apple ssl vulnerability explained
DESCRIPTION
Understand the coding error behind Apple's #gotofail. How one line of code undermined the use of SSL/TLS to secure iOS and Mac OS X communications.TRANSCRIPT
![Page 2: Apple SSL Vulnerability Explained](https://reader033.vdocument.in/reader033/viewer/2022061201/547897c3b4af9fc3158b459c/html5/thumbnails/2.jpg)
Digital Certificates
• Digital Certificates use asymmetric cryptography to facilitate the secure exchange of public keys.
• Rely upon the use of trusted Certificate Authorities– Certificate Authorities responsible for vouching for identity of
certificate “subjects”.– Usually used for servers, can also be used by individuals.– Organization proves its identity to the CA and the CA provides a
signed certificate that can be used to prove identity to others.
• To a CA, trust is essential!
![Page 3: Apple SSL Vulnerability Explained](https://reader033.vdocument.in/reader033/viewer/2022061201/547897c3b4af9fc3158b459c/html5/thumbnails/3.jpg)
What’s in a Digital Certificate?
3
• Name of the certificate subject• Subject’s public key• Name of the CA• Serial number• Signature algorithm• Validity period• CA’s digital signature
Source: Apple Computer
![Page 4: Apple SSL Vulnerability Explained](https://reader033.vdocument.in/reader033/viewer/2022061201/547897c3b4af9fc3158b459c/html5/thumbnails/4.jpg)
Using Certificates in HTTPS
• HTTPS uses digital certificates to ensure secure web communications
• It supplements the standard HTTP protocol with SSL/TLS encryption
1. You access a secure site using your web browser
2. Your browser retrieves the site certificate and verifies it• What does a certificate error mean?
3. Your browser then chooses a symmetric key, encrypts it with the server’s public key and sends it to the server
• Why don’t they just communicate using the server’s public key?
4. Everything from that point forward is encrypted with the symmetric key
4
![Page 5: Apple SSL Vulnerability Explained](https://reader033.vdocument.in/reader033/viewer/2022061201/547897c3b4af9fc3158b459c/html5/thumbnails/5.jpg)
Apple’s Code
Source: The Guardian
The repeated “goto fail;” is the #fail
![Page 6: Apple SSL Vulnerability Explained](https://reader033.vdocument.in/reader033/viewer/2022061201/547897c3b4af9fc3158b459c/html5/thumbnails/6.jpg)
Apple’s Code
Source: The Guardian
Because it is always executed, bypassing this check
![Page 7: Apple SSL Vulnerability Explained](https://reader033.vdocument.in/reader033/viewer/2022061201/547897c3b4af9fc3158b459c/html5/thumbnails/7.jpg)
Simpler Version of the Same Flaw
Source: imperialviolet.org
Default return value set to 1
Goto bypasses attempt to change return value
Default value (1) always returned by function
![Page 8: Apple SSL Vulnerability Explained](https://reader033.vdocument.in/reader033/viewer/2022061201/547897c3b4af9fc3158b459c/html5/thumbnails/8.jpg)
Impact• Digital signatures on ephemeral keys not
verified
• Certificate itself is verified
• Link between certificate and key not checked
• Clients always trust presented ephemeral keys because the certificate checked out OK
![Page 9: Apple SSL Vulnerability Explained](https://reader033.vdocument.in/reader033/viewer/2022061201/547897c3b4af9fc3158b459c/html5/thumbnails/9.jpg)
gotofail.com
![Page 10: Apple SSL Vulnerability Explained](https://reader033.vdocument.in/reader033/viewer/2022061201/547897c3b4af9fc3158b459c/html5/thumbnails/10.jpg)
Fixes
• For iOS, upgrade to 7.0.6
• No fix yet available for OS X
• In the meantime, use Chrome for partial fix