Professional Documents
Culture Documents
Benjamin Hof
hof@in.tum.de
Lab 7 – 18ss
1 / 41
Outline
Trust
Packet filter
Netfilter
2 / 41
Outline
Trust
Packet filter
Netfilter
3 / 41
Security in the Internet threat model
I secure endpoints
I insecure network
4 / 41
Establishing trust
5 / 41
Certificate
I public key
I entity name
I validity period CA signs with its private key
I signer information
+ signature over all these fields
6 / 41
Certification process
I issued by CA
I prove control over domain to CA
I CA signs with its private key: your public key, other certificate
information
I certificate is sent to you
7 / 41
Revocation
8 / 41
Certificate verification
I trusted CA
I name correct
I validity period
I valid signature
I not revoked
If all conditions are fulfilled, the certificate is considered verified.
9 / 41
CA/Browser Forum
I voluntary association
I negotiate the rules and controls for issuance
I different levels of assurance without security benefit
10 / 41
Problems
11 / 41
Certificate transparency
Idea
I irrevocably publish issuances
I enable everybody to check if presented certificate was published
I no hiding of misissuances anymore
Trust
Packet filter
Netfilter
13 / 41
Transport Layer Security
application
I confidentiality and data integrity
(not signed artifacts)
TLS
I peer authentication
I client-server
TCP
I transparent for applications e. g.,
IMAPS, HTTPS
I 1996: SSL 3.0, 2008: TLS 1.2 IP
I TLS 1.3 spec finished in March
2018 link layer
14 / 41
Subprotocols
change application
handshake alert
cipher spec data
record
15 / 41
Record protocol
0 7 8 15 16 23 24 31
16 / 41
Record processing
seq#, header SDU
MAC
encrypt
header ciphertext
Goals
I DH key agreement with server authentication
I establish session keys
Approach
1. exchange random values
2. DH exchange
3. server signs its DH and the random values
4. use DH result and random values to:
I authenticate handshake
I derive session keys, IVs
18 / 41
Conceptual view
random random
random
s)
random, cert, DH, signature(DH, rnd DH
verify certificate
verify signature
DH
compute DH
compute auth DH, authenticator
compute DH
verify auth
compute auth
authenticator
verify auth
ClientHello
ServerHelloDone
ServerHello Certificate ServerKeyExchange
ChangeCipherSpec Finished
21 / 41
Problems
22 / 41
23 / 41
Recommendations
I don’t go home-brewed
I keep your library up to date. . .
I offer v1.2
I HSTS
I switch off compression
I ECDHE for fast forward security
I only AES cipher suites
I prefer AES-GCM
Only TLS 1.2 with GCM (and 1.3) is cryptographically secure.
24 / 41
Outline
Trust
Packet filter
Netfilter
25 / 41
Network access control
26 / 41
Basic strategies
27 / 41
Simple example
28 / 41
Simple example
28 / 41
Flow
5-tuple
I src IP
I dst IP
I layer 4 protocol
I src port
I dst port
29 / 41
Packet filtering
1. stateless
I look only at packets
I fast, little memory access
I use for IP filters or to handle many addresses
30 / 41
Packet filtering
1. stateless
I look only at packets
I fast, little memory access
I use for IP filters or to handle many addresses
2. stateful
I packets may generate state
I look at flows
I smarter, e. g.:
I only allow incoming UDP packets when matching previous
outgoing packet to corresponding 5-tuple
I match ICMP port unreachable with the corresponding TCP
stream
I need to protect against DoS, e. g. with connection rate limiting
30 / 41
Architecture: simple packet filter
31 / 41
Architecture: screened subnet
DMZ
Internet ext int local network
bastion host
32 / 41
Must have
33 / 41
Limitations
34 / 41
Outline
Trust
Packet filter
Netfilter
35 / 41
nftables
36 / 41
Jan Engelhardt, CC-BY-SA
37 / 41
Example ruleset (incomplete)
nft add rule ip6 filter input icmpv6 type echo-request accept
nft add rule ip6 filter input tcp dport 443 accept
38 / 41
Example ruleset (incomplete)
39 / 41
Chain design
40 / 41
Recommended sources
41 / 41