Towards Forward Secure Internet Traffic

Forward Secrecy (FS) is a security property in key-exchange algorithms which guarantees that a compromise in the secrecy of a long-term private-key does not compromise the secrecy of past session keys. With a growing awareness of long-term mass surveillance programs by governments and others, FS has become widely regarded as a highly desirable property. This is particularly true in the TLS protocol, which is used to secure Internet communication. In this paper, we investigate FS in pre-TLS 1.3 protocols, which do not mandate FS, but still widely used today. We conduct an empirical analysis of over 10 million TLS servers from three different datasets using a novel heuristic approach. Using a modern TLS client handshake algorithms, our results show 5.37% of top domains, 7.51% of random domains, and 26.16% of random IPs do not select FS key-exchange algorithms. Surprisingly, 39.20% of the top domains, 24.40% of the random domains, and 14.46% of the random IPs that do not select FS, do support FS. In light of this analysis, we discuss possible paths toward forward secure Internet traffic. As an improvement of the current state, we propose a new client-side mechanism that we call "Best Effort Forward Secrecy" (BEFS), and an extension of it that we call "Best Effort Forward Secrecy and Authenticated Encryption" (BESAFE), which aims to guide (force) misconfigured servers to FS using a best effort approach. Finally, within our analysis, we introduce a novel adversarial model that we call "discriminatory" adversary, which is applicable to the TLS protocol

This POODLE Bites: Exploiting the SSL 3.0 Fallback

This document discusses how attackers can exploit the downgrade dance and break the cryptographic security of SSL 3.0

Valutazione della sicurezza delle comunicazioni con i principali istituti di credito online

In questa tesi sono stati studiati in maniera approfondita i protocolli crittografici SSL/TLS mettendone in risalto le potenzialità così come le debolezze in correlazione all'uso con HTTPS. Sono stati studiati gli aspetti relativi ai certificati, all'infrastruttura a chiave pubblica e sono stati riportati vari tipi di attacchi conosciuti alla sicurezza delle comunicazioni. Successivamente, lo scopo del progetto è stato quello di sviluppare un tool per l'analisi passiva delle comunicazioni HTTPS di un sito web. In particolare il tool ha permesso di individuare ed identificare errate configurazioni e problemi legati alla sicurezza del server web. Infine si è adoperato il tool per analizzare, in anonimato, alcuni istituti di credito italiano

Hiding in text/plain sight: Security defences of Tor Onion Services

Tor Onion Services are a way to host websites and other internet services anonymously. Onion Services are often used to bypass internet censorship and provide information services to users in oppressive regimes. This paper presents an analysis of the security defences deployed on these Onion Services. Onion Services tend to have better security policy than sites on the clear web. However they lag behind in the deployment of HTTPS, a key defence to ensuring the security of users of such services

Postcards from the post-HTTP world: Amplification of HTTPS vulnerabilities in the web ecosystem

HTTPS aims at securing communication over the Web by providing a cryptographic protection layer that ensures the confidentiality and integrity of communication and enables client/server authentication. However, HTTPS is based on the SSL/TLS protocol suites that have been shown to be vulnerable to various attacks in the years. This has required fixes and mitigations both in the servers and in the browsers, producing a complicated mixture of protocol versions and implementations in the wild, which makes it unclear which attacks are still effective on the modern Web and what is their import on web application security. In this paper, we present the first systematic quantitative evaluation of web application insecurity due to cryptographic vulnerabilities. We specify attack conditions against TLS using attack trees and we crawl the Alexa Top 10k to assess the import of these issues on page integrity, authentication credentials and web tracking. Our results show that the security of a consistent number of websites is severely harmed by cryptographic weaknesses that, in many cases, are due to external or related-domain hosts. This empirically, yet systematically demonstrates how a relatively limited number of exploitable HTTPS vulnerabilities are amplified by the complexity of the web ecosystem

Herramienta de análisis automático de vulnerabilidades SSL

Este Trabajo Fin de Grado, tiene como objetivo la realización de una aplicación web para el análisis de la capa SSL de páginas web, enfocándolo a usuarios interesados en conocer las vulnerabilidades, información de certificados, tipos de cifrados que soporta y protocolos. Esta herramienta permite el análisis en tiempo real y de forma remota URLs, IPs o servidores. Además de esto, permite un registro para los usuarios que realicen análisis diariamente, puesto que es necesario mantener el control de los usuarios que puedan o tengan la intención de hacer mala praxis de la aplicación. Así mismo, permite la inclusión de nuevos exploits, bajo previa validación del administrador de la aplicación para aumentar el número de vulnerabilidades analizadas en el test. Cuenta también con la posibilidad de ver las estadísticas de los exploits (cada uno por separado) y también la de todos ellos juntos.The main goal of this TFG is the design and developoment of a SSL tester web application. It allows to perform a complete assesment, providing detailed information, including known vulnerabilities, digital certificates or supported protocol versions. On the other hand, this tool performs a real-time test in a remote URLs, IPs and servers, in a similar way that other well-known comercial solutions. It also supports user registration, who can then recover past scans and perform dayly analysis. Registration is mandatory in any case for the use of the tool, in order to reduce its potential bad use. For last, the solution has the capability of including new exploits, under previous validation of the administrator, to increase the number of checked vulnerabilities during the test. It also presents exploits’ statistics upon request