishedM sg":{"verify_data":"wtirjakJwhuUNSwG"}},"encoding":"string","data":""} U.C. Berkeley CS294-105 Fall 2014 6

  7. zmap: Data format { "host": "50.97.227.237", "error": null, "tls_handshake": { "ServerHelloMsg": { "version": 771, "random": "U0wCVfr6qytUEGrvGlHyt7lkaOaKzOheRRMYjcRuudY=", "session_id": "UFdf9Mk5i4rjja+odAlhyToDD+lEr6Wx54EQummqm/Y=", "cipher_suite": 49199, "compression_method": 0, "next_protocol_negotiation": false, "next_protocols": null, "ocsp_stapling": false, "ticket_supported": false, "heartbeat_supported": true, "heartbleed_vulnerable": true }, "ServerCertificatesMsg": { "certificates": [ "2KB_base64_blob", "2KB_base64_blob", "2KB_base64_blob" ] }, "ServerKeyExchangeMsg": { "key": "1KB_key_blob" }, "ServerFinishedMsg": { "verify_data": "wtirjakJwhuUNSwG" } }, "encoding": "string", "data": "" } U.C. Berkeley CS294-105 Fall 2014 7

  8. zmap: How often did we see a certain host? 1 19,579,439 6 19,576 2 6,972,753 7 2,984 3 2,223,616 8 401 4 558,182 9 49 5 114,462 10 4 Total: 29,471,466 unique hosts U.C. Berkeley CS294-105 Fall 2014 8

  9. U.C. Berkeley CS294-105 Fall 2014 9

  10. U.C. Berkeley CS294-105 Fall 2014 10

  11. Debian PRNG bug data 2008 catastrophic key generation bug  Debian version of OpenSSL  SSL Certificates issued with weak keys Yilek et al. study: measure response of popular websites How much data was obtained? 173 measurements between May 17 and November 6 2008  Each measurement 59,100 dataponts  10,224,300 datapoints total U.C. Berkeley CS294-105 Fall 2014 11

  12. Debian comparison “apples -to- apples” comparison? => compare “entities” Entity: group of servers that all present the same certificate during a particular measurement zmap: First full measurement – April 11 10:05 UTC 2651838 entities - 180049 not patched (6.8%) zmap: First sampled measurement – April 14 15:44 UTC 108592 entities - 6422 not patched (5.9%) Debian: First meaurement – May 17 21:59 UTC 43132 entities - 468 not patched (11%) U.C. Berkeley CS294-105 Fall 2014 12

  13. U.C. Berkeley CS294-105 Fall 2014 13

  14. Debian comparison “apples -to- apples” comparison? => compare “entities” Debian measured certificate change, we just measured software upgrade => certificate change recommended new entity: group of servers that all present the same certificate during both a particular measurement and all previous measurements U.C. Berkeley CS294-105 Fall 2014 14

  15. U.C. Berkeley CS294-105 Fall 2014 15

  16. U.C. Berkeley CS294-105 Fall 2014 16

  17. U.C. Berkeley CS294-105 Fall 2014 17

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Heartbleed Presented by Duc Tran Agenda Background TLS OpenSSL TLS

Heartbleed Presented by Duc Tran Agenda Background TLS OpenSSL TLS

Heartbleed Presented by Duc Tran Agenda Background TLS OpenSSL TLS Heartbeat Extension The Hearbleed Bug Whos Vulnerable Demo Why its bad Protections Background What is Transport

562 views • 17 slides
The Heartbleed Bug and Attack Background: the Heartbeat Protocol TLS/SSL protocols provide a

The Heartbleed Bug and Attack Background: the Heartbeat Protocol TLS/SSL protocols provide a

The Heartbleed Bug and Attack Background: the Heartbeat Protocol TLS/SSL protocols provide a secure channel between two communicating applications TLS/SSL is widely used Heartbeat extension: implement keep-alive feature of TLS.

196 views • 8 slides
OpenSSL after HeartBleed Tim Hudson Cryptsoft, OpenSSL Team Rich Salz Akamai Technologies,

OpenSSL after HeartBleed Tim Hudson Cryptsoft, OpenSSL Team Rich Salz Akamai Technologies,

OpenSSL after HeartBleed Tim Hudson Cryptsoft, OpenSSL Team Rich Salz Akamai Technologies, OpenSSL Team The most important date April 3, 2014 LinuxCon/Europe 2016 2 The most important date April 3, 2014 HeartBleed Re-key the

755 views • 34 slides
The Nature of Matter 1 12/6/16 Matter & Energy Matter Matter is the "stuff"

The Nature of Matter 1 12/6/16 Matter & Energy Matter Matter is the "stuff"

12/6/16 The Nature of Matter 1 12/6/16 Matter & Energy Matter Matter is the "stuff" of the universe. Matter is anything that occupies space and has mass . Matter exists as a solid, liquid, gas, and plasma . Matter

595 views • 36 slides
H Healing Heartbleed li H bl d Vulnerability Mitigation with Internet wide Scanning

H Healing Heartbleed li H bl d Vulnerability Mitigation with Internet wide Scanning

H Healing Heartbleed li H bl d Vulnerability Mitigation with Internet wide Scanning Vulnerability Mitigation with Internet wide Scanning J. Alex Halderman Mining Your Ps and Qs: Widespread Weak Keys in Network Devices Nadia Heninger, Zakir

640 views • 53 slides
Towards a sustainable solution to open source sustainability Tobie Langel, Principal, UnlockOpen

Towards a sustainable solution to open source sustainability Tobie Langel, Principal, UnlockOpen

Towards a sustainable solution to open source sustainability Tobie Langel, Principal, UnlockOpen The Heartbleed Bug Heartbleed bug impact ! 4.5 MILLION The number of US patient records whose confidentiality was compromised. " $500

887 views • 39 slides
Testing TLS Hubert Kario Quality Engineer 24-10-2015 2014 Heartbleed 24-10-2015 3/55

Testing TLS Hubert Kario Quality Engineer 24-10-2015 2014 Heartbleed 24-10-2015 3/55

Testing TLS Hubert Kario Quality Engineer 24-10-2015 2014 Heartbleed 24-10-2015 3/55 OpenSSL CCS bug 24-10-2015 4/55 gotofail 24-10-2015 5/55 Certifjcate handling 24-10-2015 6/55 CVE-2014-6321 in schannel a.k.a. Winshock

774 views • 55 slides
Chemistry Chemistry is the science of matter and the changes it undergoes What is matter? (as

Chemistry Chemistry is the science of matter and the changes it undergoes What is matter? (as

Chemistry Chemistry is the science of matter and the changes it undergoes What is matter? (as it is related to biology) Matter Matter is anything that takes up space and has mass All living and nonliving matter is composed of

382 views • 13 slides
The Properties of Matter Basic Concepts All objects are made up of matter Matter is

The Properties of Matter Basic Concepts All objects are made up of matter Matter is

The Properties of Matter Basic Concepts All objects are made up of matter Matter is anything that takes up space and has mass Properties are the specific characteristics that describe matter Matter can be identified using its

335 views • 9 slides
How broken is TLS? A tale of BEAST, CRIME, Lucky Thirteen and Heartbleed Hanno B ock,

How broken is TLS? A tale of BEAST, CRIME, Lucky Thirteen and Heartbleed Hanno B ock,

Introduction Software CAs X.509 Symmetric encryption TLS misc Misc End How broken is TLS? A tale of BEAST, CRIME, Lucky Thirteen and Heartbleed Hanno B ock, https://hboeck.de 2014-04-19 1 / 44 Introduction Software CAs Introduction

821 views • 44 slides
Matter and Energy Chapter 1: Introduction to Matter Matter Volume Mass Weight Atom Molecule

Matter and Energy Chapter 1: Introduction to Matter Matter Volume Mass Weight Atom Molecule

Matter and Energy Notes.notebook Matter and Energy Chapter 1: Introduction to Matter Matter Volume Mass Weight Atom Molecule Element Compound Mixture States of Matter Solid Liquid Gas 1 Matter and Energy Notes.notebook Matter and

974 views • 73 slides
Cite as: Matter of M-, 3 I&N Dec. 850 (BIA 1950)

Cite as: Matter of M-, 3 I&N Dec. 850 (BIA 1950)

Cite as: Matter of M-, 3 I&N Dec. 850 (BIA 1950) https://casetext.com/case/in-the-matter-of-m-68 IN THE MATTER OF M----. IN STATUS DETERMINATION PROCEEDINGS. BEFORE THE CENTRAL OFFICE Discussion: Subject claims that she derived United

210 views • 8 slides
Credit: ESO/G Credit: ESA/Hubble DARK MATTER Dark Matter 10 x Luminous Matter Dark Matter

Credit: ESO/G Credit: ESA/Hubble DARK MATTER Dark Matter 10 x Luminous Matter Dark Matter

Credit: ESO/G Credit: ESA/Hubble DARK MATTER Dark Matter 10 x Luminous Matter Dark Matter Halo Credit: ESO/L Calada What is this Dark Matter? We do not know Weakly Interacting Massive Particles W I M P s Credit: S.

686 views • 21 slides
THE IMPACT OF HEARTBLEED Performed regular vulnerability scans against: Alexa Top 1 Million

THE IMPACT OF HEARTBLEED Performed regular vulnerability scans against: Alexa Top 1 Million

- 682: :B UGS T HE M ATTER OF H EARTBLEED U NDERSTANDING THE R EPRODUCIBILITY

1.06k views • 66 slides
What is Matter? The Simplest Form of Matter: Elements of the Periodic Table Properties of

What is Matter? The Simplest Form of Matter: Elements of the Periodic Table Properties of

Slide 1 / 176 Slide 2 / 176 7th Grade Matter and Its Properties 2015-09-16 www.njctl.org Slide 3 / 176 Slide 4 / 176 Table of Contents: Matter and Its Properties What is Matter? Click on the topic to go to that section How Do We

406 views • 40 slides
Properties of Matter and Solutions Slide 3 / 142 Slide 4 / 142 Matter Properties of Matter

Properties of Matter and Solutions Slide 3 / 142 Slide 4 / 142 Matter Properties of Matter

Slide 1 / 142 Slide 2 / 142 Properties of Matter and Solutions Slide 3 / 142 Slide 4 / 142 Matter Properties of Matter and Solutions We define matter as anything that has mass and takes up space. Pyrite, otherwise known as "fools

524 views • 24 slides
Introduction to Statically Introduction to Statically Indeterminate Indeterminate Analysis

Introduction to Statically Introduction to Statically Indeterminate Indeterminate Analysis

Introduction to Statically Introduction to Statically Indeterminate Indeterminate Analysis Indeterminate Indeterminate Analysis Analysis nalysis S pport reactions and internal Support reactions and internal forces of statically determinate

887 views • 60 slides
Introduction to DevOps Agile Training Series Spring 2016 Course Description Course Description

Introduction to DevOps Agile Training Series Spring 2016 Course Description Course Description

Introduction to DevOps Agile Training Series Spring 2016 Course Description Course Description The simultaneous needs for IT to 1) deploy new features and 2) keep systems up and running creates a core conflict that challenges development,

1.41k views • 104 slides
Governing the AI Revolution Allan Dafoe Yale University Future of Humanity Institute University

Governing the AI Revolution Allan Dafoe Yale University Future of Humanity Institute University

Governing the AI Revolution Allan Dafoe Yale University Future of Humanity Institute University of Oxford governance.ai Allan Dafoe governance.ai Yale / FHI, Oxford 1 / 19 The AI Governance Problem : the problem of devising global norms,

1.11k views • 42 slides
DBT: AN OVERVIEW Learning the Principles of Dialectical Behavior Therapy KRISTIN B. WEBB, PSY.D.

DBT: AN OVERVIEW Learning the Principles of Dialectical Behavior Therapy KRISTIN B. WEBB, PSY.D.

DBT: AN OVERVIEW Learning the Principles of Dialectical Behavior Therapy KRISTIN B. WEBB, PSY.D. 104 So. Estes Drive, Suite 206 Chapel Hill, NC 27514 www.drkristiwebb.com kristi.w@mindspring.com (not for patients) 919/225-1569 Our Agenda

1.33k views • 88 slides
advances and Challenges (Ethernet) Anupam Jagdish Chomal Principal Software Engineer DellEMC

advances and Challenges (Ethernet) Anupam Jagdish Chomal Principal Software Engineer DellEMC

Data center Networking: New advances and Challenges (Ethernet) Anupam Jagdish Chomal Principal Software Engineer DellEMC Isilon Bitcoin mining Contd Main reason for bitcoin mines at Iceland is the natural cooling for servers and cheap

473 views • 29 slides
7 IN DEALING WITH PARTNER VIOLENCE David Katerndahl, MD, MA Department of Family and Community

7 IN DEALING WITH PARTNER VIOLENCE David Katerndahl, MD, MA Department of Family and Community

7 IN DEALING WITH PARTNER VIOLENCE David Katerndahl, MD, MA Department of Family and Community Medicine University of Texas Health Science Center San Antonio, Texas SPEAKER DISCLOSURE Dr. Katerndahl has disclosed that he has no actual or

650 views • 52 slides
This document presents both the slides and extensive speakers notes used in a recent

This document presents both the slides and extensive speakers notes used in a recent

This document presents both the slides and extensive speakers notes used in a recent presentation to the Society of Petroleum Engineers in Melbourne. ******************************************************************************* Thank you to

707 views • 12 slides
Unresectable Mesenteric Masses: Fact or Fiction J. Philip Boudreaux, MD FACS Professor of

Unresectable Mesenteric Masses: Fact or Fiction J. Philip Boudreaux, MD FACS Professor of

Unresectable Mesenteric Masses: Fact or Fiction J. Philip Boudreaux, MD FACS Professor of Surgery LSUHSC New Orleans Chairman, Department of Surgery Ochsner Medical Center - Kenner Med edic ical v l vs S s Surgic ical M l Man

417 views • 39 slides

More recommend