信息安全从业人员^_^
一个未入门de情报学胖子(邮箱:tenghm1986@163.com)
Toggle navigation
信息安全从业人员^_^
主页
About Me
归档
标签
SSL调研
2019-04-25 23:58:55
532
0
0
heming
#0.参考 [1][wiki TLS](https://en.wikipedia.org/wiki/Transport_Layer_Security#cite_note-trustworthy_ssl_pulse-71) [2][Comparison of TLS implementations](https://en.wikipedia.org/wiki/Comparison_of_TLS_implementations) [3][wireshark ssl wiki](https://wiki.wireshark.org/SSL) [4][decrypting-ssl-traffic-with-wireshark-and-ways-to-prevent-it](https://wirewatcher.wordpress.com/2010/07/20/decrypting-ssl-traffic-with-wireshark-and-ways-to-prevent-it/) [5][Decrypting Diffie Hellma Ephemeral with the master key](https://www.unleashnetworks.com/blog/?p=574) [6][Decrypting TLS messages which is using Diffie hellman algorithm](https://osqa-ask.wireshark.org/questions/21011/decrypting-tls-messages-which-is-using-diffie-hellman-algorithm) [7][pre-master-key解释](https://medium.com/asecuritysite-when-bob-met-alice/ephemeral-diffie-hellman-c07c54afabff) [8][Forward Secrecy and Ephemeral Keys … Guarding Against Data Breaches in the Future and the Past](https://medium.com/asecuritysite-when-bob-met-alice/forward-secrecy-and-ephemeral-keys-guarding-against-data-breaches-in-the-future-b709295c6e5a) [9][tls-pre-master-secrets-and-master-secrets](https://www.cryptologie.net/article/340/tls-pre-master-secrets-and-master-secrets/) [10][解释tls握手-good](https://blog.cloudflare.com/keyless-ssl-the-nitty-gritty-technical-details/) [11][ssl/tls decryption uncovering secrets](https://sharkfesteurope.wireshark.org/assets/presentations17eu/15.pdf) # 1.TLS情况介绍 ##1.1 TLS发展 TLS安全传输,顾名思义,传输过程中数据是加密后进行传输,而目前**公司产品(审计/DLP/脱敏)都要获取传输中的明文数据**,进而才能完善产品功能。因此很有必要了解目前TLS规范发展情况,洞悉TLS的细节,以期找到某种方法截获明文数据。 TLS1.1 was defined in [RFC4346](https://tools.ietf.org/html/rfc4346) in April 2006(**2006年4月**) TLS1.2 was defined in [RFC 5246](https://tools.ietf.org/html/rfc5246) in August 2008(**2008年8月**) TLS1.3 was defined in [RFC 8446](https://tools.ietf.org/pdf/rfc8446.pdf) in August 2018(***2018年8月***) ## 1.2 TLS各版本使用情况 tips:时间:2019.4.2 来源:[ssl pulse:survery of the ssl implementation of the most popular websites](https://www.ssllabs.com/ssl-pulse/) <center> ![TLS各版本使用情况](https://leanote.com/api/file/getImage?fileId=5cc25c34ab64412a480051b0) </center> ## 1.3 各ssl库支持情况 目前SChannel未支持TLS1.3 <center> ![各ssl库支持情况](https://leanote.com/api/file/getImage?fileId=5cc25c34ab64412a480051ab) </center> ## 1.4 Key exchange方法 tips:蓝色 安全;黄色 非安全 <center> ![key exchage](https://leanote.com/api/file/getImage?fileId=5cc25c34ab64412a480051a8) </center> DHE_RSA(Ephemeral临时 Diffie-Hellman,DHE) > TLS handshake解释 TLS主要关注dual goals:confidentiality and authentication(机密性与身份验证) 两个party在网上聊天时,为了阻止eve窃听,相互协商密钥,用某种对称算法进行加密(机密性) 两个party要相互验证身份,证书(身份验证) 另外为了保证双方传递消息时的完整性,防止被篡改,要使用hash算法 >关于key exchange方法 <center> ![key-exchange与验签](https://leanote.com/api/file/getImage?fileId=5ce60b82ab644139920016a4) </center> - RSA - DH(Diffie-Hellman) - DHE(Diffie-Hellman Ephemeral临时) - ECDH(Elliptic Curve椭圆曲线 Diffie-Hellman) - ECDHE(Elliptic Curve Diffie-Hellman Ephemeral) >关于cipher suite解释 ECDHE-ECDSA-AES-GCM-SHA384 - Elliptic Curve Diffie-Hellman Ephemeral(ECDHE) 密钥交换方法 - Elliptic Curve Digital Signature Algorithms(ECDSA) authentication(认证) - 256-bit Advanced Encryption Standard in Galois/Counter mode (AES256-GCM) for confidentiality(数据传递加密方法) - 384-bit Secure Hashing Algorithm for integrity(完整性校验) > RSA密钥交换 ![RSA密钥交换](https://leanote.com/api/file/getImage?fileId=5cc25c34ab64412a480051af) > DH密钥交换参考 <center> ![DH密钥交换](https://leanote.com/api/file/getImage?fileId=5cc25c34ab64412a480051b1) </center> <center> ![key-exchange](https://leanote.com/api/file/getImage?fileId=5cc25c34ab64412a480051ac) </center> <center> ![pre-master-key-master-key](https://leanote.com/api/file/getImage?fileId=5cc25c34ab64412a480051a9) </center> ## 1.5 目前破解方法 ### 1.5.1 RSA密钥交换破译 RSA交换是不安全的key交换,一旦eve拥有private key,过往所有数据皆可破译,目前TLS1.3已废除此key exchange 方法,TLS1.2已推荐不使用此方法。 RSA破译需要获得客户私钥 - 基于wireshark(或类似抓包软件)破译(重) - 开源[decrypt-sslstream](https://github.com/hemingteng/decrypt-sslstream),轻便,已测过可以破译 - [ssldump](https://pequalsnp-team.github.io/cheatsheet/ssldump) ### 1.5.2 pre-master-key方式(适用于所有key exchange) - 获取pre-master-key and session id(参考:[youtube演讲ssl/tls decryption uncovering secrets](https://www.youtube.com/watch?v=bwJEBwgoeBg) [pdf--ssl/tls decryption uncovering secrets](https://sharkfesteurope.wireshark.org/assets/presentations17eu/15.pdf)) >A post on the Wireshark Q&A site wondered if you **controlled** the **client** or the **server** and could **output the so called master secret**, can you then **decrypt the SSL/TLS traffic**? The answer is **absolutely**! If you had the master secret, it does not matter what key exchange algorithm you use. The only question left is : Do you support decryption of the cipher! - 参考keyless ssl(nginx/openssl--[10]) <center> ![keyless ssl](https://leanote.com/api/file/getImage?fileId=5cc25c34ab64412a480051ae) </center>
上一篇:
DLP学习
下一篇:
区块链学习资料整理
0
赞
532 人读过
新浪微博
微信
腾讯微博
QQ空间
人人网
Please enable JavaScript to view the
comments powered by Disqus.
comments powered by
Disqus
文档导航