Four Must Know Certificate and Key Management Threats That Can Bring Down Your Business
-
Upload
venafi -
Category
Technology
-
view
1.382 -
download
0
description
Transcript of Four Must Know Certificate and Key Management Threats That Can Bring Down Your Business
1
Prepared for:
Four Must Know Certificate and Key Management
Threats
Intelligent People
2
Server AuthenticationSecure Communications
Server Authentication Secure Communications
Client-side Server Authentication
Use of Certificates and Keys in Enterprise Environments
Certificate Authorities
© 2013 Venafi
3
Certificate and Key Management Challenges
© 2013 Venafi
Certificate Authorities
4
Downtime Risk
© 2013 Venafi
5
Certificate-based DowntimeExpired Certificate
Browser error message.
Web server certificate expires
Application server certificate expires
Application outage.
© 2013 Venafi
6
Certificate-based DowntimeExpired Intermediate Root Certificate
CA1
Multiple simultaneous application outages.
Intermediate Root Certificates
Expired
© 2013 Venafi
7
Certificate-based DowntimeTrusted Root Certificates Not Updated
© 2013 Venafi
CA1 CA2
Trusted Root Certificates
from CA1
New Certificates from CA2
Downtime because new certs from CA2 are not trusted.
Move to new CA
8
Certificate-based Causes of Downtime
• Scenarios– Certificate expires– Intermediate root certificate expires– Root certificates not updated
• Causes1. No inventory certificates to track expiration2. Correct administrators NOT notified of impending
expiration3. Administrators notified but don’t not take action4. Certificates renewed but not installed5. Certificates installed but applications not restarted6. No tracking or management of intermediate root7. No tracking or management of trusted roots
© 2013 Venafi
9
Security Risks
© 2013 Venafi
10
The Threat is Evolving
© 2013 Venafi
Attackers stole private keys from two
Taiwanese companies and Adobe to sign
code.
Attackers compromise or dupe certificate authorities
to issue fraudulent certificates for further
attacks.
Attackers exploited MD5 to create a face
Microsoft CA certificate and then
sign code.
Hackers are increasingly targeting public key infrastructure for attacks because it is a broadly used security mechanism.
Poor certificate management practices put you at risk.
CA CompromisesCA Compromises
DuquDuqu FlameFlame
StuxnetStuxnet AdobeAdobe
BusterBuster
11
Public Key Infrastructure (PKI)The Foundation of Digital Certificates
Root CA
Relying Party
End Entity Certificate
OCSP Responder
CRL Distribution
Point
CRLRegistration Authority
Subject
Issuing CA Certificate
CRL
Root Certificate
IssuingCACA
© 2013 Venafi
12
Private Key Compromise Risk
© 2013 Venafi
13
Server
Putting Private Keys at Risk
© 2013 Venafi
Server
Performance Monitoring
Customer Experience Monitoring
Security Monitoring
Private keys are manually passed to other groups/adminsfor distribution.
Keystore 1 Password = abc123
Keystore passwords are not changed regularly.
Keystore 2Password = abc123
Same password used on multiple keystores.
Admins manually manage private keys, making it possible to copy them.
Private keys and passwords are not changed when adminsleave the organization
14
CA Compromise Risk
© 2013 Venafi
15
Recent Public Certificate Authority & Fraudulent Certificate Incidents
© 2013 Venafi
Year Incidents
2001 • VeriSign issues Microsoft Corporation code signing certificate to a non-Microsoft employee.
2008• Thawte issues certificate for Live.com to non-Microsoft employee• Comodo issues mozilla.org certificate to Startcom• Organization forges VeriSign RapidSSL certificates
2011
• Comodo issues nine counterfeit certificates (Google, Yahoo, Live, etc.) when registration authority is compromised.
• StartSSL CA compromised• DigiNotar compromised. 531 fraudulent certificates issued. Dutch
government experiences major service outages.• Boeing CA compromised
2013 • Microsoft CA certificates forged by exploiting MD5 (Flame)
2013 • Buster: DigiCert issues code signing certificate to bogus company
* Electronic Freedom Foundation uncovers many more unpublicized CA incidents by analyzing CRLs from public CAs
16
NIST Alert on CA Compromisehttp://csrc.nist.gov/publications/nistbul/july-2013_itl-bulletin.pdf
These recent attacks on CAs make it imperative that organizations ensure they are using secure CAs and are prepared to respond to a CA compromise or issuance of a fraudulent certificates.
- NIST, July 2013
These recent attacks on CAs make it imperative that organizations ensure they are using secure CAs and are prepared to respond to a CA compromise or issuance of a fraudulent certificates.
- NIST, July 2013
© 2013 Venafi
17
Using Fraudulent Certificates:A Two-Phased Attack
Get fraudulent
certificate(s).
Use the fraudulent
certificate(s) for nefarious
purposes.
© 2013 Venafi
18
SubjectHacker
CA Compromise and Fraudulent Certificate Scenarios
CA
RA
C
CA System Compromise: Malware or other infiltration used to get fraudulent certificate signed by CA (without getting copy of CA private key).
Impersonation: Trick RA into issuing a fraudulent certificate. A
RA Compromise: Infiltrate RA or steal credentials and authorize fraudulent certificates. B
CA Key Theft: Stolen or derived copy of CA private key is used to issue fraudulent certificates.
D
© 2013 Venafi
19
Man-in-the-Middle
Bob
Alice.comCertificate
Alice.comPrivate Key
Alice.com
EveBob is redirected thru Eve’s server and presented with the fraudulent certificate. Eve can view all encrypted data.
Bob normally connects to Alice.com directly and verifies the authenticity of the server using its certificate
FraudulentCertificate
Eve’sPrivate Key
Subject: Alice.comIssuer: CA1Public Key:
Subject: Alice.comIssuer: CAxPublic Key:
© 2013 Venafi
20
Impersonation
Bob
Bob’s Certificate
Bob’s Private Key
Alice.com
Eve FraudulentCertificateEve’sPrivate Key
Subject: BobIssuer: CA1Public Key:
Eve authenticates as Bob to Alice.com using the fraudulent certificate
Bob authenticates to Alice.com using his certificate
Subject: BobIssuer: CAxPublic Key:
© 2013 Venafi
21
Forge Digital Signatures
Bob
Bob’s Certificate
Bob’s Private Key
Alice
Eve FraudulentCertificateEve’sPrivate Key
Eve is able to forge Bob’s signature using the fraudulent certificate
Bob digitally signs documents authorizing fund transfers
Subject: BobIssuer: CA1Public Key:
Subject: BobIssuer: CAxPublic Key:
© 2013 Venafi
22
Fallout from a CA CompromiseAll Certificates must be Replaced
© 2013 Venafi
CA1 CA2
All certificates from compromised CA must be replaced.
Must move to new CA
23
Weak Algorithm Risk
© 2013 Venafi
24
Flame and MD5Attack on Microsoft
• Focused on MD5 Certificate
• Certificate was remanufactured using well‐known attack
• Man‐in‐the‐middle was setup
• Targeted machines detected no difference
Microsoft Impersonated
1
• Microsoft Licensing Services Compromised
• Microsoft Update Services Compromised
• Machines still thought they were working securely with Microsoft
Services Compromised
2
• Code was signed using the fake, remanufactured certificate
• Windows allowed the malware to spread quickly and run
Fake Code Signing
3
• Malware stole small parts of files
• Information was sent to 80 different URLs
• Once analyzed, instructed to return and get interesting files
Information Stolen
4
© 2013 Venafi
25
Are Your Doors Open?
© 2013 Venafi
• Nearly 1 in 5 certificates relies on outdated, “hackable” MD5 algorithm• Not a hypothetical risk• Security doors are open today• IDS, IPS, AV, firewalls do not close these doors (appears as authentic)• Legal and risk management departments are mandating that MD5 certs be
removed
26
Summary
• Your organization uses certificates broadly for SSL/TLS today…and use is growing
• Attackers are increasingly targeting certificates and PKI (non-hypothetical risk)
• Risks include:– Downtime– Private key compromise– CA compromise– Algorithm breakage
• Lack of certificate and key management puts your organization at risk
© 2013 Venafi
27© 2013 Venafi
Next Steps
• Attend the second half of this webinar series: “5 Must Haves to Prevent Encryption Disasters” Feb 20, 10am EST, 7am PST, 3pm GMT
• Download NIST’s ITL Bulletin: “Preparing for and Responding to CA Compromise”
www.venafi.com/NIST
• Questions?– Paul Turner
Next Steps
• Attend the second half of this webinar series: “5 Must Haves to Prevent Encryption Disasters” Feb 20, 10am EST, 7am PST, 3pm GMT
• Download NIST’s ITL Bulletin: “Preparing for and Responding to CA Compromise”
www.venafi.com/NIST
• Questions?– Paul Turner
Today’s Presentation
NIST ITL Bulletin
28© 2013 Venafi
?? ?? ??DiscussionDiscussion
29© 2013 Venafi
Unpublished Work of Venafi, Inc. All Rights Reserved.
This work is an unpublished work and contains confidential, proprietary, and trade secret information of Venafi, Inc. Access to this work is restricted to Venafi employees who have a need to know to perform tasks within the scope of their assignments. No part of this work may be practiced, performed, copied, distributed, revised, modified, translated, abridged, condensed, expanded, collected, or adapted without the prior written consent of Venafi, Inc. Any use or exploitation of this work without authorization could subject the perpetrator to criminal and civil liability.
General Disclaimer
This document is not to be construed as a promise by any participating company to develop, deliver, or market a product. Venafi, Inc. makes no representations or warranties with respect to the contents of this document, and specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose. Further, Venafi, Inc. reserves the right to revise this document and to make changes to its content, at any time, without obligation to notify any person or entity of such revisions or changes. All Venafi marks referenced in this presentation are trademarks or registered trademarks of Venafi, Inc. in the United States and other countries. All third-party trademarks are the property of their respective owners.
© 2013 Venafi