Difference between revisions of "SSL forensics"
(New page: '''SSL (TLS) forensics''' is the process of capturing information exchanged through SSL (TLS) connections and trying to make sense of it in some kind of forensics capacity. == Overview ==...) |
m (added Category:Network Forensics) |
||
| (One intermediate revision by one user not shown) | |||
| Line 11: | Line 11: | ||
Data exchanged through SSL (TLS) connections can be decrypted by performing ''man-in-the-middle'' attack. Attacker can modify TLS handshake and provide new certificates (with attacker's encryption keys). | Data exchanged through SSL (TLS) connections can be decrypted by performing ''man-in-the-middle'' attack. Attacker can modify TLS handshake and provide new certificates (with attacker's encryption keys). | ||
| − | + | Some commercial [[network forensics]] systems can perform such an attack: | |
| − | * Mera Systems [http://netbeholder.com/en/products/lawful_interception.html Sleek Buster] (supports signed forged certificates) | + | * Mera Systems [http://netbeholder.com/en/products/lawful_interception.html Sleek Buster] (supports signed by a trusted CA forged certificates) |
* [http://www.edecision4u.com/edecision4u/Products.html E-Detective HTTPS/SSL Network Packet Forensics Device] | * [http://www.edecision4u.com/edecision4u/Products.html E-Detective HTTPS/SSL Network Packet Forensics Device] | ||
| Line 23: | Line 23: | ||
The TLS protocol also leaks some significant information: | The TLS protocol also leaks some significant information: | ||
* Current date and time on a TLS client and server (old versions of [[Firefox]] and [[Thunderbird]] leak system's uptime); | * Current date and time on a TLS client and server (old versions of [[Firefox]] and [[Thunderbird]] leak system's uptime); | ||
| + | * Hostname being accessed ("server_name" extension); | ||
* Original data size. | * Original data size. | ||
| + | |||
| + | == [[The Onion Router]] == | ||
| + | |||
| + | [[Tor]] tunnels application data through TLS connections and it is not possible to decrypt such connections by performing traditional ''man-in-the-middle'' attack. [[Tor]] also sends application data in chunks to make it harder to guess exactly how many bytes users are communicating. | ||
== Links == | == Links == | ||
| Line 29: | Line 34: | ||
* [http://rfc.net/rfc2246.html RFC 2246 (TLS 1.0)] | * [http://rfc.net/rfc2246.html RFC 2246 (TLS 1.0)] | ||
* [http://rfc.net/rfc4346.html RFC 4346 (TLS 1.1)] | * [http://rfc.net/rfc4346.html RFC 4346 (TLS 1.1)] | ||
| + | |||
| + | [[Category:Network Forensics]] | ||
Latest revision as of 13:54, 20 July 2008
SSL (TLS) forensics is the process of capturing information exchanged through SSL (TLS) connections and trying to make sense of it in some kind of forensics capacity.
Contents |
[edit] Overview
TLS (Transport Layer Security) provides authentication and encryption for many network protocols, such as: POP, IMAP, SMTP, HTTP. However, it is possible to tunnel almost every TCP-based protocol through TLS using such tools as stunnel.
Generally, many TLS realizations require only server to be authenticated using signed certificate.
[edit] Data decryption
Data exchanged through SSL (TLS) connections can be decrypted by performing man-in-the-middle attack. Attacker can modify TLS handshake and provide new certificates (with attacker's encryption keys).
Some commercial network forensics systems can perform such an attack:
- Mera Systems Sleek Buster (supports signed by a trusted CA forged certificates)
- E-Detective HTTPS/SSL Network Packet Forensics Device
As well as some open-source tools:
- ettercap (unsupported, last version - 2005/05/29)
- dsniff (obsolete, last stable version - 2000/12/17)
[edit] Other information
The TLS protocol also leaks some significant information:
- Current date and time on a TLS client and server (old versions of Firefox and Thunderbird leak system's uptime);
- Hostname being accessed ("server_name" extension);
- Original data size.
[edit] The Onion Router
Tor tunnels application data through TLS connections and it is not possible to decrypt such connections by performing traditional man-in-the-middle attack. Tor also sends application data in chunks to make it harder to guess exactly how many bytes users are communicating.
