OSDev.org

The Place to Start for Operating System Developers
It is currently Tue Mar 28, 2017 11:51 am

All times are UTC - 6 hours




Post new topic Reply to topic  [ 21 posts ]  Go to page 1, 2  Next
Author Message
 Post subject: SSL/TLS
PostPosted: Sat May 07, 2016 12:08 pm 
Offline
Member
Member

Joined: Mon Dec 21, 2015 7:09 pm
Posts: 37
All,

Having implemented a (somewhat) working TLS client (Transport Layer Security, NOT Thread Local Storage), I am ready to write a Wiki entry about it.

I just wanted to confirm this is a proper topic for the osdev.org Wiki and not considered too high level.


Top
 Profile  
 
 Post subject: Re: SSL/TLS
PostPosted: Sat May 07, 2016 2:58 pm 
Offline
Member
Member
User avatar

Joined: Sun Sep 19, 2010 10:05 pm
Posts: 926
I think this is a great idea. I'd also love to have a wiki page for HTTPS that's readable and simple enough to understand the basics. Pretty much everything nowadays uses SSL/TLS, so an OS is pretty useless without it.

_________________
Project: OZone
Source: CodePlex / GitHub
Current Task: CPU Emulation

"The more they overthink the plumbing, the easier it is to stop up the drain." - Montgomery Scott


Top
 Profile  
 
 Post subject: Re: SSL/TLS
PostPosted: Sat May 07, 2016 8:17 pm 
Offline
Member
Member

Joined: Mon Dec 21, 2015 7:09 pm
Posts: 37
I've posted the first draft: http://wiki.osdev.org/SSL/TLS

I hope it is clear enough - TLS is everything but simple.


Top
 Profile  
 
 Post subject: Re: SSL/TLS
PostPosted: Sun May 08, 2016 1:38 pm 
Offline
Member
Member
User avatar

Joined: Wed Oct 18, 2006 3:45 am
Posts: 9228
Location: An der schönen blauen Donau, watching muppets
There seems to be some confusion as to what public/private/shared keys mean in common terminology.
Quote:
Private key
Symmetric encryption
That's a shared key, or quite often just "key". A private key basically implies there's a public key.
Quote:
The server sends a Server Key Exchange message, initiating the key exchange and signing it with its public key
You always use your private key, or his public key with asymmetric encryption. You don't (shouldn't?) have his private key, and conversely using your own public key has no use other than sending messages to yourself alone.


There are many errors like these, but shared keys being called private keys is by far the most common.

_________________
"Certainly avoid yourself. He is a newbie and might not realize it. You'll hate his code deeply a few years down the road." - Sortie
[ My OS ] [ VDisk/SFS ]


Top
 Profile  
 
 Post subject: Re: SSL/TLS
PostPosted: Sun May 08, 2016 6:38 pm 
Offline
Member
Member

Joined: Mon Dec 21, 2015 7:09 pm
Posts: 37
I did hear the use of the term private key for symmetric encryption. But I can use another term such as "secret key"


Top
 Profile  
 
 Post subject: Re: SSL/TLS
PostPosted: Mon May 09, 2016 6:42 am 
Offline
Member
Member
User avatar

Joined: Thu Nov 16, 2006 12:01 pm
Posts: 7019
Location: Germany
(Not having read the article, just clarifying for the thread's sake.)

Symmetric encryption means you use the same key for encryption and decryption. The (one, singular) key gets known, your encryption is broken.

Asymmetric encryption means you have two keys. Whatever is encoded with one can only be decoded with the other, and vice versa.

With asymmetric encryption, you can afford to make one of the two keys "public", keeping the other "private". Whoever wants to send you a secret message encrypts it with the (readily accessable) public key, and only you (having the private key) can decrypt the message. Likewise, you can encrypt a hash of your message using your private key, which everybody can then use to check this message is actually coming from you: If decrypting the signature with your public key yields the correct hash, the message was signed by you. (Everybody could have calculated the hash, but only you could have encrypted it with your private key.)

_________________
Every good solution is obvious once you've found it.


Top
 Profile  
 
 Post subject: Re: SSL/TLS
PostPosted: Thu May 19, 2016 9:13 pm 
Offline
Member
Member

Joined: Mon Dec 21, 2015 7:09 pm
Posts: 37
I have been working on this wiki for a couple of weeks now, and I think it looks pretty good, as it is now covering how to implement the most common cipher suites.


Top
 Profile  
 
 Post subject: Re: SSL/TLS
PostPosted: Fri May 20, 2016 2:32 am 
Offline
Member
Member

Joined: Wed Jun 03, 2015 5:03 am
Posts: 397
I've missed this topic, but it's really interesting.

I've read the article and most important issue (at least for me) is the lack of a general framework description, that can help to identify the OS parts where security is important.

First I see no security category in the OSDev Wiki. May be it should be a subcategory of the "Design Considerations". And as a design issue it should cover the whole body of security concerns for an OS. It should include the areas where security is important and it, in fact, is about information access, one branch of which is the remote data access over untrusted network. And one kind of such access is covered with the technology (set of algorithms and standards) called TLS.

And second - the security subject is quite large to be limited by TLS only, so it's important to fill the security category with at least basic information and kind of a road map for interested OSDevers.

Generally the information access can be split into two areas:
  1. access authorization
  2. minimizing impact of unauthorized access

The first area is about preventing unauthorized user from accessing the information. The second is about dealing with the cases where unauthorized access is unavoidable. The TLS and similar technologies are mostly important for the second area.

But OSDev Wiki needs more detailed categorization of the OS related security. So, who is ready to write the rest? Really important question :)

_________________
My previous account (embryo) was accidentally deleted, so I have no chance but to use something new. But may be it was a good lesson about software reliability :)


Top
 Profile  
 
 Post subject: Re: SSL/TLS
PostPosted: Fri May 20, 2016 3:09 pm 
Offline
Member
Member

Joined: Mon Dec 21, 2015 7:09 pm
Posts: 37
The (oversimplified) basics of security are pretty simple - no input shall be trusted and should always be sanitized. Applying them in practice is as hard as writing an OS without bugs. Even professionals like the guys who wrote OpenSSL created a huge vulnerability with Heartbleed.

Also, I'd be curious to know the level of interest in security on this site. In my experience, very few people want to spend the necessary resources on InfoSec. And when one's developing one's hobby OS, the goal may be more to have something working than something secure. I implemented TLS in my OS to understand how TLS works and to be able to access HTTPS-only Websites more than security.

That said, if there is interest in the matter I will gladly contribute with my knowledge.


Top
 Profile  
 
 Post subject: Re: SSL/TLS
PostPosted: Fri May 20, 2016 3:23 pm 
Offline
Member
Member
User avatar

Joined: Sun Sep 19, 2010 10:05 pm
Posts: 926
Great job, so far.

I would like to see examples in something other than Python, but I'll take what I can get.

Also, the parts that I'm most interested in are the Handshake section and the Key Exchange section. You might consider moving the encryption specific stuff to a separate page. Putting it all together makes my head hurt a little. :)

Maybe some examples showing the data inside of the packets being transmitted in both directions would be helpful, as well.

_________________
Project: OZone
Source: CodePlex / GitHub
Current Task: CPU Emulation

"The more they overthink the plumbing, the easier it is to stop up the drain." - Montgomery Scott


Top
 Profile  
 
 Post subject: Re: SSL/TLS
PostPosted: Fri May 20, 2016 3:56 pm 
Offline
Member
Member

Joined: Mon Dec 21, 2015 7:09 pm
Posts: 37
@SpyderTL: I can split into 3 sections: the general overview, the handshake and the encryption part.

As far as the Python code, the goal was to show more how the encryption is actually done. And yes, implementing modular exponentiation over 1024-bit integers in C/C++ is not easy, let alone Elliptic Curve or the Galois Counter Mode. That's why I provided details about the TLS_DHE_RSA_WITH_AES_128_CBC_SHA cipher suite as it can be implemented in a low-level language like C relatively easily provided you use the hack I mention to avoid implementing modular exponentiation at the expense of security (great first step even if you eventually want to build something secure)


Top
 Profile  
 
 Post subject: Re: SSL/TLS
PostPosted: Fri May 20, 2016 4:26 pm 
Offline
Member
Member
User avatar

Joined: Sun Sep 19, 2010 10:05 pm
Posts: 926
lpoulain wrote:
@SpyderTL: I can split into 3 sections: the general overview, the handshake and the encryption part.

As far as the Python code, the goal was to show more how the encryption is actually done. And yes, implementing modular
exponentiation over 1024-bit integers in C/C++ is not easy, let alone Elliptic Curve or the Galois Counter Mode. That's why I provided details about the TLS_DHE_RSA_WITH_AES_128_CBC_SHA cipher suite as it can be implemented in a low-level language like C relatively easily provided you use the hack I mention to avoid implementing modular exponentiation at the expense of security (great first step even if you eventually want to build something secure)

I've highlighted the words above that I actually understand. :)

I think that the technical byte-by-byte packet definition of the SSL standard(s) deserves it's own page, so that I can work on that code independently of the "pluggable" encryption methods used by the keys.

I understand that you understand how it all fits together, but someone just starting in OS Development or Network Security is going to have a hard time picking it apart.

Once I have it organized and written down in a way that makes sense to me, I can add some Wiki pages to try to help out some of the new guys, but it will probably be a while before I get to that point. And it would save me the trouble if you understand it well enough to separate it out, yourself.

(For instance, the page does not mention the valid values for the content type field of the SSL header, nor does it describe any of the structs for the different content types)

_________________
Project: OZone
Source: CodePlex / GitHub
Current Task: CPU Emulation

"The more they overthink the plumbing, the easier it is to stop up the drain." - Montgomery Scott


Top
 Profile  
 
 Post subject: Re: SSL/TLS
PostPosted: Fri May 20, 2016 8:17 pm 
Offline
Member
Member

Joined: Mon Dec 21, 2015 7:09 pm
Posts: 37
I've split the page into 3. I will also work on adding more details about the TLS packets. But the best way to understand how they are formed is to examine at a TLS communication using Wireshark.


Top
 Profile  
 
 Post subject: Re: SSL/TLS
PostPosted: Fri May 20, 2016 8:39 pm 
Offline
Member
Member

Joined: Mon Dec 21, 2015 7:09 pm
Posts: 37
By the way, we can have a Google Hangout if you want to go over how to use Wireshark and understand more how TLS is working.


Top
 Profile  
 
 Post subject: Re: SSL/TLS
PostPosted: Sat May 21, 2016 4:31 am 
Offline
Member
Member

Joined: Wed Jun 03, 2015 5:03 am
Posts: 397
lpoulain wrote:
The (oversimplified) basics of security are pretty simple - no input shall be trusted and should always be sanitized.

But you should understand why it is required to sanitize everything. And understanding can tell you that sanitizing alone is not secure. For example - internet access is performed using untrusted intermediaries, so what can you sanitize when somebody just copies your data on the fly?

Security is about data access constraints. And you can prevent just some types of data access by sanitizing everything. First - you should plan what do you want hide and why. Next you can decide on the method. If you want to hide your site administrator console then may be it's enough just not to tell everybody the exact path part of the site's URL where the console is available. But if you think somebody can intercept your packets and find the path then it's better to encrypt the console access. Next question is about what algorithm to select for the encryption. Here you should understand the weaknesses of the algorithms you are going to select from. And one problem (among many, of course) is to prevent somebody else from using your secure connection instead of you. That's why you should sanitize the input of your site's administrator console. But without things to hide, the hiding method, interaction media, encryption and many other parts the sanitizing is just useless.
lpoulain wrote:
Applying them in practice is as hard as writing an OS without bugs. Even professionals like the guys who wrote OpenSSL created a huge vulnerability with Heartbleed.

It's about the "why" part of the equation. Why should many beginners be bothered with the security?
lpoulain wrote:
Also, I'd be curious to know the level of interest in security on this site.

The OSes here mostly are for learning, so, the security is also can be viewed as a part of the learning process. Just like is the case with you:
lpoulain wrote:
I implemented TLS in my OS to understand how TLS works and to be able to access HTTPS-only Websites more than security.

_________________
My previous account (embryo) was accidentally deleted, so I have no chance but to use something new. But may be it was a good lesson about software reliability :)


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 21 posts ]  Go to page 1, 2  Next

All times are UTC - 6 hours


Who is online

Users browsing this forum: Bing [Bot] and 1 guest


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group