Embed Size (px)
Citation preview
Public Key Infrastructure Public Key Infrastructure – – Deep Dive PKI session SHOWING Deep Dive PKI session SHOWING you how to embrace PKI you how to embrace PKI
Steve LambSteve Lamb
[email protected]@microsoft.com
http://blogs.technet.com/steve_lambhttp://blogs.technet.com/steve_lamb
IT Pro Security EvangelistIT Pro Security Evangelist
Microsoft LtdMicrosoft Ltd
AgendaAgenda
What can PKI enableWhat can PKI enable
Let’s review the theoryLet’s review the theory
Introducing our Demonstration EnvironmentIntroducing our Demonstration Environment
Secure Web PublishingSecure Web Publishing
Secure EmailSecure Email
Secure FilesSecure Files
RecommendationsRecommendations
What can PKI enable?What can PKI enable?
Secure Email – sign and/or encrypt messages
Secure browsing – SSL – authentication and encryption
Secure code – authenticode
Secure wireless – PEAP & EAP-TLS
Secure documents – Rights Management
Secure networks – segmentation via IPsec
Secure files – Encrypted File System(EFS)
Let’s review the theory…Let’s review the theory…
SecuritySecurityDefense in DepthDefense in Depth
Data and Resources
Application Defenses
Host Defenses
Network Defenses
Perimeter Defenses
Symmetric Key CryptographySymmetric Key Cryptography
EncryptionEncryption
““The quick The quick brown fox brown fox jumps over jumps over the lazy the lazy dog”dog”
““AxCv;5bmEseTfid3)AxCv;5bmEseTfid3)fGsmWe#4^,sdgfMwifGsmWe#4^,sdgfMwir3:dkJeTsY8R\s@!r3:dkJeTsY8R\s@!q3%”q3%”
““The quick The quick brown fox brown fox jumps over jumps over the lazy the lazy dog”dog”
DecryptionDecryption
Plain-text inputPlain-text input Plain-text outputPlain-text outputCipher-textCipher-text
Same keySame key(shared secret)(shared secret)
Public Key EncryptionPublic Key Encryption
EncryptionEncryption
““The quick The quick brown fox brown fox jumps over jumps over the lazy the lazy dog”dog”
““Py75c%bn&*)9|Py75c%bn&*)9|fDe^bDFaq#xzjFr@gfDe^bDFaq#xzjFr@g5=&nmdFg$5knvMd’r5=&nmdFg$5knvMd’rkvegMs”kvegMs”
““The quick The quick brown fox brown fox jumps over jumps over the lazy the lazy dog”dog”
DecryptionDecryption
Clear-text InputClear-text Input Clear-text OutputClear-text OutputCipher-textCipher-text
DifferentDifferent keys keys
Recipient’s Recipient’s public keypublic key
Recipient’s Recipient’s private keyprivate key
privatprivatee
publicpublic
Hybrid Encryption (Real World)Hybrid Encryption (Real World)
As above, repeated As above, repeated for other recipientsfor other recipientsor recovery agentsor recovery agents
DigitalDigitalEnvelopeEnvelope
Other recipient’s or Other recipient’s or agent’s agent’s publicpublic key key (in certificate)(in certificate)in recovery policyin recovery policy
Launch keyLaunch keyfor nuclearfor nuclear
missile missile ““RedHeat” RedHeat”
is...is...
Symmetric key Symmetric key encrypted asymmetrically encrypted asymmetrically
(e.g., RSA)(e.g., RSA)
Digital Digital EnvelopeEnvelope
User’sUser’spublicpublic key key(in certificate)(in certificate)
RNGRNG
Randomly-Randomly-Generated Generated symmetricsymmetric“session” key “session” key
SymmetricSymmetric encryption encryption(e.g. DES)(e.g. DES)
*#$fjda^j*#$fjda^ju539!3tu539!3t
t389E *&\@t389E *&\@5e%32\^kd5e%32\^kd
Introducing our Introducing our demonstration environmentdemonstration environment
Network InfrastructureNetwork Infrastructure
Certification AuthorityCertification Authority
Installed on the DC for simplicityInstalled on the DC for simplicity
In production use a multi-level hierarchyIn production use a multi-level hierarchy
Enterprise Installation – integrated with ADEnterprise Installation – integrated with AD
Secure Web PublishingSecure Web Publishing
Application Layer Application Layer ContentContent
????????????????????????????????????????????
A Traditional Firewall’s ViewA Traditional Firewall’s Viewof a Packetof a Packet
Only packet headers are inspectedOnly packet headers are inspected
Application layer content appears as “black box”Application layer content appears as “black box”IP HeaderIP Header
Source Address,Dest. Address,
TTL, Checksum
TCP TCP HeaderHeaderSequence Number
Source Port,Destination Port,
Checksum
Forwarding decisions based on port numbersForwarding decisions based on port numbers
Legitimate traffic and application layer attacks use identical portsLegitimate traffic and application layer attacks use identical ports
Internet Expected HTTP Traffic
Unexpected HTTP Traffic
Attacks
Non-HTTP Traffic
Corporate Network
ISA Server’s View of a PacketISA Server’s View of a Packet
Application Layer Application Layer ContentContent
<html><head><meta http- quiv="content-type" content="text/html;
charset=UTF-8"><title>MSNBC - MSNBC
Front Page</title><link rel="stylesheet"
IP HeaderIP HeaderSource Address,Dest. Address,
TTL, Checksum
TCP TCP HeaderHeaderSequence Number
Source Port,Destination Port,
Checksum
Forwarding decisions based on contentForwarding decisions based on content
Only legitimate and allowed traffic is processedOnly legitimate and allowed traffic is processed
Internet Expected HTTP Traffic
Unexpected HTTP Traffic
Attacks
Non-HTTP Traffic
Corporate Network
Packet headers and application content are inspectedPacket headers and application content are inspected
Configure IIS for HTTPSConfigure IIS for HTTPS
Populate sitePopulate site
Enrol for web server certificateEnrol for web server certificate
Configure SSLConfigure SSL
Configure ISA for SSLConfigure ISA for SSL
Copy web server cert to ISACopy web server cert to ISA
Publish the web serverPublish the web server
Use the Wizard!Use the Wizard!
Create an SSL listenerCreate an SSL listener
Secure EmailSecure Email
How Exchange RPC WorksHow Exchange RPC Works
ServiceService UUIDUUID PortPort
ExchangeExchangeInfo StoreInfo Store
{0E4A0156-DD5D-11D2-8C2F-{0E4A0156-DD5D-11D2-8C2F-00CD4FB6BCDE}00CD4FB6BCDE}
44024402
Active Active DirectoryDirectory
{E35114235-4B06-11D1-AB04-{E35114235-4B06-11D1-AB04-00C04C2DCD2}00C04C2DCD2}
35443544
Performance Performance MonitorMonitor
{A00C021C-2BE2-11D2-B678-{A00C021C-2BE2-11D2-B678-0000F87A8F8E}0000F87A8F8E}
92339233
RPC Server (Exchange)
RPC Client (Outlook)
TCP 135:
Port for {
0E4A…}Port 4402:
Data
The RPC server maintains a table of Universally Unique Identifiers (UUID) and assigned port
1
The client connects to TCP port 135 on the server to query for the port associated with a UUID
2
The server responds with theassociated port
3
The client reconnects to server on the designated port to access Exchange Server
4
Server: Port
4402
Internet
RPC and Traditional FirewallsRPC and Traditional Firewalls
Open port 135 for Open port 135 for incoming trafficincoming traffic
Open every port that Open every port that RPC RPC mightmight use for use for incoming trafficincoming traffic
RPC Server (Exchange)
RPC Client (Outlook)
TCP 135:
Port fo
r {0E4A…
?
Port 4402:
Data
Server:
Port
4402
Traditional firewalls can’t Traditional firewalls can’t provide provide securesecure RPC access RPC accessTraditional firewalls can’t Traditional firewalls can’t provide provide securesecure RPC access RPC access
Internet
RPC and ISA ServerRPC and ISA ServerRPC Server (Exchange)
RPC Client (Outlook)
TCP 135:
Port fo
r {0E4A…
?
Port 4402:
Data
Server:
Port
4402
Internet
Initial connectionInitial connection
Only allows valid RPC trafficOnly allows valid RPC traffic
Blocks non-Exchange queriesBlocks non-Exchange queries
Secondary connectionSecondary connection
Only allows connectionOnly allows connectionto port used byto port used byExchangeExchange
EnforcesEnforcesencryptionencryption
ISA Server enables secure ISA Server enables secure remote e-mail access using remote e-mail access using
OutlookOutlook
ISA Server enables secure ISA Server enables secure remote e-mail access using remote e-mail access using
OutlookOutlook
Configure Secure EmailConfigure Secure Email
Request a “user” certRequest a “user” cert
Configure Outlook to use the certConfigure Outlook to use the cert
Send Signed / Encrypted messageSend Signed / Encrypted message
Secure FilesSecure Files
Protecting files (“Stop thief!”)Protecting files (“Stop thief!”)
BIOS passwordsBIOS passwordsNot universally supportedNot universally supportedPretty much no recovery if you forget!Pretty much no recovery if you forget!
Good passwordsGood passwordsMitigate “pass-the-hash” attacksMitigate “pass-the-hash” attacks
SysKey mode 3SysKey mode 3Useful mostly for protecting local accountsUseful mostly for protecting local accountsUse system restore disk if you forgetUse system restore disk if you forget
Encrypting file system (EFS)Encrypting file system (EFS)Transparent to applications and usersTransparent to applications and usersComputationally infeasible to break (domain accts or SysKey 3)Computationally infeasible to break (domain accts or SysKey 3)MustMust implement recovery agents; better with domain and PKI implement recovery agents; better with domain and PKI
EFS operationEFS operation
Assumptions: domain accounts, enterprise CA, Windows Server 2003, Windows XP
EFS certificate requestEFS certificate requestwith public EFS keywith public EFS key
generate generate public and public and
private private EFS keysEFS keys
public key bound to public key bound to cert; store cert and cert; store cert and private key in profileprivate key in profile
generate file generate file encryption keyencryption key
encrypt FEK encrypt FEK with EFS with EFS
keykey
encrypt FEK encrypt FEK with default with default
recovery agentrecovery agent
Avoid EFS “gotchas”Avoid EFS “gotchas”Back up that EFS certificate and the keys!Back up that EFS certificate and the keys!
You will lose accessYou will lose access if you have no PKI or DRA if you have no PKI or DRA
CIPHER /XCIPHER /X command command store on USB drive store on USB drive
Also export local DRA and remove from computerAlso export local DRA and remove from computer
Eliminate plain-text “shreds”Eliminate plain-text “shreds”
Encrypt folders, not filesEncrypt folders, not files
CIPHER /WCIPHER /W wipe slack space: 00-FF-random wipe slack space: 00-FF-random
Please, just use an enterprise CAPlease, just use an enterprise CA
Set up for auto-enrollmentSet up for auto-enrollment
Configure DRA in group policyConfigure DRA in group policy
Now you won’t have any worriesNow you won’t have any worries
RecommendationsRecommendationsDon’t be scared of PKI!Don’t be scared of PKI!
Set up a test environment to enable you to “play”Set up a test environment to enable you to “play”
Minimise the scope of your first implementationMinimise the scope of your first implementation
Read up on CP & CPSRead up on CP & CPS
Document the purpose and operating Document the purpose and operating procedures of your PKIprocedures of your PKI
SummarySummary
Cryptography is a rich and amazingly mature Cryptography is a rich and amazingly mature fieldfield
We all rely on it, everyday, with our livesWe all rely on it, everyday, with our lives
Know the basics and make good choices Know the basics and make good choices avoiding common pitfallsavoiding common pitfalls
Plan your PKI earlyPlan your PKI early
Avoid very new and unknown solutionsAvoid very new and unknown solutions
ReferencesReferences
Visit www.microsoft.com/security Visit www.microsoft.com/security
Read sci.crypt (incl. archives)Read sci.crypt (incl. archives)
For more detail, read:For more detail, read:Cryptography: An Introduction, Cryptography: An Introduction, N. Smart, McGraw-Hill, ISBN 0-07-709987-7N. Smart, McGraw-Hill, ISBN 0-07-709987-7
Practical Cryptography, Practical Cryptography, N. Ferguson & B. Schneier, Wiley, ISBN 0-471-22357-3N. Ferguson & B. Schneier, Wiley, ISBN 0-471-22357-3
Contemporary Cryptography, Contemporary Cryptography, R. Oppliger, Artech House, ISBN 1-58053-642-5 (to R. Oppliger, Artech House, ISBN 1-58053-642-5 (to be published May 2005, see http://www.esecurity.ch/Books/cryptography.html)be published May 2005, see http://www.esecurity.ch/Books/cryptography.html)
Applied CryptographyApplied Cryptography, B. Schneier, John Wiley & Sons, ISBN 0-471-11709-9, B. Schneier, John Wiley & Sons, ISBN 0-471-11709-9
Handbook of Applied CryptographyHandbook of Applied Cryptography, A.J. Menezes, CRC Press, ISBN 0-8493-, A.J. Menezes, CRC Press, ISBN 0-8493-8523-7, 8523-7, www.cacr.math.uwaterloo.ca/hacwww.cacr.math.uwaterloo.ca/hac (free PDF) (free PDF)PKI, PKI, A. Nash et al., RSA Press, ISBN 0-07-213123-3A. Nash et al., RSA Press, ISBN 0-07-213123-3
Foundations of CryptographyFoundations of Cryptography, O. Goldereich, , O. Goldereich, www.eccc.uni-trier.de/eccc-local/ECCC-Books/oded_book_readme.htmlwww.eccc.uni-trier.de/eccc-local/ECCC-Books/oded_book_readme.html
Cryptography in C and C++Cryptography in C and C++, M. Welschenbach, Apress, , M. Welschenbach, Apress, ISBN 1-893115-95-X (includes code samples CD)ISBN 1-893115-95-X (includes code samples CD)
Copyright 2004 © Project Botticelli Ltd & Microsoft Corp. E&OE. For informational purposes only. No warranties of Copyright 2004 © Project Botticelli Ltd & Microsoft Corp. E&OE. For informational purposes only. No warranties of any kind are made and you have to verify all information before relying on it. You can re-use this presentation as any kind are made and you have to verify all information before relying on it. You can re-use this presentation as
long as you read, agree, and follow the guidelines described in the “Comments” field in File/Properties.long as you read, agree, and follow the guidelines described in the “Comments” field in File/Properties.
Thanks to Rafal Lukawiecki for providing some of the content Thanks to Rafal Lukawiecki for providing some of the content for this presentation deck – his contact details are as for this presentation deck – his contact details are as follows…follows…
[email protected]@projectbotticelli.co.uk
Strategic Consultant, Project Botticelli LtdStrategic Consultant, Project Botticelli Ltd
