MITM Attacks and Authentication - Computer and Network Security | CS 475, Study Guides, Projects, Research of Cryptography and System Security

Material Type: Project; Professor: Greenstadt; Class: Computer and Network Security; Subject: Computer Science; University: Drexel University; Term: Winter 2009;

Typology: Study Guides, Projects, Research

Pre 2010

Uploaded on 08/19/2009

koofers-user-oaw-1
koofers-user-oaw-1 🇺🇸

2

(1)

9 documents

1 / 6

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
Project #2: MITM Attacks and Authentication
CS 475: Computer and Network Security
Due: February 19, 2009 11:59 pm EST
Informal Due Date
: Feb 12, 11:59 pm EST.
February 2, 2009
This project is based on a project designed by Dan Boneh for his class (cs 255) and used by Yoshi Kohno
in his class (cse 484). Thanks Dan and Yoshi.
1 Overview
1.1 Introduction
For programming project 2, you will implement a man-in-the-middle (MITM) attack on SSL, using an SSL
proxy server. You will also implement a simple (command-line) administrative interface for the proxy that
will make use of password authentication.
This project is for educational purposes only, and should never be used outside of this class. Conducting
real attacks in unethical.
1.2 Background
Recall that an eavesdropper on an SSL connection has little power because of the encryption being used,
but if an attacker is able to trick the user into using the attacker’s public key rather than the intended
receipient’s, this security is lost. While a real attacker would likely intercept and manipulate the network
packets direcly to implement this attack, you will be making an SSL proxy. After a client (i.e., a web browser)
is configured to make use of an SSL proxy, all client SSL requests are intercepted by the proxy and relayed
to the intended remote webserver.
After an initial plaintext proxy CONNECT request by the client, normally the proxy just forwards the
encrypted data to the server. However, instead of forwarding the initial request to the remote server, your
proxy will setup its own connection with the remote server and setup a connection to the client using its
own certificate. Then all traffic between the (client AND proxy) and the (proxy AND web-server) is SSL
encrypted, but with different keys. This means that the proxy has access to the plaintext data sent and
received by the client. Having the proxy use a single, fixed SSL server certificate is not ideal, though, because
modern web browsers check the common name (CN) field of the certificate against the domain name of the
remote server and check to make sure serial numbers are not duplicated. So, to mount a more transparent
MITM attack, the proxy will have to generate new server certificates on the fly, for each new client request.
Web browsers will still complain once that the certificate is not trusted, but if the user clicks past this
warning, then the attacker wins. Note: this attack will not work well on Firefox 3 because it disallows the
use of self-signed certificates. You should test your code on another browser (Firefox 2, Konqueror, Safari,
IE 7, probably others).
You will be learning:
Turn in your code for the MITM attack (leaving out user authentication). This will not be graded, but aiming for this
deadline will help you complete the full project in time.
1
pf3
pf4
pf5

Partial preview of the text

Download MITM Attacks and Authentication - Computer and Network Security | CS 475 and more Study Guides, Projects, Research Cryptography and System Security in PDF only on Docsity!

Project #2: MITM Attacks and Authentication

CS 475: Computer and Network Security

Due: February 19, 2009 11:59 pm EST

Informal Due Date∗ : Feb 12, 11:59 pm EST.

February 2, 2009

This project is based on a project designed by Dan Boneh for his class (cs 255) and used by Yoshi Kohno in his class (cse 484). Thanks Dan and Yoshi.

1 Overview

1.1 Introduction

For programming project 2, you will implement a man-in-the-middle (MITM) attack on SSL, using an SSL proxy server. You will also implement a simple (command-line) administrative interface for the proxy that will make use of password authentication.

This project is for educational purposes only, and should never be used outside of this class. Conducting real attacks in unethical.

1.2 Background

Recall that an eavesdropper on an SSL connection has little power because of the encryption being used, but if an attacker is able to trick the user into using the attacker’s public key rather than the intended receipient’s, this security is lost. While a real attacker would likely intercept and manipulate the network packets direcly to implement this attack, you will be making an SSL proxy. After a client (i.e., a web browser) is configured to make use of an SSL proxy, all client SSL requests are intercepted by the proxy and relayed to the intended remote webserver. After an initial plaintext proxy CONNECT request by the client, normally the proxy just forwards the encrypted data to the server. However, instead of forwarding the initial request to the remote server, your proxy will setup its own connection with the remote server and setup a connection to the client using its own certificate. Then all traffic between the (client AND proxy) and the (proxy AND web-server) is SSL encrypted, but with different keys. This means that the proxy has access to the plaintext data sent and received by the client. Having the proxy use a single, fixed SSL server certificate is not ideal, though, because modern web browsers check the common name (CN) field of the certificate against the domain name of the remote server and check to make sure serial numbers are not duplicated. So, to mount a more transparent MITM attack, the proxy will have to generate new server certificates on the fly, for each new client request. Web browsers will still complain once that the certificate is not trusted, but if the user clicks past this warning, then the attacker wins. Note: this attack will not work well on Firefox 3 because it disallows the use of self-signed certificates. You should test your code on another browser (Firefox 2, Konqueror, Safari, IE 7, probably others). You will be learning: ∗Turn in your code for the MITM attack (leaving out user authentication). This will not be graded, but aiming for this deadline will help you complete the full project in time.

  • keytool (command line utility) to generate and manage keys and certificates.
  • IAIK-JCE APIs to create and sign certificates programmatically.
  • JSSE (Java Secure Socket Extension) to do secure networking.

1.3 Requirements

We will provide you with code for a basic SSL proxy, and you will need to do the following :

  • Build and use a public key infrastructure using X509 certificates.
  • Modify the SSL proxy to dynamically generate new SSL server certificates, based on the domain name of the requested remote web server and the serial number of the website’s certificate.
  • Implement password authentication, over an SSL connection, for a simple administrative interface.

We will examine each of these features in detail below.

2 Description

2.1 Secure communication

You will be working with network sockets. The JCE provides an abstraction for secure sockets in the javax.net.ssl package and this relieves us from explicitly performing the key exchange, encryption and in- tegrity of the messages transferred over these sockets.

2.2 Public Key Infrastructure

2.2.1 Offline Key Generation

The SSL proxy has a public/private key pair which is generated offline using keytool. The keytool is used to generate a keystore for each entity in the system. Before the system is bootstrapped, you will have to generate a public/private key pair for the SSL proxy. The public key of the proxy is self-signed.

2.2.2 Generating new server certificates

After connecting to a remote webserver, the proxy will have to create a new server certificate which has the same common name (CN) field and serial number as the remote webserver’s certificate. This new certificate will then be presented to the client, for use in an SSL session. You will use classes from the IAIK library to create and sign these new server certificates.

2.3 Password Authentication

In addition to implementing the MITM attack with the proxy server, you will implement a simple remote administrative interface for the proxy server, which uses password authentication. This will allow the hacker to remotely log into the server and issue commands. In order to ensure only those users the attacker has authorized can log in, the interface will use password authentication. To connect to the proxy server, the administrative program will setup an SSL connection to the proxy server and transmit the hacker’s username, password, and command. The proxy server maintains a password file, which contains a list of authorized usernames and passwords, stored salted and hashed. When the proxy receives a log in request, it should compare the hash of the received password with the stored hash from the appropriate user, allowing the user to proceed if they match, otherwise closing the connection. Once the admin client is authenticated, the appropriate command should be executed. You will need to implement the following commands:

File Description

  • Makefile Makefile for the project; modify this file to compile new classes that you add.
  • MITMProxyServer.java Starts up the SSL proxy server.
  • HTTPSProxyEngine.java The core SSL proxy code.
  • MITMSSLSocketFactory.java Used in the creation of new SSL sockets.
  • MITMAdminClient.java Command line tool for remotely accessing the proxy server.
  • MITMAdminServer.java Creates connections with authorized admin clients. ProxyDataFilter.java Logs the (plaintext) data exchanged between the client and remote webserver. ConnectionDetails.java Holds information about the two endpoints of a TCP connection. CopyStreamRunnable.java Blindly copies data from an InputStream to an OutputStream. MITMPlainSocketFactory.java Used to create unencrypted sockets, to handle the initial browser proxy CONNECT request. ProxyEngine.java Abstract parent class of HTTPSProxyEngine. StreamThread.java Copies data from an InputStream to an OutputStream, using a ProxyDataFilter to record the data that’s being streamed through

Of course, you can also add new files. For example,, you will need to add a class which reads a file of admin-client usernames and passwords, and generates an encrypted file using a key generated from the proxy password. This class is run separately from the above framework and is needed to precompute the encrypted file which has a list of usernames and the corresponding authentication information.

3.2 Running the code

You should spend some time getting familiar with the provided framework and reading the comments in the starter code. You will need to copy the cs475-pp2.tar.gz file to your account. You will also need to source setup.csh to set your path and classpath correctly. Change your browser settings to make use of an SSL proxy. You don’t need to proxy non-SSL traffic. Start the SSL Proxy:

% java mitm.MITMProxyServer -keyStore [yourkeystore] -keyStorePassword [kspwd] -outputFile [logfile] &

Run an admin client:

%java mitm.MITMAdminClient -userName [user] -userPassword [pwd] -cmd [cmd]&

3.3 Crypto Libraries and Documentation

In addition to java.security and javax.crypto, some classes in iaik.x509 and iaik.asn1.structures are also needed to do certificate management.

Important note: We require that your submission work with the Java API version on the Linux machines in the computer lab. Alse, use the version of the IAIK library provided by us. The following are some links to useful documentation :

  • Java API http://java.sun.com/j2se/1.5.0/docs/api
  • IAIK-JCE API http://javadoc.iaik.tugraz.at/iaik_jce/current/index.html
  • Java Keytool Manual http://java.sun.com/j2se/1.5.0/docs/tooldocs/solaris/keytool.html
  • JCE Reference Guide http://java.sun.com/j2se/1.5.0/docs/guide/security/jce/JCERefGuide. html
  • JSSE Reference Guide http://java.sun.com/j2se/1.5.0/docs/guide/security/jsse/JSSERefGuide. html
  • Sun Tutorial on Socket Programming http://java.sun.com/docs/books/tutorial/networking/ sockets/
  • Sun Tutorial on Thread Programming http://java.sun.com/docs/books/tutorial/essential/threads/

Some classes/interfaces you may want to take a look at:

  • java.security.SecureRandom
  • java.security.KeyStore
  • java.security.PublicKey
  • java.security.PrivateKey
  • javax.net.ssl.KeyManagerFactory
  • javax.net.ssl.KeyManager
  • javax.net.ssl.TrustManagerFactory
  • javax.net.ssl.TrustManager
  • java.net.ServerSocket
  • java.net.Socket
  • javax.net.ssl.SSLSocket
  • javax.net.ssl.SSLServerSocket
  • javax.net.ssl.SSLSocketFactory
  • javax.net.ssl.SSLContext
  • javax.net.ssl.SSLSessionContext
  • java.security.cert.Certificate
  • java.security.cert.X509Certificate
  • iaik.x509.X509Certificate
  • iaik.asn1.ASN1Object
  • iaik.asn1.structures.AlgorithmID
  • iaik.asn1.structures.Name

4 Miscellaneous

We encourage you to discuss socket programming, Java, SSL, Java and SSL, etc. The goal is to learn as much as possible, and we firmly believe that people learn by both doing (this project) and by sharing ideas and thoughts with others. You may work in groups of up to three people. You can use the same groups as for Project 1. Or you can form new groups.