Lessons (to be) Learned from Handling OpenSSL Vulnerabilities

Lessons (to be) Learned from Handling OpenSSL Vulnerabilities

+1$&35

20141122

Copyright2014 JPCERT/CC All rights reserved. 1

+1$&35$$0QFO44-

Copyright2014 JPCERT/CC All rights reserved.

OpenSSL ! (SSL/TLS/DTLS) ! ! Apache License 1.0 ! LibreSSL (OpenBSD) boringssl (Google)

! !

Android (SSLSocketFactory), Chrome for Android

2


SSL/TLS (2014)! OpenSSL

3

48 JVNVU#94401838 OpenSSL heartbeat

66 JVN#61247051 OpenSSL Change Cipher Spec

811 JVNVU#93614707 OpenSSL

1016 JVNVU#98283300 SSLv3 (POODLE )


SSL/TLS (2014)!

JVN11 Android

! SslError US(FTC)2

! 2014 JPCERT SSL/TLS

https://k-of.jp/2014/session/563

4


20

5 7

8 8

11

3 3 5

1 4

7

4

2014 2013 2012 2011 2010 2009 2008 2007 2006 2005 2004 2003 2002 0

5

10

15

20

25

OpenSSL

()

IUUQTXXXPQFOTTMPSHOFXTWVMOFSBCJMJUJFTIUNM


6

IPA ()

JPCERT/CC()

JVN()

SIer

CERT/CCNCSC-FI

()


5IF)FBSUCMFFE#VH

7


Heartbleed ! TLS ! OpenSSL 1.0.1 ! Codenomicon

Google

8


+1$&35

9

46() 20:08 NCSC-FI Jussi

FI OpenSSL 2

CVE

47() 16 NCSC-FI JPCERT/CC22:24 CERT/CC vultures

CVE-2014-0346

65$

+7/

49() 15:46 IIJ VS

411() 12:48 VS

48() 08:18 09:48 CERT/CC 11:42 CERT/CC OpenSSL Cloudflare 15:00 JVN 50


0QFO44-

10

46() 20:08 NCSC-FI Jussi

FI OpenSSL 2

CVE

47() 16 NCSC-FI JPCERT/CC22:24 CERT/CC vultures

CVE-2014-0346

65$

49() 15:46 IIJ VS

411() 12:48 VS

41 Google OpenSSL Google

47 14:56 OpenSSL Red Hat 15:10 Red Hat oss-security distros 9 OpenSSL distro 17:15 SuSE 17:16 Debian 17:49 FreeBSD 19:00 AltLinux 20:30 Ubuntu () 23:14 Gentoo ()

48() 08:18 09:48 CERT/CC 11:42 CERT/CC OpenSSL Cloudflare 15:00 JVN 50

48() 00:19 FI Mark Cox / Ben Laurie Codenomicon 01:11 OpenSSL 2

02:25 OpenSSL 03:39 OpenSSL


! 0QFO44--JOVY%JTUSP3FE)BU4V4&%FCJBO'SFF#4%"MU-JOVY EJTUSP PTTTFDVSJUZ

! "LBNBJ$MPVEBSF'BDFCPPL(PPHMF

! 5IF4ZEOFZ.PSOJOH)FSBME)FBSUCMFFEEJTDMPTVSFUJNFMJOFXIPLOFXXIBUBOEXIFO

11


Lessons Learned! (JPCERT, CERT/CC, NCSI-FI)

! OpenSSL

12


$$4*OKFDUJPO7VMOFSBCJMJUZ

13


CCS Injection ! (

)change_cipher_spec

!

! OpenSSL http://www.iij-ii.co.jp/lab/seminars/

14


CCS Injection


SSL/TLS

16


+1$&35

17

*1"

0QFO44- $&35$$

$&35$$ /$4$'*

0QFO44-/$4$'* +7/XEBZTEBZT


+1$&35

$&35$$

/$4$'*

*1"

ML (oss-distros)

-JOVY'SFF#4%

CCS Injection


1

19

OpenSSL OpenSSL JPCERT


1OpenSSL 1. OpenSSL 2. JPCERT JVN 3. oss-security ML

OpenSSL

JVN JPCERT/CC CERT/CC

ex. POODLE20


2

21

1

+1$&35$$044 044 044

0QFO44-


2! 044#*/%"QBDIF5PNDBU

!

22


Lessons (to be) Learned

23


+1$&35

!

OpenSSL OpenSSL 61

!

24


+1$&35

! IIJ IIJ

25


+1$&350QFO44-

! IPA/JPCERTCERT/CCOpenSSL3

OpenSSL x 3++ !

26


+1$&35$&35$$]/$4$'*

! ML (vultures)

! Next vultures F2F meeting 2015@RSA Conference US Vendor

27


! JPCERT/CC, IPA CERT3

! JPCERT/CC, CERT/CC, NCSC-FI NDA

! JPCERT/CC CVE

! Adobe, Apple, Google, Android, OpenSSL etc

! JPCERT/CC Responsible Disclosure

28


OSS! 2

!

!

acknowledge 29


OpenSSL

30


0QFO44-4FDVSJUZ1PMJDZ

! IUUQTXXXPQFOTTMPSHBCPVUTFDQPMJDZIUNM

! Y

! 04EJTUSP

31


*4$7VMOFSBCJMJUZ%JTDMPTVSF1PMJDZ

! *4$ 7VMOFSBCJMJUZ%JTDMPTVSF1PMJDZ

! #FGPSF+1$&35

! "GUFS%/4 04

! +1$&35$$ *4$ "1$&351BD$&35"GSJDB$&35

! IUUQTLCJTDPSHBSUJDMF""

32


5IBOLZPV


OpenSSL Security Policy Last modified 7th September 2014

34


*OUSPEVDUJPO3FDFOUBXTIBWFDBQUVSFEUIFBUUFOUJPOPGUIFNFEJBBOEIJHIMJHIUFEIPXNVDIPGUIFJOUFSOFUJOGSBTUSVDUVSFJTCBTFEPO0QFO44-8FWFOFWFSQVCMJTIFEPVSQPMJDZPOIPXXFJOUFSOBMMZIBOEMFTFDVSJUZJTTVFTUIBUQSPDFTTCFJOHCBTFEPOFYQFSJFODFBOEIBTFWPMWFEPWFSUIFZFBST0QFO44-0QFO44-0QF44-

35


3FQPSUJOHTFDVSJUZJTTVFT

8FIBWFBOFNBJMBEESFTTXIJDIDBOCFVTFEUPOPUJGZVTPGQPTTJCMFTFDVSJUZWVMOFSBCJMJUJFT"TVCTFUPG0QFO44-UFBNNFNCFSTSFDFJWFUIJTNBJMBOENFTTBHFTDBOCFTFOUVTJOH1(1FODSZQUJPO'VMMEFUBJMTBSFBUIUUQTXXXPQFOTTMPSHOFXTWVMOFSBCJMJUJFTIUNM0QFO44-1(1 IUUQTXXXPQFOTTMPSHOFXTWVMOFSBCJMJUJFTIUNM8IFOXFBSFOPUJFEBCPVUBOJTTVFXFFOHBHFSFTPVSDFTXJUIJOUIF0QFO44-UFBNUPJOWFTUJHBUFBOEQSJPSJUJTFJU8FNBZBMTPVUJMJTFSFTPVSDFTGSPNUIFFNQMPZFSTPGPVSUFBNNFNCFSTBTXFMMBTPUIFSTXFIBWFXPSLFEXJUICFGPSF0QFO44-PQFOTTMTFDVSJUZ!PQFOTTMPSH LFZ*%"0QFO44-$PSFBOE%FWFMPQNFOU5FBN1(1

36


#BDLHSPVOE&WFSZPOFXPVMEMJLFUPHFUBEWBODFOPUJDFPGTFDVSJUZJTTVFTJO0QFO44-5IJTJTBDPNQMFYUPQJDBOEXFOFFEUPTFUPVUTPNFCBDLHSPVOEXJUIPVSOEJOHT 0QFO44-

5IFNPSFQFPQMFZPVUFMMJOBEWBODFUIFIJHIFSUIFMJLFMJIPPEUIBUBMFBLXJMMPDDVS8FIBWFTFFOUIJTIBQQFOCFGPSFCPUIXJUI0QFO44-BOEPUIFSQSPKFDUT0QFO44-

"IVHFOVNCFSPGQSPEVDUTGSPNBOFRVBMMZMBSHFOVNCFSPGPSHBOJTBUJPOTVTF0QFO44-*UTOPUKVTUTFDVSFXFCTJUFTZPVSFKVTUBTMJLFMZUPOE0QFO44-JOTJEFZPVSTNBSU57DBSPSGSJEHF 0QFO44-0QFO44-57

8FTUSPOHMZCFMJFWFUIBUUIFSJHIUUPBEWBODFQBUDIFTJOGPTIPVMEOPUCFCBTFEJOBOZXBZPOQBJENFNCFSTIJQUPTPNFGPSVN:PVDBOOPUQBZVTUPHFUTFDVSJUZQBUDIFTJOBEWBODF

8FDBOCFOFUGSPNQFFSSFWJFXPGUIFQBUDIFTBOEBEWJTPSZ,FFQJOHTFDVSJUZJTTVFTQSJWBUFNFBOTUIFZDBOUHFUUIFMFWFMPGUFTUJOHPSTDSVUJOZUIBUUIFZPUIFSXJTFXPVME

*UJTOPUBDDFQUBCMFGPSPSHBOJTBUJPOTUPVTFBEWBODFOPUJDFJONBSLFUJOHBTBDPNQFUJUJWFBEWBOUBHF'PSFYBNQMFJGZPVIBECPVHIUPVSQSPEVDUVTFEPVSTFSWJDFZPVXPVMEIBWFCFFOQSPUFDUFEBXFFLBHP

37


#BDLHSPVOE5IFSFBSFBDUVBMMZOPUBMBSHFOVNCFSPGTFSJPVTWVMOFSBCJMJUJFTJO0QFO44-XIJDINBLFJUXPSUITQFOEJOHTJHOJDBOUUJNFLFFQJOHPVSPXOMJTUPGWFOEPSTXFUSVTUPSTJHOJOHGSBNFXPSLBHSFFNFOUTPSEFBMJOHXJUIDIBOHFTBOEQPMJDJOHUIFQPMJDZ5IJTJTBTJHOJDBOUBNPVOUPGFPSUQFSJTTVFUIBUJTCFUUFSTQFOUPOPUIFSUIJOHT 0QFO44-

8FIBWFQSFWJPVTMZVTFEUIJSEQBSUJFTUPIBOEMFOPUJDBUJPOGPSVTJODMVEJOH$1/*P$&35PS$&35$$CVUOPOFXFSFTVJUBCMF $1/*P$&35$&35$$*UTJOUIFCFTUJOUFSFTUTPGUIF*OUFSOFUBTBXIPMFUPHFUYFTGPS0QFO44-TFDVSJUZJTTVFTPVURVJDLMZ0QFO44-FNCBSHPFTTIPVMECFNFBTVSFEJOEBZTBOEXFFLTOPUNPOUITPSZFBST0QFO44-0QFO44-

.BOZTJUFTBFDUFECZ0QFO44-JTTVFTXJMMCFSVOOJOHBWFSTJPOPG0QFO44-UIFZHPUGSPNTPNFWFOEPSBOEMJLFMZCVOEMFEXJUIBOPQFSBUJOHTZTUFN5IFNPTUFFDUJWFXBZGPSUIFTFTJUFTUPHFUQSPUFDUFEJTUPHFUBOVQEBUFEWFSTJPOGSPNUIBUWFOEPS4JUFTXIPVTFUIFJSPXO0QFO44-DPNQJMBUJPOTTIPVMECFBCMFUPIBOEMFBRVJDLQBUDIBOESFDPNQJMFPODFUIFJTTVFJTQVCMJD0QFO44-0QFO44-040QFO44-

38


0QFO44-*OUFSOBMIBOEMJOHPGTFDVSJUZJTTVFT5IJTMFBETVTUPPVSQPMJDZGPSTFDVSJUZJTTVFTOPUJFEUPVTPSGPVOECZPVSUFBNXIJDIBSFOPUZFUQVCMJDQSJWBUFNFBOTLFQUXJUIJOUIF0QFO44-EFWFMPQNFOUUFBNQSJWBUF 0QFO44-8FXJMMEFUFSNJOFUIFSJTLPGFBDIJTTVFCFJOHBEESFTTFE8FXJMMUBLFJOUPBDDPVOUPVSFYQFSJFODFEFBMJOHXJUIQBTUJTTVFTWFSTJPOTBFDUFEDPNNPOEFGBVMUTBOEVTFDBTFT8FEJWJEFUIFJTTVFTJOUPUIFGPMMPXJOHDBUFHPSJFT

39


0QFO44-*OUFSOBMIBOEMJOHPGTFDVSJUZJTTVFT MPXTFWFSJUZJTTVFT5IJTJODMVEFTJTTVFTTVDIBTUIPTFUIBUPOMZBFDUUIFPQFOTTMDPNNBOEMJOFVUJMJUZVOMJLFMZDPOHVSBUJPOTPSIBSEUPFYQMPJUUJNJOHTJEFDIBOOFMBUUBDLT5IFTFXJMMJOHFOFSBMCFYFEJNNFEJBUFMZJOMBUFTUEFWFMPQNFOUWFSTJPOTBOENBZCFCBDLQPSUFEUPPMEFSWFSTJPOTUIBUBSFTUJMMHFUUJOHVQEBUFT8FXJMMVQEBUFUIFWVMOFSBCJMJUJFTQBHFBOEOPUFUIFJTTVF$7&JOUIFDIBOHFMPHBOEDPNNJUNFTTBHFCVUUIFZNBZOPUUSJHHFSOFXSFMFBTFT

PQFOTTMDIBOHFMPH$7&

NPEFSBUFTFWFSJUZJTTVFT5IJTJODMVEFTJTTVFTMJLFDSBTIFTJODMJFOUBQQMJDBUJPOTBXTJOQSPUPDPMTUIBUBSFMFTTDPNNPOMZVTFETVDIBT%5-4

BOEMPDBMBXT5IFTFXJMMJOHFOFSBMCFLFQUQSJWBUFVOUJMUIFOFYUSFMFBTFBOEUIBUSFMFBTFXJMMCFTDIFEVMFETPUIBUJUDBOSPMMVQTFWFSBMTVDIBXTBUPOFUJNF

%5-4

IJHITFWFSJUZJTTVFT5IJTJODMVEFTJTTVFTBFDUJOHDPNNPODPOHVSBUJPOTXIJDIBSFBMTPMJLFMZUPCFFYQMPJUBCMF&YBNQMFTJODMVEFBTFSWFS%P4BTJHOJDBOUMFBLPGTFSWFSNFNPSZBOESFNPUFDPEFFYFDVUJPO5IFTFJTTVFTXJMMCFLFQUQSJWBUFBOEXJMMUSJHHFSBOFXSFMFBTFPGBMMTVQQPSUFEWFSTJPOT8FXJMMBUUFNQUUPLFFQUIFUJNFUIFTFJTTVFTBSFQSJWBUFUPBNJOJNVNPVSBJNXPVMECFOPMPOHFSUIBOBNPOUIXIFSFUIJTJTTPNFUIJOHVOEFSPVSDPOUSPMBOETJHOJDBOUMZRVJDLFSJGUIFSFJTBTJHOJDBOUSJTLPSXFBSFBXBSFUIFJTTVFJTCFJOHFYQMPJUFE

%P4

40


0QFO44-*OUFSOBMIBOEMJOHPGTFDVSJUZJTTVFT%VSJOHUIFJOWFTUJHBUJPOPGJTTVFTXFNBZXPSLXJUIJOEJWJEVBMTBOEPSHBOJTBUJPOTXIPBSFOPUPOUIFEFWFMPQNFOUUFBN8FEPUIJTCFDBVTFQBTUFYQFSJFODFIBTTIPXOUIBUUIFZDBOBEEWBMVFUPPVSVOEFSTUBOEJOHPGUIFJTTVFBOEUIFBCJMJUZUPUFTUQBUDIFT*ODBTFTXIFSFQSPUPDPMTBSFBFDUFEUIJTJTUIFCFTUXBZUPNJUJHBUFUIFSJTLUIBUBQPPSMZSFWJFXFEVQEBUFDBVTFTTJHODJBOUCSFBLBHFPSUPEFUFDUJGJTTVFTBSFCFJOHFYQMPJUFEJOUIFXJME8FIBWFBTUSJDUQPMJDZPOXIBUUIFTFPSHBOJTBUJPOTBOEJOEJWJEVBMTDBOEPXJUIUIFJOGPSNBUJPOBOEXJMMSFWJFXUIFOFFEPOBDBTFCZDBTFCBTJT

41


1SFOPUJDBUJPOQPMJDZ8IFSFXFBSFQMBOOJOHBOVQEBUFUIBUYFTTFDVSJUZJTTVFTXFXJMMOPUJGZUIFPQFOTTMBOOPVODFMJTUBOEVQEBUFUIFIPNFQBHFUPHJWFPVSTDIFEVMFEVQEBUFSFMFBTFEBUFBOEUJNFBOEUIFTFWFSJUZPGJTTVFTCFJOHYFECZUIFVQEBUF/PGVUIFSJOGPSNBUJPOBCPVUUIFJTTVFTXJMMCFHJWFO5IJTJTUPBJEPSHBOJTBUJPOTUIBUOFFEUPFOTVSFUIFZIBWFTUBBWBJMBCMFUPIBOEMFUSJBHJOHPVSBOOPVODFNFOUBOEXIBUJUNFBOTUPUIFJSPSHBOJTBUJPOPQFOTTMBOOPVODF'PSVQEBUFTUIBUJODMVEFIJHITFWFSJUZJTTVFTXFXJMMBMTPQSFOPUJGZXJUINPSFEFUBJMTBOEQBUDIFT0VSQPMJDZJTUPMFUUIFPSHBOJTBUJPOTUIBUIBWFBHFOFSBMQVSQPTF04UIBUVTFT0QFO44-IBWFBGFXEBZTOPUJDFJOPSEFSUPQSFQBSFQBDLBHFTGPSUIFJSVTFSTBOEGFFECBDLUFTUSFTVMUT0QFO44-0404

42


1SFOPUJDBUJPOQPMJDZ8FVTFUIFNBJMJOHMJTUEFTDSJCFEBUIUUQPTTTFDVSJUZPQFOXBMMPSHXJLJNBJMJOHMJTUTEJTUSPTGPSUIJT8FNBZBMTPJODMVEFPUIFSPSHBOJTBUJPOTUIBUXPVMEPUIFSXJTFRVBMJGZGPSMJTUNFNCFSTIJQ8FNBZXJUIESBXOPUJGZJOHJOEJWJEVBMPSHBOJTBUJPOTGSPNGVUVSFQSFOPUJDBUJPOTJGUIFZMFBLJTTVFTCFGPSFUIFZBSFQVCMJDPSPWFSUJNFEPOPUBEEWBMVFWBMVFDBOCFBEEFECZQSPWJEJOHGFFECBDLDPSSFDUJPOTUFTUSFTVMUTFUDIUUQPTTTFDVSJUZPQFOXBMMPSHXJLJNBJMJOHMJTUTEJTUSPT'JOBMMZOPUFUIBUOPUBMMTFDVSJUZJTTVFTBSFOPUJFEUPVTEJSFDUMZTPNFDPNFGSPNUIJSEQBSUJFTTVDIBTDPNQBOJFTUIBUQBZGPSWVMOFSBCJMJUJFTTPNFDPNFGSPNDPVOUSZ$&35T5IFTFJOUFSNFEJBSJFTPSUIFSFTFBSDIFSTUIFNTFMWFTNBZGPMMPXBEJFSFOUTUZMFPGOPUJDBUJPO5IJTJTXJUIJOUIFJSSJHIUTBOEPVUTJEFPGUIFDPOUSPMPGUIF0QFO44-UFBN$&350QFO44-

43

Software

Lessons (to be) Learned from Handling OpenSSL Vulnerabilities