ssl trust pitfalls

SSL Trust Pitfalls

Prof. Ravi Sandhu

2© Ravi Sandhu

SERVER-SIDE SSL (OR 1-WAY) HANDSHAKE WITH RSA

Client Server ClientHello --------> ServerHello Certificate <-------- ServerHelloDone ClientKeyExchange [ChangeCipherSpec] Finished --------> [ChangeCipherSpec] <-------- Finished Application Data <-------> Application Data

RecordProtocol

HandshakeProtocol

3© Ravi Sandhu

CLIENT-SIDE SSL (OR 2-WAY) HANDSHAKE WITH RSA

Client Server ClientHello --------> ServerHello Certificate CertificateRequest <-------- ServerHelloDone Certificate ClientKeyExchange CertificateVerify [ChangeCipherSpec] Finished --------> [ChangeCipherSpec] <-------- Finished Application Data <-------> Application Data

RecordProtocol

HandshakeProtocol

4© Ravi Sandhu

SINGLE ROOT CA MODEL

RootCA

a b c d e f g h i j k l m n o p

RootCAUser

5© Ravi Sandhu

SINGLE ROOT CAMULTIPLE RA’s MODEL

RootCA

a b c d e f g h i j k l m n o p

RootCA

User RA

User RA

User RA

6© Ravi Sandhu

MULTIPLE ROOT CA’s MODEL

RootCA

a b c d e f g h i j k l m n o p

RootCAUser

RootCA

RootCA

RootCAUser

RootCAUser

7© Ravi Sandhu

ROOT CA PLUS INTERMEDIATE CA’s MODEL

Z

X

Q

A

Y

R S T

C E G I K M O

a b c d e f g h i j k l m n o p

8© Ravi Sandhu

MULTIPLE ROOT CA’s PLUS INTERMEDIATE CA’s MODEL

X

Q

A

R

S T

C E G I K M O

a b c d e f g h i j k l m n o p

9© Ravi Sandhu

MULTIPLE ROOT CA’s PLUS INTERMEDIATE CA’s MODEL

X

Q

A

R

S T

C E G I K M O

a b c d e f g h i j k l m n o p

10© Ravi Sandhu

MULTIPLE ROOT CA’s PLUS INTERMEDIATE CA’s MODEL

X

Q

A

R

S T

C E G I K M O

a b c d e f g h i j k l m n o p

11© Ravi Sandhu

MULTIPLE ROOT CA’s PLUS INTERMEDIATE CA’s MODEL

Essentially the model on the web today

Deployed in server-side SSL mode Client-side SSL mode yet to happen

12© Ravi Sandhu

SERVER-SIDE SSL (OR 1-WAY) HANDSHAKE WITH RSA

Client Server ClientHello --------> ServerHello Certificate <-------- ServerHelloDone ClientKeyExchange [ChangeCipherSpec] Finished --------> [ChangeCipherSpec] <-------- Finished Application Data <-------> Application Data

RecordProtocol

HandshakeProtocol

13© Ravi Sandhu

SERVER-SIDE MASQUARADING

BobWeb browser

www.host.comWeb serverServer-side SSL

UltratrustSecurityServices

www.host.com

14© Ravi Sandhu

SERVER-SIDE MASQUARADING

BobWeb browser

www.host.comWeb server

Server-side SSL UltratrustSecurityServices

www.host.comMallory’sWeb server

BIMMCorporation

www.host.com

Server-side SSL

15© Ravi Sandhu

SERVER-SIDE MASQUARADING

BobWeb browser

www.host.comWeb server

Server-side SSL UltratrustSecurityServices

www.host.comMallory’sWeb server

Server-side SSL

BIMMCorporation

UltratrustSecurityServices

www.host.com

16© Ravi Sandhu

CLIENT-SIDE SSL (OR 2-WAY) HANDSHAKE WITH RSA

Client Server ClientHello --------> ServerHello Certificate CertificateRequest <-------- ServerHelloDone Certificate ClientKeyExchange CertificateVerify [ChangeCipherSpec] Finished --------> [ChangeCipherSpec] <-------- Finished Application Data <-------> Application Data

RecordProtocol

HandshakeProtocol

17© Ravi Sandhu

MAN IN THE MIDDLEMASQUARADING PREVENTED

BobWeb browser

www.host.comWeb server

Client-side SSL

UltratrustSecurityServices

www.host.com

Mallory’sWeb server

BIMMCorporation

Client-side SSL

UltratrustSecurityServices

www.host.com

Client Side SSLend-to-endUltratrust

SecurityServices

Bob

BIMMCorporation

UltratrustSecurityServices

Bob

18© Ravi Sandhu

ATTRIBUTE-BASED CLIENT SIDE MASQUARADING

Joe@anywhereWeb browser

BIMM.comWeb serverClient-side SSL

UltratrustSecurityServices

BIMM.com

UltratrustSecurityServices

Joe@anywhere

19© Ravi Sandhu

ATTRIBUTE-BASED CLIENT SIDE MASQUARADING

Alice@SRPCWeb browser

BIMM.comWeb serverClient-side SSL

UltratrustSecurityServices

BIMM.com

SRPC

Alice@SRPC

20© Ravi Sandhu

ATTRIBUTE-BASED CLIENT SIDE MASQUARADING

Bob@PPCWeb browser

BIMM.comWeb serverClient-side SSL

UltratrustSecurityServices

BIMM.com

PPC

Bob@PPC

21© Ravi Sandhu

ATTRIBUTE-BASED CLIENT SIDE MASQUARADING

Alice@SRPCWeb browser

BIMM.comWeb serverClient-side SSL

UltratrustSecurityServices

BIMM.com

SRPC

PPC

Bob@PPC

22© Ravi Sandhu

PKI AND TRUST

Got to be very careful Not a game for amateurs Not many professionals as yet