Training 2017 - Smashing the SSL/TLS protocol with practical crypto attacks
From BruCON 2017
Smashing the SSL/TLS protocol with practical crypto attacks
Smashing the SSL/TLS protocol with practical crypto attacks is a 3-days long course dedicated for professionals and students eager to keep pace with latest crypto attacks affecting SSL/TLS services and learn the relative defensive countermeasures. This is a completely hands-on course, because there is no better way to understand crypto theory than put into practice attacks and techniques to defeat crypto algorithms. The course is also one of a kind. The practical part is based on a new framework called cryptosploit (code will be released for free as part of class materials). Watch the video link below for a demo of cryptosploit and how powerful it can be:
Cryptosploit implements the same concept of metasploit but is specific for network / crypto attacks. Commands and syntax are similar to metasploit as well in order to reduce the learning curve.
According to recent statistics, SSL/TLS is nowadays used to encrypt over 50% of communications on the internet. It is there when we need to browse the web, download or send emails, connect to VPN networks and much more. This three days training is focused on practical hacking of SSL/TLS such as retrieving the private key of servers, decrypting encrypted traffic or breaking the PKI. We will cover the basics of each version of SSL/TLS (from SSLv2 up to TLS 1.3) by highlighting weaknesses and state-of-art attacks. Each vulnerability introduced will be tested in practice and along with that, defensive configurations and countermeasures will be discussed. We will also dive deep into vulnerabilities specific to some SSL/TLS implementations or generically applicable to any implementation of protocol, both focusing on native crypto pitfalls and side-channel attacks. This training assumes that the attendees have little to no prior experience with cryptography. If you know how to multiply, divide or compute the remainder of two numbers that’s enough! We will bring you to an expert level with SSL/TLS protocols, crypto algorithms, and expose you to attacks that you would have never thought of before. Upon completion of this training, participants will be able to:
- Develop a comprehensive perspective on the granular pieces of SSL/TLS (public key cryptography, key exchange algorithms, key derivation functions, message authentication codes, etc…);
- Develop a global insight with regards to main crypto algorithms for symmetrical/asymmetrical encryption, signing, key exchange used with SSL/TLS (RSA, DSA, Diffie Hellman, Elliptic Curves, AES, RC4, etc…);
- Identify vulnerable TLS services and recognize which attack techniques is possible to apply on specific contexts;
- Practice the exploitation of TLS/SSL services through the usage of public and not-yet-public exploits (all source code will be released for free as part of class materials).
- Learn how to create and develop your own TLS crypto exploits;
- Learn how to protect TLS services;
- Understand cryptography best practices and why it is so important to follow them.
- Introduction to protocols SSLv2 and SSLv3
- Introduction to Digital Certificates (chain, CRL, etc…) and digital signatures
- Attacking TLS via MiTM: the easy way
- Weaknesses of SSLv2 and SSLv3: theoretical and practical exploitation
- Introduction and breaking of TLS extensions (renegotiation and sons…)
- Implementation-specific bugs with Heartbleed, Ticketbleed, CCS Injection and sons… – (Part 1)
- Introduction to protocols TLSv1 and TLSv1.1
- Meet RSA, DSA and Diffie Hellman
- Theory and practice of attacking authentication algorithms – Part 1
- Theory and practice of attacking key-exchange algorithms – Part 1
- Theory and practice of attacking SSL/TLS via data compression
- Attacking export-grade ciphers
- Introduction to protocols TLSv1.2 and TLSv1.3 (draft)
- Elliptic curves here they come: meet ECDSA, ECDH, ECDHE
- Theory and practice of attacking authentication algorithms – Part 2
- Theory and practice of attacking key-exchange algorithms – Part 2
- Implementation-specific bugs with Heartbleed, Ticketbleed, CCS Injection and sons… – (Part 2)
- X509 and digital certificates dissection
- Digital certificate tampering with MD5 and SHA1
- Online Certificate Status Protocol and OCSP Stapling
The training is suitable both for penetration testers, system administrator/devops and students. The level is for BEGINNER.
Attendees are expected to have a basic understanding of TLS and a rudimentary knowledge of math. If you know how to multiply, divide or compute the remainder of two numbers that’s enough! We will bring you to a level of expertise on TLS, crypto algorithms and attacks that you would not have ever imagined before to join the course.
Attendees should bring their own laptop with a working version of Virtualbox installed. The laptop should be powerful enough to contemporary run a couple of virtual machines on virtualbox, equipped with a wireless network adapter and no more than 20 GB of disk space. Administrative access to the laptop is also required since you may need to install/configure missing components. We will provide all the VMs and software for this course.
Some of the Marco’s feedback at Blackhat USA 2016:
This was an awesome session. Marco effortlessly and elegantly described a complex vulnerability and demonstrated how to exploit it using tools he created that before were not available. The best session I attended!
Exceptional speaker, informative topic, well written materials and organised demo, wonderful demo materials.
Best talk I saw at blackhat/defcon.
Awesome speaker and his POC was awesome!
Great job. clear and good sequence.
‘Marco Ortisi launched into an elegant overview of RSA, the theory of the attack, and then demonstrated it using tools he had developed’
Marco Ortisi is both an international speaker and independant penetration tester. Netizen since 1996, he has literally grown up on “bread and vulnerability research”, by studying new attack techniques and developing alternative defense methods.In more than 18 years as a Penetration Tester, Marco has worked for several big companies and organizations mainly operating in EMEA (Europe and Middle East) by helping them to improve their IT security posture.
As an international speaker, Marco has presented to several cybersecurity conferences around the world (including Blackhat USA) and given dozens of trainings for government, telco and financials institutions. During his professional career as security consultant, Marco has often developed tools aimed to verify vulnerabilities and flaws affecting crypto implementations, such as the ones shown and released at Blackhat Conference at his talk titled “Recover a RSA private key from a TLS session with Perfect Forward Secrecy.
Mon. 2 - 4 October 2017 (09:00 - 17:00) (3-day) - Novotel Ghent Centrum