Nayanamana Samarasinghe and Mohammad Mannan

Nayanamana Samarasinghe and Mohammad Mannan

Concordia University, Montreal, Canada

____________________________________________Nayanamana Samarasinghe__Apr 5, 2017__2

_____________________________________TLS Ecosystems in Networked Devices vs. Web Servers

Background

▪ Rapid growth of Internet-connected devices (IoT)➢ Forecast:

25-50 billion devices (Cisco, Ericson, Gartner) by 2020

26 devices/person

Economic impact: $2-$5 trillion

➢ They will increase opportunities for an attacker

▪ Rise in TLS adoption to improve communication security



Devices in focus



Motivation

▪ Several measurement studies done on TLS vulnerabilities of websites

➢TLS ecosystem of the web is improving

▪But what about devices?



Our goals

▪ Study TLS vulnerabilities in devices➢ Parameters used in secure communication

(SSL/TLS) of devices

▪ TLS parameters in Alexa 1M sites used for comparison



Some options for large scale collection of TLS certificates

▪ EFF SSL Observatory

▪ Rapid 7

▪ ZMap

▪ Shodan



How to identify device types?

▪ Manual inspection

▪ Automatically, using meta-data (e.g. Censys, Shodan)



▪ TLS search engine for devices & networks➢ Based on ZMap (network scanner)

➢ Supports phased out cipher suites of popular browsers

Our analysis is based on Censys

zgrab ztag database

TLS banner grabber

user

Allows annotating raw scan

data with additional metadata.



Methodology

1. Extract certificates and TLS parameters

2. Based on annotations, categorize devices into logical groupings

3. Compute statistics for weak and strong TLS security parameters

4. Compare between devices and Alexa 1M sites



Grouping of devices based on annotations in Censys

We’ve categorized device types as:

Infrastructure routers, Modem, Camera, NAS, Home

router, Network, Printer, SCADA, CPS and Media

Example:

Category Device types

SCADA SCADA controller, router, gateway, server, front-end



Analysis & Results (1)

Comparisons of WEAK cryptographic primitives

Signature algorithms

0

10

20

30

40

50

60

70

80

90

100

Infra.router

Modem Camera NAS Homerouter

Network Printer Scada CPS Media Deviceavg.

Alexa1M

%

MD5WithRSA SHA1WithRSA





Hashing algorithms

0

10

20

30

40

50

60

70

80

90

100

Infra.router



Alexa1M

%

MD5 SHA1



0

10

20

30

40

50

60

70

80

90

100

Infra.router



Alexa 1M

%

3DES_EDE_CBC RC4_128

Analysis & Results (3)Comparisons of WEAK cryptographic primitives

Encryption algorithms





Key lengths

0

10

20

30

40

50

60

70

80

90

100

Infra.router



Alexa1M

%

RSA 512 RSA 768 RSA 1024





SSL/TLS Protocol versions

0

10

20

30

40

50

60

70

80

90

100

Infra.router



Alexa1M

%

SSLv3 TLSv1.0 TLSv1.1



Analysis & Results (6)Comparisons of STRONG cryptographic primitives

Hashing Algorithms Encryption AlgorithmsKey lengths

Signature Algorithms SSL/TLS protocol versions

✓ ECDSA mostly supported in the

web.

✓ Relative to Infrastructure

routers, other device categories

use stronger AES ciphers,

TLS1.2 & SHA256 hashing

algorithm.

✓ 4096 keys are mostly used in

webapps

0

10

20

30

40

50

60

70

80

90

100

%

TLSv1.2

0

10

20

30

40

50

60

70

80

90

100

%

RSA 2048 RSA 4096

0

10

20

30

40

50

60

70

80

90

100

%

AES_128_CBC

AES_256_CBC

AES_128_GCM

0

10

20

30

40

50

60

70

80

90

100

%

TLSv1.2

0

10

20

30

40

50

60

70

80

90

%

SHA256WithRSASHA512WithRSAECDSAWithSHA256



Top manufacturers of vulnerable devices

Common defence by manufacturers is that though security patches are released, no action by users

(As of October 2016)

Manufacturer MD5 RC4 SSLv3 < RSA1024 Device types

Cisco 347 98,904 65,413 12,713 Network, infra. router

Hewlett Packard 1 5,214 1 12 Network, printer, scada, home router

AVM 78 5,062 33 2 Modem

Hikvision 664 1,085 214 75 Camera

QNAP 383 889 286 51 NAS



Limitations (our work is not comprehensive!)

1. Possible limitations in Censys logic/misconfiguration

2. Censys annotations still evolving

3. Unreachable devices in ZMap

4. Device exploitations depend on how they are used

5. Devices in IPv6 not accounted



Concluding remarks

1. TLS deployment in devices is weaker than the web

2. Raise awareness

3. How to improve? forced auto-update?

Thank [email protected]

Nayanamana Samarasinghe and Mohammad Mannan

Documents

Transcript of Nayanamana Samarasinghe and Mohammad Mannan