They always taught us that the only thing that can be pulled out from a SSL/TLS session using strong authentication and latest Perferct Forward Secrecy ciphersuites is the public key of the certificate exchanged during the handshake - an insufficient condition to place a MiTM attack without to generate alarms on the validity of the TLS connection and certificate itself. Anyway, this is not always true. In certain circumstances it is possible to derive the private key of server regardless of the size of the used modulus. Even RSA keys of 4096 bits can be factored at the cost of a few CPU cycles and computational resources. All that needed is the generation of a faulty digital signature from server, an event that can be observed when occurring certain conditions such as CPU overheating, RAM errors or other hardware faults. Because of these premises, devices like firewall, switch, router and other embedded appliances are more exposed than traditional IT servers or clients. During the talk, the author will explain the theory behind the attack, how common the factors are that make it possible and his custom pratical implementation of the technique. At the end, a proof-of-concept, able to work both in passive mode (i.e. only by sniffing the network traffic) and in active mode (namely, by participating directly in the establishment of TLS handshakes), will be released.
Marco Ortisi works as Senior Penetration Tester in ENCS (European Network forCyber Security) where he is fully involved in increasing the security ofEuropean critical infrastractures such as energy grids, and reducing the gapwith the classical IT systems. Netizen since 1996, he has literally grown upon "bread and vulnerability's research," a fascinating field leading him tocontinuosly study new attack techniques and at the same time to developalternative defense methods. Prior to this role at ENCS, Marco worked asIndependent Penetration Tester and Security Consultant on different sectors(telco, governmental, utility, banking, pharmaceutical, financial, etc...) byhelping to improve the IT security posture of several big companies andorganizations operating in EMEA (Europe and Middle East).