[055] SSL 3.0 exposes the solution of poodle Vulnerability-----Developer Chapter

SSL 3.0 exposes a high-risk vulnerability

October 15, 2014, Google researchers published SSL 3.0 protocol There is a very serious vulnerability, the vulnerability can be used by hackers to intercept the browser and server transmission between encrypted data, such as online banking account, email account, personal privacy, etc. . The SSL 3.0 vulnerability would allow an attacker to initiate a downgrade attack, which would spoof the browser saying "server does not support a more secure Transport layer (TLS) protocol" and then force it to switch to SSL 3.0 after forcing the browser to use SSL 3.0 to communicate with the server. Hackers can use a man-in-the-middle attack to decrypt HTTPS's cookies,google call it a poodle attack, and if attacked by a poodle, all data transmitted over the network will no longer be encrypted.

I was also in the public platform issued a " public platform to adjust the SSL security policy, developers notice upgrade " notice, only start to focus on the SSL3.0 vulnerability, only to start to realize the seriousness of the problem. The main content of the notice: "The HTTPS encryption protocol SSL exposes the high-risk vulnerability in the near time, may cause the data transmitted in the network by hackers to listen, to the user information, the network account password and so on security constitutes the threat." In order to ensure user information and communication security, the public platform will be closed SSLv2, SSLV3 version number support, and no longer support the partial use of SSLv2, SSLv3 or lower version of the client call. Developers who are still using these version numbers should fix the upgrade as soon as possible before November 30. "

Key points of knowledge popularization 1:ssl agreement

SSL (Secure Sockets layer Secure Sockets) is a Secure communication protocolbased on Web applications that was first proposed by Netscape (Netscape) . SSL between the TCP protocol and the application layer protocol, the main role is to encrypt the HTTP, FTP and other application layer of data encryption and rely on the reliable TCP protocol on the Internet to the destination, the most typical application is HTTPS.

SSL provides 3 primary security services :

1) identity legitimacy : The data sender and receiver to confirm each other's identity, to ensure that their identities will not be impersonating.

2) data confidentiality : All transmitted data is encrypted, and to ensure that even if the data is intercepted can not be cracked.

3) Data integrity : Ensure that the data received is consistent with the data sent by the sender and has not been tampered with.

the SSL protocol mainly uses the data encryption algorithm :

1) Asymmetric encryption algorithm: Data encryption and decryption uses different keys, such as RSA public key cryptography algorithms. The advantage is high security level, very difficult to be cracked; Secret decryption is slow, so it only applies to the encryption of small amounts of data. SSL protocol adopts asymmetric encryption algorithm to realize digital signature, verify the identity of sender (or receiver) of data, and also use Asymmetric cryptographic algorithms exchange keys (the keys for symmetric encryption algorithms used for data encryption, and MAC algorithms for data Integrity validation).

2) symmetric encryption algorithm: data encryption and decryption using the same key, such as DES, 3DES, RC4, etc. are symmetric encryption algorithm. The advantage is that the decryption speed is fast, and it is suitable for the encryption of big data, but the security is poor. The SSL protocol uses a symmetric encryption algorithm to encrypt the transmitted data.

3) MAC algorithm: Message authentication Codes, that is, messages authentication code algorithm, MAC contains key hash function algorithm, compatible with the characteristics of MD and SHA algorithm, and on this basis added the key. The SSL protocol uses the MAC algorithm to verify the integrity of the message.

Knowledge popularization 2:ssl version number of the agreement

The SSL protocol currently in use has 5 version numbers, each of which is SSL2.0, SSL3.0, TLS1.0, TLS1.1, and TLS1.2, where the TLS (Transport layer Security, Transport Layer Secure) protocol is an upgraded version of the SSL protocol.
After the SSL protocol exposes the poodle vulnerability, the public platform will cancel the support of the SSLV2, SSLv3 two version number, the browser and other SSL protocol platform will gradually remove the support for SSLv2, SSLV3, now only recommend the use of TLSv1.0, TLSv1.1 and TLSv1.2 three version numbers.

How to view the SSL protocol used?

In Java development, setting the System Properties "Javax.net.debug" to "Ssl,handshake" before the SSL server or client code enables the output of SSL communication logs to the console. The code that opens the SSL communication log is as follows:

System.setproperty ("Javax.net.debug", "Ssl,handshake");

The following is part of the SSL communication log generated by the author's Test call to the public platform interface to obtain Access_token. As can be seen from the log, this communication process has been usedSSLv2 and TLSv1 two speciesAgreement. The SSLV2 protocol is used by the client to send a hello message to the server, while the TLSV1ProtocolUsed for handshake, exchange key, and data encryption.

ClientHello, TLSv1 ...  Main, write:tlsv1 handshake, length = 75main, write:sslv2 client Hello message, length = 101main, Read:tlsv1 handshake, Length = 81*** Serverhello, TLSv1 ... Main, read:tlsv1 handshake, length = 3747...main, write:tlsv1 change Cipher Spec, length = 1...main, Write:tlsv1 handsh ake, length = 48main, read:tlsv1 change Cipher Spec, length = 1main, read:tlsv1 handshake, length = 48...main, write:tl SV1 Application Data, length = 336main, READ:TLSV1 application data, length = 336

How to set up sslclient What kind of protocol?

1. In Java, assuming the implementation of sslclient with Sslsocket or sslengine, it is possible to set the protocol that string[can use through the Setenabledprotocols (Protocols] sslclient) method. The Demo sample code snippet is as follows:

Socketfactory SF = Sslsocketfactory.getdefault (); Sslsocket socket = (sslsocket) sf.createsocket ("localhost", 8443);//Set Sslclient used protocol string[] protocols = {"TLSV1"};soc Ket.setenabledprotocols (protocols);

2, in Java, assume that the implementation of sslclient with Httpsurlconnection, can be httpsurlconnection before the relevant code through the system Properties "https.protocols" to specify the protocol used by the sslclient. The code is as follows:

System.setproperty ("Https.protocols", "TLSv1");

How do I set which protocols the SSL server supports?

1, in Java, assume that the use of sslsocket or Sslengine to implement the SSL server, the same is also the use of Setenabledprotocols (string[] protocols) method to set the SSL server support protocol.

2. In Java, it is assumed that the HTTPS service is provided externally through Tomcat and that the protocol supported by the SSL server can be specified by setting the Sslprotocol property in%tomcat%/conf/server.xml. The demo sample code is as follows:

<connector port= "8443" protocol= "http/1.1" sslenabled= "true" maxthreads= "" scheme= "https" secure= "true" Clientauth= "false" sslprotocol= "TLS"/>

the setting description for the Sslprotocol property:

1) Assuming the setting setprotocol= "TLSv1", then the server will support SSLv3 and TLSV1;

2) Suppose set sslv3, TLSv1, and TLSv1.1;

3) Suppose set sslv3, Tlsv1 and TLSv1.2.

Suppose the service side does not support SSLV3, only support TLSv1, TLSv1.1 and TLSv1.2, and how to set it? You need to set another property, Sslenabledprotocols, to demonstrate the sample code such as the following:

<connector port= "8443" protocol= "http/1.1" sslenabled= "true" maxthreads= "" scheme= "https" secure= "true" Clientauth= "false" sslenabledprotocols= "tlsv1,tlsv1.1,tlsv1.2"/>

Assume that the reader uses other webserver to provide HTTPS services, such as: Apache, WebLogic, WebSphere, etc., also have similar properties set the service side of the SSL protocol support, I do not repeat here. I believe that after reading this article, developers should be able to easily deal with the SSL 3.0 Poodle vulnerability, at the same time, should also be aware of the public platform after adjusting the SSL security policy, how to change their own program code.

If you think the blog article is helpful to you, please leave a message or follow the public account below to support Liu Feng (No.: LIUYQ10)!

Small q robot (Xiaoqrobot) Guiyang my Home (Gywodejia)

Reprint please indicate this article from Liu Feng's blog (http://blog.csdn.net/lyq8479), please respect others ' hard work results, thank you!

[055] SSL 3.0 exposes the solution of poodle Vulnerability-----Developer Chapter