Understanding SSH: Large-scale measurements and notary-based - PowerPoint PPT Presentation

Understanding SSH: Large-scale measurements and notary-based authentication Final Presentation Oliver Gasser Master Thesis Advisor: Ralph Holz Chair for Network Architectures and Services Faculty of Computer Science Technische Universit¨ at M¨ unchen March 19, 2013 Oliver Gasser (TU M¨ unchen) Understanding SSH 1

Outline SSH Basics 1 Goals 2 3 Related Work SSH Scanning 4 Evaluation 5 6 Notary-based Authentication Summary 7 Oliver Gasser (TU M¨ unchen) Understanding SSH 2

SSH Basics SSH Protocol Client–server protocol Secure replacement for rsh , rlogin , telnet Two major protocol versions SSH-1.x SSH-2.0 Use: Server administration, tunneling Not utilized by everyday Internet user Oliver Gasser (TU M¨ unchen) Understanding SSH 4

SSH Connection Establishment SSH Client SSH Server Establish TCP connection (client connects to server on port 22) Exchange SSH identification string: "SSH-2.0-OpenSSH 5.9p1 Debian-5ubuntu1" Exchange supported algorithms: kex algorithms server host key algorithms enc algorithms client server enc algorithms server client mac algorithms client server mac algorithms server client compression algorithms client server compression algorithms server client languages client server languages server client Diffie Hellman key exchange Trust-On-First-Use principle with server authentication Client authentication (e.g. by password or public key) Service communication (e.g. terminal login session) Protected Oliver Gasser (TU M¨ unchen) Understanding SSH 5

Problem statement Insufficient data about the SSH landscape available Perform IPv4-wide scans for SSH servers Trust-On-First-Use is strong assumption Provide notary-based authentication for SSH servers Oliver Gasser (TU M¨ unchen) Understanding SSH 7

Related Work: Protocol Scanning Provos and Honeyman (2001) Scanned 2 million IP addresses for SSH servers Analyzed only SSH version and server’s identification string Yilek et al. (2009) Debian OpenSSL vulnerability Analyzed X.509 certificate churn No SSH scans Holz et al. (2011) Active scans for Alexa Top 1 Million Hosts Passive monitoring of MWN traffic No SSH scans Oliver Gasser (TU M¨ unchen) Understanding SSH 9

Related Work: Key Security Lenstra et al. (2012) No active scanning, EFF SSL observatory and other sources 6.2 million X.509 certs and 5.5 million PGP keys 4 % of RSA keys shared modulus, 0.18 % shared one prime Conclusion: RSA keys less secure than DSA keys Heninger et al. (2012) Active scanning for TLS and SSH servers 5.8 million unique X.509 certs and 6.2 million unique SSH host keys Recovered private keys for RSA (0.03 %) and DSA keys (1 %) Conclusion: Embedded devices do not have enough entropy DSA mode more vulnerable than RSA Oliver Gasser (TU M¨ unchen) Understanding SSH 10

Related Work: Notary-based Authentication Wendlandt et al. (2008) Perspectives Improve SSH authentication mechanism Crypto flaws Implementation not available Holz et al. (2012) Crossbear Detect Man-in-the-Middle attacks on SSL Localize the MitM using traceroutes No support for SSH Oliver Gasser (TU M¨ unchen) Understanding SSH 11

SSH Scanning Internet-wide scanning for SSH protocol Parallel scanning to improve performance Collect information and fetch SSH host key Full SSH handshake with OpenSSH Different scanning scenarios Modularity in software design Minimize intrusiveness Pseudorandom IP address generation Blacklist Oliver Gasser (TU M¨ unchen) Understanding SSH 13

Understanding SSH: Large-scale measurements and notary-based - PowerPoint PPT Presentation

Understanding SSH: Large-scale measurements and notary-based authentication Final Presentation Oliver Gasser Master Thesis Advisor: Ralph Holz Chair for Network Architectures and Services Faculty of Computer Science Technische Universit

Course Overview What is a Notary? Colorado Notary Public Course How to Become a Notary

1. Who is responsible, whom can you contact? We, notary Dr. Christof Hupe and notary Alexander

Optimization techniques for large-scale traceroute measurements Benjamin Hof Lehrstuhl f ur

Pinpointing Delay and Forwarding Anomalies Using Large-Scale Traceroute Measurements Romain

Conducting large-scale active and passive measurements of SSH deployments Oliver Gasser Master

Applying the Halo Model to Large Scale Structure Measurements of the Luminous Red Galaxies: SDSS

Notary Best Practices and New Law Updates for Michigan Notaries 2 Todays Topics: The Role

Internet-scale Experimentation The challenges of large-scale networked system experimentation and

UNDERSTANDING AND PREDICTING IMAGE MEMORABILITY AT A LARGE SCALE A. Khosla, A. S. Raju, A.

Understanding the Impact of Network Infrastructure Changes using Large-Scale Measurement Platforms

FINANCING LARGE SCALE SOLAR Large Scale Solar Conference - Sydney Gloria Chan Director, Large

Understanding the impacts of recent, large-scale solid fuel interventions on ambient air quality

Large-scale data integration for systems- level understanding of complex diseases How do GWAS,

Query Understanding in Web Search - by Large Scale Log Data Mining and Statistical Learning Hang

INCORPORATING LARGE-SCALE CITIZEN INCORPORATING LARGE-SCALE CITIZEN DELIBERATION INTO

Large-Scale Survey Interviewing Following Large Scale Survey Interviewing Following the 2008

Large-scale production of graphene: Introduction Large-scale production of graphene: what is

Deformability characterization of fabrics using large and small scale full field optical strain

OpenINTEL an infrastructure for long-term, large-scale and high-performance active DNS

Ethics in Techniques for large-scale data Graham J.L. Kemp TECHNIQUES FOR LARGE-SCALE DATA

Wide-Area Modeling, Analysis and Control of Large-Scale Power Systems using Synchrophasors

An Email Contact Protocol Experiment in a Large-Scale Survey of U.S. in a Large Scale Survey of

Efficient Large-Scale Graph Processing on Hybrid CPU and GPU Systems A. Gharaibeh, E.

Large-scale analysis of Spanish /s/-lenition using audiobooks Neville Ryant 1 and Mark Liberman 2