How Codenomicon Discovered Heartbleed

pptx 19 trang phuongnguyen 3600
Bạn đang xem tài liệu "How Codenomicon Discovered Heartbleed", để tải tài liệu gốc về máy bạn click vào nút DOWNLOAD ở trên

Tài liệu đính kèm:

  • pptxhow_codenomicon_discovered_heartbleed.pptx

Nội dung text: How Codenomicon Discovered Heartbleed

  1. How Codenomicon Discovered Heartbleed Solutions For Protecting Your Organization FINLAND SILICON VALLEY SINGAPORE
  2. Heartbleed How Heartbleed Was Discovered What We All Need To Know Codenomicon Ltd. May 2, 2014
  3. Codenomicon •Company is a spinoff (2001) from PROTOS research project focused on intelligent and systematic fuzzing techniques. •Backed with 18 years of research in this field, the OUSPG team at the University of Oulu started in 1996 •Codenomicon has grown into the largest commercial vendor of fuzz testing tools globally. •Still heavily involved in research and development . New industry segments: automotive, medical, ICS, and Electric Sector (SmartGrid) . New testing techniques/analysis: e.g. Safeguard and AppCheck 3 April 2014, All Rights Reserved. @CodenomiconLTD
  4. Defensics and Safeguard •Our Defensics fuzzing tools cover over 260 protocols and file formats •Safeguard is a feature we are developing as an extension to test robustness testing and fuzzing, and will be deployed to a number of protocol test suites •Safeguard consists of extensive analysis of system behavior under fuzz-testing to detect weaknesses such as memory dumps and amplification problems •It was during testing of Safeguard functionality that we discovered the Heartbleed flaw 4 April 2014, All Rights Reserved. @CodenomiconLTD
  5. This is Not Our First Big Discovery •Among hundreds of cases, several have been multi-vendor cases applying to wide range of services/devices: . Numerous flaws in MIME in 1998 . Numerous flaws in ASN.1/SNMP in 2001/2002 . Apache IPv6-URI flaw in 2004 . Numerous flaws in image formats in 2005 . Numerous flaws in XML libraries in 2009 . Several flaws in Linux Kernel IPv4 and SCTP in 2010 . RSA signature verification vulnerability in strongSwan in 2012 . Several OpenSSL and GnuTLS vulnerabilities in 2004, 2008, 2012 and 2014 5 April 2014, All Rights Reserved. @CodenomiconLTD
  6. How the Heartbleed Bug Works
  7. 7 April 2014, All Rights Reserved. @CodenomiconLTD
  8. 8 April 2014, All Rights Reserved. @CodenomiconLTD
  9. How We Discovered Heartbleed •We run tests against popular open source platforms and critical customer systems . Main goal is to verify interoperability of tests •Heartbleed was found when new tests for Safeguard were being implemented to TLS fuzzing tool •We ALWAYS handle vulnerabilities through responsible disclosure •We reported the Heartbleed bug directly to CERT-FI (not OpenSSL) 9 April 2014, All Rights Reserved. @CodenomiconLTD
  10. What is the Potential Impact •“We have tested some of our own services from attacker’s perspective. We attacked ourselves from outside, without leaving a trace. Without using any privileged information or credentials we were able steal from ourselves the secret keys used for our X.509 certificates, user names and passwords, instant messages, emails and business critical documents and communication.” • 10 April 2014, All Rights Reserved. @CodenomiconLTD
  11. What is the Potential Impact, cont. • Although web has received the most attention, the vulnerability is not web only, and not server only. It affects all applications, client or server, using vulnerable versions of OpenSSL. • Also impacted are management systems using SSL/TLS transport. • Commonly found affected devices including, control systems devices, industrial and electrical application protocols, Smart Meters, medical devices and components, power generation and transmission components, VPNs, routers, telecom devices, remote access devices, field service devices, Human Machine Interfaces, and ANY IoT device relying on TLS/SSL, if using affected versions of OpenSSL/TLS. 11 April 2014, All Rights Reserved. @CodenomiconLTD
  12. How You Can Test for Heartbleed • Numerous tools are available for checking for Heartbleed (but be careful, some of them have false negatives). Discovery is the first critical step! • Defensics TLS test suite includes tests for Heartbleed . Select test cases: *.heartbleed . Beta is available now, commercial release in early May • Check the OpenSSL version, affected versions: . OpenSSL 1.0.1 through 1.0.1f (inclusive) are vulnerable . OpenSSL 1.0.1g is NOT vulnerable . OpenSSL 1.0.0 branch is NOT vulnerable . OpenSSL 0.9.8 branch is NOT vulnerable • Codenomicon AppCheck (static binary analysis tool) can be used to track this and other vulnerabilities in device firmware. 12 April 2014, All Rights Reserved. @CodenomiconLTD
  13. BEWARE: Old Versions of OpenSSL May be Vulnerable to Other Older Issues •Our technology identifies numerous weaknesses in OpenSSL 0.9.8j •Latest new version in 0.9.8 branch is dated Feb 2013 (release “0.9.8y”) 13 April 2014, All Rights Reserved. @CodenomiconLTD
  14. How Can You Protect Yourself • Workaround: . Disable Heartbeat functionality by recompiling OpenSSL with Heartbeat flag off • Fix: . Upgrade OpenSSL library • Afterwards: . Create new secret and public key-pair . Apply for new certificates and revoke old certificates . Change passwords . Apply IDS rules to detect (e.g. FBI Snort signatures ) 14 April 2014, All Rights Reserved. @CodenomiconLTD
  15. What the Future Holds: Heartbleed • How to handle certificate revocation? . Massive lists of revoked certificates in browsers? (not very practical to maintain) . Requests each time security critical sites are accessed? (privacy aspects, all services you use are notified) • Downplaying the impact: . Forward secrecy (also known as perfect forward secrecy or PFS) . Random stack, zeroed heap, difficult to find keys • Finding statically linked OpenSSL libraries from binaries, embedded devices, copy&pasted code • Constant monitoring of applications and device firmware • Fuzzing for more similar weaknesses 15 April 2014, All Rights Reserved. @CodenomiconLTD
  16. Conclusions
  17. ASN.1 / SNMP case (2001) vs. Heartbleed (2014) • Similar impact: . ASN.1: affected nearly every network device in the world as it applied to a wide range of protocols and implementations . Heartbleed: 60%+ of services, clients, embedded IoT devices using encryption • In both the information was shared CERT-communities: . ASN.1: extremely complex information – no IDS detection available, every vendor had its unique bugs, no common “patch” to deploy . Heartbleed: simple to understand – patches and IDS rules almost immediately available to general public – community effort • How it was seen by the critical infrastructure: . ASN.1: “Government-driven”, Whitehouse cyber security advisor Howard Schmidt briefed George W. Bush, nine months of secrecy, fixing the Internet in silence with hundreds of vendors . Heartbleed: “Community-driven” crisis communication after bug became public, major media push to communicate the importance, “Bug 2.0” 17 April 2014, All Rights Reserved. @CodenomiconLTD
  18. Questions for You, Our Audience • Have you identified all client-side code that uses OpenSSL? • Have you checked if your VPN or mesh networks use OpenSSL? • Have you checked if any of your connected devices are using OpenSSL? • Have you checked if your back-end systems are using OpenSSL? • Have you checked if any of your embedded systems are using OpenSSL (many embedded OS use OpenSSL)? • Do you have browser based customer interfaces for situation awareness, billing or reporting over SSL/TLS? • Have you checked third-party binaries/firmware for the existence of OpenSSL? • Are you an early adopter of DTLS? (telcos are) • When you go and check in practice, be a bit careful, some embedded devices with SSL/TLS are rumored to crash with Heartbleed probe 18 April 2014, All Rights Reserved. @CodenomiconLTD
  19. Excellent Work Globally • • Begin Update B Part 1 of 1 • Additional Snort signatures have been provided by the FBI, “Mitigation against Open Secure Socket Layer Heartbeat Extension Vulnerability” at • Snort community rules can be found at • Additional indicators of compromise are available on the Control Systems compartment of the US-CERT secure portal for owners and operators of critical infrastructure • ICS-CERT encourages U.S. asset owners and operators to join the Control Systems compartment of the US-CERT secure portal. Send your name, e-mail address, and company affiliation to ics-cert@hq.dhs.gov • End Update B Part 1 of 1 19 April 2014, All Rights Reserved. @CodenomiconLTD