certificates for authenticity, authentification or both

03.05.2023 Certificates for authenticity, authentification or both? 1

Certificates for Authenticity,Authentification or both?

Wolfgang Voelker | Director Product [email protected]

Ruediger Kuegler | Security [email protected]

CertificatesSpeaker 3


What are Certificates?


Send

er

Sending a Signed Message

Data

Data

Signature

CalculateHash

CalculateSignature

PrivateKey

Data

Signature

CalculateHash

VerifySignature

PublicKey

Recip

ient

Yes No


The Challenge!

How do I know that the public key is genuine?


The Solution

Certificates(Public Key Certificate, X.509)

03.05.2023 6

A Certificate

Certificates for authenticity, authentification or both?

Confirms the owner of a public key Identity:

Person

Company

IT-system (i.e. server)

Signed by issuer Attributes

Certificate

Issued for:Common name (CN): Wolfgang Voelker

Company (O): WIBU-SYSTEMS AG

Business unit (OU): WOPS

Serial number: 1be10001000220613…

Public key: 0x15, 0x3c, 0xd0, 0x26, 0xd6, 0x71, 0xfa, 0xae, 0x20, 0xa6, 0x15, 0x58, 0xea, 0x3d, 0xdd, 0x36, 0x89, …

Issued by:Common name (CN): Root


..

Valid until: 31.12.2015


The next Challenge!

How do I know that the certificate is genuine?


The next Solution

The certificate is signed by the issuer.

(Validation through the public key of the issuer)


The… Challenge!

…?


The final Solution

I already know a root certificate from a certification authority.

(Root Certificate / Certificate Authority)


Examples of Root Certificates

03.05.2023 Zertifikate für Authentizität, Authentifizierung oder beides? 12

Certificate Hierarchy

Root Certificate

CN: Root

Certificate

CN: Inter 2

Certificate

CN: Wolfgang

Certificate

CN: Daniel

Certificate

CN: Marc

Certificate

CN: Christian

Certificate

CN: Ruediger

Certificate

CN: Stefan

Certificate

CN: Inter 1

Certificate

CN: Inter 3


Self-signed Certificates

Self-signed No Root-Certificate Usually not accepted

Users have to trust the certificate manually

Certificate

Issued for:Common name (CN): Ruediger Kuegler


Business unit (OU): Professional Services

Serial number: 1be10001000220613…

Public key: 0x15, 0x3c, 0xd0, 0x26, 0xd6, 0x71, 0xfa, 0xae, 0x20, 0xa6, 0x15, 0x58, 0xea, 0x3d, 0xdd, 0x36, 0x89, …

Issued by:Common Name (CN): Ruediger Kuegler


..

Valid until: 31.12.2015


Blacklists

CRL (Certificate Revocation List) Includes invalid certificates (certificate revocation) Online enquiry possible, Online Certificate Status Protocol (OCSP)


Use Cases


Use Cases

Server Certificates Client Certificates E-Mail Certificates / VPN Certificates OPC UA Certificates Authenticode Code integrity of software …


Server Certificates


Clie

nt

Server Certificate

ServerPrivate

Key

Serv

er

Root Certificate

CN: Root

https

Certificate

CN: wibu.com

Client verifies the identityof the server


Server Certificate – Secure Connection


Server Configuration…

SSLEngine onSSLCertificateKeyFile "c:/cert/my_private_key.pem"SSLCertificateFile "c:/cert/the_cert_I_got_from_verisign.crt"


… Server Configuration

SSLEngine on Activates SSL, SSL mode must be enabled

SSLCertificateKeyFile „c:/cert/my_private_key.pem“ Private Key

SSLCertificateFile „c:/cert/the_cert_I_got_from_verisign.crt “ Certificate


Client Certificates


Clie

nt

Client Certificate

ServerPrivate

Key

Serv

er

Root Certificate

CN: Root

https

Certificate

CN: wibu.com

Client verifies the identityof the server

ClientPrivate

Key

Certificate

CN: user

Root Certificate

CN: Wibu Root

Server verifies the identityof the client


Server Configuration for Client Certificates

SSLEngine onSSLCertificateKeyFile "c:/cert/my_private_key.pem"SSLCertificateFile "c:/cert/the_cert_I_got_from_verisign.crt"SSLCACertificateFile "c:/cert/my_own_ca_root_cert.crt"SSLVerifyClient requireSSLVerifyDepth 10SSLRequire %{SSL_CLIENT_S_DN_CN} eq "[email protected]"SSLOptions +StdEnvVars


… Server Configuration for the Client Certificate

SSLCACertificateFile „c:/cert/my_own_ca_root_cert.crt“ Certificate Authority (CA) for Client Certificates

SSLVerifyClient require Client Certificate required

SSLRequire %{SSL_CLIENT_S_DN_CN} eq [email protected] Example of a validation

SSLOptions +StdEnvVars Transmission of the parameters to PHP / Application


Issuance of a Client Certificate (recommended)

Client: Generate the key pair

Generate the Certificate Signing Request (CSR)

Send the CSR to a CA

CA / Server: Generate a certificate

Send the certificate to a client

Client: Import the certificate


Creation of a Client Certificate (easy)

CA / Server: Generate the key pair

Generate the certificate

Export the private key

Send certificate + private key to a client

Client: Import the certificate

Import the private key


Certificate / Private Key Storage


Saving Private Keys

File on the file system (PEM file with key) Certificate Storage

PKCS#11

Microsoft CSP (Crypto Service Provider)

Physical medium On a disk

In a token


PKCS#11 / Microsoft CSP

PKCS#11 Microsoft CSP

CmDongle

Internet ExplorerOutlookFirefox OpenVPN

My Application


Example with a Token: CSSI Middleware


Authenticode


Motivation: the Application

Signed Application


Started Application


Motivation: the Patch


Motivation: the Question

Is the application still runnig?


Started Application (with invalid signature)


Is the application still runnig?

The scary answer:

YES


Summary

Microsoft Windows starts any application Without signature

With valid signature

With invalid signature

On-board tools are not suitable for copy / integrity protection


Yes, but…

Yes, but…


Software Check

Signature validation Valid / Invalid?

Who has signed?

When was the application signed?

Reaction in case of invalid signature Exit (hiding the calls?)

„Wrong calculation“ !?


Started Application (with Authenticode check via API)


Started Application (Patched)


The Vulnerability

Own Software

WINTRUST.DLL


The Vulnerability

A well known and documented Windows API verifies the signature !? Attacks:

Patching WINTRUST.DLL

Hooking function with standard tools

Overwriting functions in the dll at runtime from the patched application


Overwrite at runtime

...fake[0] := $31;fake[1] := $C0;fake[2] := $C3;lib := LoadLibrary('WINTRUST.DLL');p := GetProcAddress(lib, 'WinVerifyTrust');VirtualProtect(p, 3, PAGE_EXECUTE_READWRITE, old);move(fake, p^, 3);VirtualProtect(p, 3, old, old);...


Started Application (Patched + Code Inject)


Conclusion: Authenticode

Certificates provide security only if the validation occurs in a trusted environment

Authenticode = Protect the user from viruses Authenticode ≠ Protection against piracy


Code Signature with AxProtector


Protection Suite

Wibu-Systems Protection Suite

Automatic Proctection(IP Protection)

Anti-Debug Methods

UsedCodeMeter Variant

IndividualEncryption of Functions

Integrity Protection(Tamper Protection)

Authenticity of Software(Secure Loader / Authenticity)

Java SEJava EE

EmbeddedOperating System

.NETPC (Windows,Linux, OS X)

CodeMeterRuntime

CodeMeterRuntime

CodeMeterRuntime

CodeMeter Embedded

CodeMeter Embedded

IxProtector

AxProtector

AxProtector .NET

AxProtector Java

AxProtector CmE

ExProtector


Functions of Protection Suite

Software authenticity (Secure Load) Prevention of the execution of non-validated software

Integrity Protection (Tamper Protection) Detection of changes (in memory!) and reaction

Automatic Protection (IP Protection) Protection against reverse engineering and piracy

Anti-Debug Methods Individual Encryption of Functions

Encryption at method level


AxProtector

Protected ApplicationCompiled Application

Header

AxEngine(Security Engine + Public Key)

AxProtector

EncryptedCode Section

EncryptedData Section

EncryptedResource Section

Header

Data Section

Resource Section

Code Section

Signature

Private KeyPublic Key


Self-Check

Executable

Signature

Check Signature

(Hash, Public Key, Signature)

Calculate Hash of the Executable

Error

Yes

No



Check of another Module

Executable Dynamic Link Library


Signature


Signature

exe - exe

exe - dll

dll - dll

dll - exe


AxProtector

[WIBU-SYSTEMS Control File]...

[Commandline]...-cav...

[CheckCodeIntegrity Dlls]Image1 = ShowHex.dll...

Check of other

modules

SelfCheck


ExProtector

ExProtector = Protection of executable files on embedded operating systems

Integration of the "AxEngine" as ExEngine in the loader of the operating system / boot loader

Use of signatures and certificates Rights Management: Who can sign the applications?


Usage of certificates within CodeMeter


Secure Firmware Update

There is a Wibu root certificate There are production certificates, derived from the root certificate Each CmDongle gets the public root key during production Firmware update is signed with a production certificate Old firmware checks the update (signature and certificate) before it applies

the new firmware into the CmDongle


CodeMeter Universal Firm Code

Licenses are signed by the vendor Licenses consist of a certificate and an encrypted part The license certificate can contain an authorization for license transfer In case of transfer, the original certificate is sent through and a new

certificate of the issuing CmContainer is generated With CodeMeter, everything is done transparently in the background

Deutschland: +49-721-931720

USA: +1-425-7756900

China: +86-21-55661790

http://www.wibu.com

[email protected]

Germany: +49-721-931720

USA: +1-425-7756900

China: +86-21-55661790

http://www.wibu.com

[email protected]


Thank you for your attentionVielen Dank für Ihre Aufmerksamkeit