Nicholas Sullivan Systems Engineer

CloudFlare@grittygrease

Running Secure Server Software on Insecure Hardware without a Parachute

What this talk is aboutu The web is changing — consolidation at the edge u Fundamental assumptions about server security are wrong u How do we design server software with the worst case in mind?

u Distinguish between long and short term secrets u Devise approaches for protecting each

2

Let’s Talk About Web Infrastructure

4

Global Website Traffic

5

Global Website Traffic with CDN

6

Current Map

7

Future Map

8

Future Map

9

Edge Computing Threat Model

Traditional server threat modelu Assume server is secure u Add layers of protection to keep attackers out

u Network layer protection u Operating System Level: principle of least privilege u Protection against maliciously installed code u More advanced barriers

11

Globally distributed serversu Less jurisdictional control = less physical security u Physical access trumps static defense layers !

u Traditional defenses helpful, but not ideal u Cannot rely on security of keys u Single break-in results in immediate compromise

12

A More Effective Approach

Approach system security the ‘DRM way’u Assume attacker has bypassed all static defenses u Goal is to refresh secrets before they are compromised u Split system into long-term secrets and short-term secrets u Focus on renewability of secrets

14

Secrets must be split into two tiersu Long-term Secrets

u Useful for attacker for long period of time u Do not store at the edge !

u Short-term Secrets u Expire after a short period of time u Cannot be re-used

15

Example: Traditional TLS terminationu TLS handshake with nginx and Apache

u SSL keys on disk u Read from disk, use in memory !

u Cryptographic elements at risk if server is compromised u Private key u Session key

16

TLS revisited for untrusted hardwareu Long term secrets

u Private key

!u Short term secrets

u Session key u Session IDs and Session ticket keys u Credentials to access private keys

17

How to Protect Short-term Secrets

Short-term secrets — threat modelu Must live on machines in unsafe locations

u Memory u Control Flow

u By the time a secret is broken, it should be expired u Don’t keep secrets in a useable state u Impose computational cost to retrieve the original secret u Expire secrets quickly

!

19

Techniques from DRM are applicableu White-box cryptography u Code obfuscation

20

Standard Cryptography Threat Model

21

Alice Bob

Eve

White-box Cryptography Threat Model

22

Alice Bob

Eve

White-box Cryptography Threat Model

23

Aleve Bob

White-box cryptographyu Hide the cryptographic key from everyone u Protect against key extraction in the strongest threat model !

u Takes time to extract key — lots of math u Choose difficulty based on secret lifetime

24

White-box cryptography implementations

25

u Commercial products u Irdeto, Arxan, SafeNet, etc.

u Open source u OpenWhiteBox

Code obfuscation

26

Code obfuscationu Making reverse engineering difficult

u Compile-time control-flow modification u Data transformation in memory u Anti-debugging

27

Before

28

After

29

Code obfuscation implementationsu Commercial products

u Arxan, Irdeto, etc. u Open source

u Obfuscator-LLVM

30

Long-term Secrets

Keyless SSLu SSL without keys? Surely you’re joking. u SSL without keys at the edge. That’s better.

32

How Keyless SSL Worksu Split the TLS state machine geographically

u Perform private key operation at site owner’s facility (in HSM, etc) u Perform rest of handshake at edge u Communicate with signing server over mutually authenticated TLS

33

Keyless SSL Diagram

34

35

Conclusion

Conclusionu Untrusted hardware requires a new approach

u Split secrets into long-term and short-term u Design for rapid renewal — replace secrets faster than they can be

broken u Leverage short-term secrets to access long-term secrets

37