|
Ä¿ÇÇÇâÀÌ ³ª´Â *NIX
Ä¿ÇǴнº
½Ã½ºÅÛ/³×Æ®¿÷/º¸¾ÈÀ» ´Ù·ç´Â °÷
|
|
|
|
ÀÌÀü ÁÖÁ¦ º¸±â :: ´ÙÀ½ ÁÖÁ¦ º¸±â |
±Û¾´ÀÌ |
¸Þ½ÃÁö |
truefeel Ä«Æä °ü¸®ÀÚ
°¡ÀÔ: 2003³â 7¿ù 24ÀÏ ¿Ã¸° ±Û: 1277 À§Ä¡: ´ëÇѹα¹
|
¿Ã·ÁÁü: 2015.6.16 È, 4:40 pm ÁÖÁ¦: OpenSSL Ãë¾àÁ¡ Á¤¸®, Logjam(·Î±×Àë)¿¡¼ Heartbleed±îÁö |
|
|
OpenSSLÃë¾àÁ¡ÀÌ ÀÛ³âºÎÅÍ ¹«´õ±â·Î ½ñ¾ÆÁö°í ÀÖ½À´Ï´Ù. ¡±×·¯¿ï Á¤µµÁÒ. óÀ½¿¡ Çѵΰ³ ³ª¿Ã ¶§´Â Ãë¾àÁ¡¸í°ú ±× Ãë¾àÁ¡ÀÌ ¾î¶² °ÍÀÎÁö ¿¬°áÀÌ µÇ¾î¾ú´Âµ¥, Á¡Á¡ ´Ã¾î³ª´Ùº¸´Ï Çò°¥¸³´Ï´Ù. ±×·¡¼ Heartbleed Ãë¾àÁ¡, POODLE Ãë¾àÁ¡, FREAK Ãë¾àÁ¡ ¾ó¸¶Àü¿¡ ³ª¿Â Logjam Ãë¾àÁ¡±îÁö °£´ÜÈ÷ Á¤¸®ÇغýÀ´Ï´Ù.
Ãë¾àÁ¡ ¿©ºÎ¸¦ üũÇÒ ¼ö ÀÖ´Â ¹æ¹ýÀ» º°µµ·Î Àû¾ú½À´Ï´Ù.
1. OpenSSL Logjam Ãë¾àÁ¡ (2015.5.)
TLSÇÁ·ÎÅäÄÝÀÇ Ãë¾àÁ¡À¸·Î °ø°ÝÀÚ°¡ Àӽà Diffie-Hellman Å° ±³È¯(Diffie-Hellman key exchange)À» »ç¿ëÇÏ¿© TLS¿¬°áÀ» 512ºñÆ® ¼öÃâµî±Þ ¾ÏȣȷΠ´Ù¿î±×·¹À̵åÇÒ ¼ö ÀÖ´Ù.
OpenSSL 1.0.2 : ÆÐÄ¡µÈ ¹öÀü 1.0.2bÀÌ»ó
OpenSSL 1.0.1 : ÆÐÄ¡µÈ ¹öÀü 1.0.1nÀÌ»ó
OpenSSL 1.0.1°ú 1.0.2´ëÀÇ ¹öÀüº° ÇØ°áÃ¥À» º¸¸é.
- 1.0.1°ú 1.0.2 : DH ÆĶó¹ÌÅÍ°¡ 768ºñÆ®º¸´Ù ª´Ù¸é handshake¸¦ °ÅºÎÇϵµ·Ï TLSŬ¶óÀ̾ðÆ®¿¡ ´ëÇÑ º¸È£ ±â´ÉÀ» Ãß°¡Çß´Ù.
- 1.0.2bÀÌ»ó, 1.0.1nÀÌ»ó : À§ Á¦ÇÑÀ» 1024ºñÆ®±îÁö Áõ°¡Çß´Ù.
- 1.0.1mÀÌ»ó, 1.0.2aÀÌ»ó : EXPORT cipher suite(Áï, ¼öÃâµî±Þ ¾ÏÈ£)¸¦ ±âº»ÀûÀ¸·Î disableÇß´Ù.
Àοë: |
1) Ãë¾àÁ¡ ¿©ºÎ È®ÀÎÇϱâ
¹Ýµå½Ã openssl 1.0.2 client¸¦ »ç¿ëÇØ¾ß Server Temp Key: °ªÀ» º¼ ¼ö ÀÖ´Ù. Server Temp Key: °ªÀÌ 1024ºñÆ®°Å³ª ÀÌÇÏÀ̸é 2048ºñÆ® DH parameter¸¦ »ý¼ºÇÑ´Ù. (1024ºñÆ®°¡ ¹Ýµå½Ã Ãë¾àÇÏ´Ù´Â °ÍÀº ¾Æ´Ï°í, ¹Ý´ë·Î ¾ÈÀüÇÑ °Íµµ ¾Æ´Ï´Ù. ¿À´Ã³¯ °°ÀÌ PC ¿¬»ê±â´ÉÀÌ ÁÁÀº °æ¿ì 1024ºñÆ® ¾ÏÈ£¸¦ ºü¸¥ ½Ã°£³»¿¡ Ç® ¼ö ÀÖ´Ù´Â °ÍÀÓ. ±×·¡¼ 2048ºñÆ®¸¦ ±ÇÀå)
$ openssl s_client -connect ¼¹ö:433 - cipher EDH
2) apache ¼³Á¤
$ openssl dhparam -out dhparam.pem 2048
»ý¼ºµÈ DH parameter¸¦ SSLCertificateFile ¿¡ ÀûÈù ÆÄÀÏ ¸ÇµÚ¿¡ ºÙÀδÙ.
cat dhparam.pem >> /path/to/sslcertfile
±×·±µ¥, apache 2.4.7ÀÌÀü ¹öÀüÀº DH parameter°¡ Ç×»ó 1024ºñÆ®·Î ¼ÂÆõǾî ÀÖ°í, »ç¿ëÀÚ°¡ À̸¦ ¹Ù²Ü ¼ö ¾ø´Ù.
RHEL 6(CentOS 6)ÀÇ apache 2.2¹öÀüÀº 2.4.7°ÍÀ» ¹éÆ÷ÆÃÇؼ ¼ÂÆÃÀÌ °¡´ÉÇÏ´Ù.
3) nginx ¼³Á¤
$ openssl dhparam -out dhparam.pem 2048
nginx.conf¿¡ ´ÙÀ½ Ãß°¡
ssl_dhparam /path/to/dhparam.pem;
|
ÀÚ¼¼ÇÑ Á¤º¸´Â ´ÙÀ½ ±ÛÀ».
https://www.openssl.org/blog/blog/2015/05/20/logjam-freak-upcoming-changes/
http://www.openssl.org/news/secadv_20150611.txt
https://access.redhat.com/ko/articles/1480443 (ÇѱÛ)
À¥¼¹ö ¼³Á¤°ú °ü·Ã¿¡¼´Â Guide to Deploying Diffie-Hellman for TLS ( https://weakdh.org/sysadmin.html )±ÛÀÌ °¡Àå Á¤¸®°¡ Àß µÈ °Í °°´Ù.
2. OpenSSL FREAK Ãë¾àÁ¡ (2015.3.)
°ú°Å ¹Ì±¹Àº ¾ÏÈ£È ±â¼ú¿¡ ´ëÇØ ÇØ¿Ü ¼öÃâÀ» Á¦ÇÑÇß´Ù. ±×·¡¼ ÇØ¿Ü¿¡ ¾ÏÈ£È ±â¼úÀ» ¼öÃâÇÏ·Á¸é ³·Àº ¼öÁØÀÎ 512ºñÆ® ¾ÏÈ£È(RSA EXPORT)¸¸ »ç¿ëÇÒ ¼ö ÀÖ¾ú´Ù. ÀÌÈÄ 2000³â¿¡ ¹Ì±¹Àº ÀÌ ¼öÃâÁ¦ÇÑÀ» ¾ø¾Ý´Ù.
ÇöÀç´Â 2048ºñÆ® ÀÌ»óÀÇ ¾ÏÈ£È Å°¸¦ ¸¹ÀÌ »ç¿ëÇÑ´Ù. ±×·±µ¥, ¼öÃâÁ¦ÇÑÀÌ ¾ø¾îÁøÁö 10¿©³âÀÌ Áö³µ´Âµ¥µµ OpenSSL¿¡ ¼öÃâµî±Þ ¾ÏÈ£È ±â´ÉÀÌ ±×´ë·Î ³²¾ÆÀÖ¾ú´Ù. FREAK(Factoring attack on RSA-EXPORT Keys)¶ó°í ºÒ¸®´Â Ãë¾àÁ¡Àº °ø°ÝÀÚ°¡ 512ºñÆ®ÀÇ ³·Àº ¼öÁØÀÇ ¼öÃâµî±Þ ¾ÏÈ£¸¦ ¿äûÇÒ ¼ö°¡ ÀÖ´Ù.
OpenSSL 1.0.1 : ÆÐÄ¡µÈ ¹öÀü 1.0.1k
OpenSSL 1.0.0 : ÆÐÄ¡µÈ ¹öÀü 1.0.0p
OpenSSL 0.9.8 : ÆÐÄ¡µÈ ¹öÀü 0.9.8zd
Àοë: |
1) Ãë¾àÁ¡ ¿©ºÎ È®ÀÎÇϱâ
$ openssl s_client -connect ¼¹ö:433 - cipher EXPORT
2) apache ¼³Á¤ : SSLCipherSuite ¿¡ !EXP ¶Ç´Â !EXPORT¸¦ Ãß°¡ÇÑ´Ù.
(¿¹) SSLCipherSuite HIGH:!aNULL:!MD5:!EXP
3) nginx ¼³Á¤ : !EXPORT¸¦ Ãß°¡ÇÑ´Ù.
(¿¹) ssl_ciphers HIGH:!aNULL:!MD5:!EXPORT;
|
3. OpenSSL POODLE Ãë¾àÁ¡ (SSLv3 Ãë¾àÁ¡, 2014.10.)
POODLE(Padding Oracle On Downgraded Legacy Encryption)À̶ó°í ºÒ¸®´Â Ãë¾àÁ¡Àº SSL 3.0 ¹öÀü¿¡ Á¸ÀçÇÏ´Â Ãë¾àÁ¡ÀÌ´Ù. °ø°ÝÀÚ°¡ Æеù ¿À¶óŬ °ø°Ý(ÀÌ°Ô ¹ºÁö ¸ð¸§)À» ÇÏ¿© ¾ÏÈ£È Åë½ÅÀ» Çص¶ÇÒ ¼ö ÀÖ´Ù.
Poodle Ãë¾àÁ¡Àº ÇÁ·ÎÅäÄÝ ÀÚü °áÇÔÀÌ ¾Æ´Ï¶ó ±¸Çö»óÀÇ ¹®Á¦¿©¼ ÆÐÄ¡°¡ ¾Æ´Ñ ¼³Á¤ º¯°æÀ¸·Î ÇØ°áÇÑ´Ù. SSL v3¸¸ ÇØ´çµÇ°í TLSÀº Ãë¾àÇÏÁö ¾Ê´Ù. µû¶ó¼ SSL v3¸¦ »ç¿ëÇÏÁö ¾Êµµ·Ï ¼³Á¤ÇØÁÖ¸é µÈ´Ù.
Àοë: |
1) Ãë¾àÁ¡ ¿©ºÎ È®ÀÎÇϱâ
$ openssl s_client -connect ¼¹ö:443 -ssl2 (-ssl2 ¿É¼ÇÀº Áö¿øÇÏÁö ¾ÊÀ» ¼ö ÀÖÀ½)
$ openssl s_client -connect ¼¹ö:443 -ssl3
2) apache ¼³Á¤ : SSLProtocol¿¡¼ -SSLv3¸¦ Ãß°¡ÇÑ´Ù.
(¿¹) SSLProtocol all -SSLv2 -SSLv3
3) nginx ¼³Á¤ : TLS¸¸ Çã¿ë
(¿¹) ssl_protocols TLSv1.2 TLSv1.1 TLSv1;
|
ÀÚ¼¼ÇÑ Á¤º¸´Â ´ÙÀ½ ±ÛÀ».
https://access.redhat.com/ko/node/1256013 (ÇѱÛ)
4. OpenSSL Heartbleed Ãë¾àÁ¡ (2014.4.)
OpenSSL 1.0.1¹öÀü¿¡ TLS heartbeat Ãë¾àÁ¡(Àϸí Heartbleed Bug¶ó°í ºÎ¸§. CVE-2014-0160, openssl: information disclosure in handling of TLS heartbeat extension packets)ÀÌ ÀÖ´Ù. °ø°ÝÀÚ°¡ https¼¹öÀÇ ¸Þ¸ð¸® 64KB µ¥ÀÌÅ͸¦ º¼ ¼ö ÀÖ´Ù. ¸Þ¸ð¸®¿¡´Â https¼¹ö¿Í À¯Àú°£¿¡ ÁÖ°í ¹ÞÀº µ¥ÀÌÅ͵é(ID/PW, ... µîÀÇ Á¤º¸)ÀÌ Àִµ¥, °ø°ÝÀÚ´Â plain textÇüÅ·Πº¼ ¼ö ÀÖ´Ù. ±×¸®°í,SSL °³ÀÎÅ°¸¦ ¾òÀ» ¼ö.
ÀÚ¼¼ÇÑ Á¤º¸´Â ´ÙÀ½ ±ÛÀ».
http://coffeenix.net/bbs/viewtopic.php?t=8239
------------------------------------------------------------------------------------------------------------
5. openssl ¸í·ÉÀ¸·Î °£´ÜÈ÷ Ãë¾àÁ¡ ¿©ºÎ üũ
¡Ø Âü°í : openssl·Î ÀÎÁõ¼ Á¤º¸ »ìÆ캸±â (2008.12.)
1-1) SSLv3°¡ Çã¿ëµÈ °æ¿ì
ÄÚµå: |
$ openssl s_client -connect ¼¹ö:443 -ssl3
CONNECTED(00000003)
depth=1 C = IL, O = StartCom Ltd., OU = Secure Digital Certificate Signing, CN = StartCom Class 1 Primary Intermediate Server CA
verify error:num=20:unable to get local issuer certificate
verify return:0
---
Certificate chain
...»ý·«...
SSL-Session:
Protocol : SSLv3
Cipher : DHE-RSA-AES256-SHA <-- SSLv3 Áö¿øÇÏ´Â °æ¿ì.
|
1-2) SSLv3°¡ Çã¿ëµÇÁö ¾ÊÀº °æ¿ì (¾ÈÀü)
ÄÚµå: |
$ openssl s_client -connect ¼¹ö:443 -ssl3
CONNECTED(00000003)
140289569347264:error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure:s3_pkt.c:1256:SSL alert number 40
140289569347264:error:1409E0E5:SSL routines:SSL3_WRITE_BYTES:ssl handshake failure:s3_pkt.c:596:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 7 bytes and written 0 bytes
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
SSL-Session:
Protocol : SSLv3
Cipher : 0000 <-- SSLv3 Áö¿øÇÏÁö ¾ÊÀ½.
|
2-1) ¼öÃâ¿ë ¾ÏȣȰ¡ Çã¿ëµÈ °æ¿ì (ÀÎÁõ¼ Á¤º¸°¡ Ç¥½ÃµÊ. º¸¾È»ó Ãë¾à)
ÄÚµå: |
$ openssl s_client -connect ¼¹ö:443 -cipher EXPORT
CONNECTED(00000003)
depth=2 C = US, O = "VeriSign, Inc.", OU = VeriSign Trust Network, ... »ý·« ...
verify error:num=20:unable to get local issuer certificate
verify return:0
---
Certificate chain
...»ý·«...
SSL handshake has read 4798 bytes and written 201 bytes
|
2-3) ¼öÃâ¿ë ¾ÏȣȰ¡ Çã¿ëµÇÁö ¾Ê´Â °æ¿ì (¾ÈÀü)
ÄÚµå: |
$ openssl s_client -connect ¼¹ö:443 -cipher EXPORT
CONNECTED(00000003)
139768004437696:error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure:s23_clnt.c:741:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 7 bytes and written 75 bytes
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
---
|
3-1) logjam¿¡ Ãë¾àÇÑ °æ¿ì (¹Ýµå½Ã openssl 1.0.2 client·Î Å×½ºÆ®ÇØ¾ß Server Temp Key: °ªÀ» È®ÀÎÇÒ ¼ö ÀÖ´Ù)
ÄÚµå: |
$ openssl s_client -connect ¼¹ö:443 -cipher EDH
... »ý·« ...
Server Temp Key: DH, 1024 bits <--- 1024ºñÆ®À̰ųª ³·´Ù¸é 2048ºñÆ® DH parameter¸¦ »ç¿ëÇϵµ·Ï ¼ÂÆÃÇÑ´Ù.
SSL-Session:
Protocol : TLSv1
Cipher : DHE-RSA-AES256-SHA
... »ý·« ...
|
3-2) logjam Ãë¾àÁ¡¿¡ ¾ÈÀüÇÑ °æ¿ì
ÄÚµå: |
$ openssl s_client -connect ¼¹ö:443 -cipher EDH
CONNECTED(00000003)
139828320765632:error:14077410:SSL routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake failure:s23_clnt.c:769:
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 7 bytes and written 145 bytes
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
---
|
|
|
À§·Î |
|
|
|
|
»õ·Î¿î ÁÖÁ¦¸¦ ¿Ã¸± ¼ö ÀÖ½À´Ï´Ù ´ä±ÛÀ» ¿Ã¸± ¼ö ÀÖ½À´Ï´Ù ÁÖÁ¦¸¦ ¼öÁ¤ÇÒ ¼ö ¾ø½À´Ï´Ù ¿Ã¸° ±ÛÀ» »èÁ¦ÇÒ ¼ö ¾ø½À´Ï´Ù ÅõÇ¥¸¦ ÇÒ ¼ö ¾ø½À´Ï´Ù
|
Powered by phpBB © 2001, 2005 phpBB Group
|