Difference between revisions of "SSL forensics"

Latest revision as of 13:54, 20 July 2008

SSL (TLS) forensics is the process of capturing information exchanged through SSL (TLS) connections and trying to make sense of it in some kind of forensics capacity.

[edit] Overview

TLS (Transport Layer Security) provides authentication and encryption for many network protocols, such as: POP, IMAP, SMTP, HTTP. However, it is possible to tunnel almost every TCP-based protocol through TLS using such tools as stunnel.

Generally, many TLS realizations require only server to be authenticated using signed certificate.

[edit] Data decryption

Data exchanged through SSL (TLS) connections can be decrypted by performing man-in-the-middle attack. Attacker can modify TLS handshake and provide new certificates (with attacker's encryption keys).

Some commercial network forensics systems can perform such an attack:

• Mera Systems Sleek Buster (supports signed by a trusted CA forged certificates)
• E-Detective HTTPS/SSL Network Packet Forensics Device

As well as some open-source tools:

• ettercap (unsupported, last version - 2005/05/29)
• dsniff (obsolete, last stable version - 2000/12/17)

[edit] Other information

The TLS protocol also leaks some significant information:

• Current date and time on a TLS client and server (old versions of Firefox and Thunderbird leak system's uptime);
• Hostname being accessed ("server_name" extension);
• Original data size.

[edit] The Onion Router

Tor tunnels application data through TLS connections and it is not possible to decrypt such connections by performing traditional man-in-the-middle attack. Tor also sends application data in chunks to make it harder to guess exactly how many bytes users are communicating.

[edit] Links

• RFC 2246 (TLS 1.0)
• RFC 4346 (TLS 1.1)