Re: SSLKEYLOGFILE always enabled

Wed, 16 Jul 2014 15:39:07 -0700 

On 07/16/2014 07:31 AM, Jonathan Schulze-Hewett wrote:

Does having this enabled violate the FIPS 140 requirements on exposing key 
materials in the clear?



No, because the key logging fails if you are in FIPS mode (It used the 
PK11_ExtractKeyValue() to get the key, which will return an error in 
FIPS mode.



In general, it's pretty difficult for anything in the SSL layer to 
actually foil FIPS because FIPS is implemented in softoken itself.


bob


Sincerely,
Jonathan


-----Original Message-----
From: dev-tech-crypto 
[mailto:dev-tech-crypto-bounces+schulze-hewett=infoseccorp....@lists.mozilla.org]
 On Behalf Of Ryan Sleevi
Sent: Tuesday, July 15, 2014 6:12 PM
To: mozilla's crypto code discussion list
Subject: Re: SSLKEYLOGFILE always enabled

On Tue, July 15, 2014 1:11 pm, Tom Ritter wrote:

  Is having it in by default useful enough to outweigh the risk?

  When the Dual_EC_DRBG news stories were blowing it, it was revealed
  that you could switch to it by just changing the Windows Registry.
  It's a Windows-supported backdoor - no malicious code needs to stay
  running on your system - just flip that bit, and delete yourself.
  After that, you're all set.

  Similarly, having this feature provided by default seems like it
  provides a very easy, supported way to extract sensitive key data to
  the filesystem or some other covert channel - without invalidating
  package signatures, hashes of libraries or binaries, etc.

  Don't get me wrong, it's invaluable to be able to use it for
  debugging, but I question to need to have it enabled by default...

  -tom

Either you control your machine, or you do not. Either the OS provides
robust controls, or it does not.

If an attacker has physical access to your machine and can set this, or if
an attacker can control your operating environment such that the
environment variable is set, it's all over. This is no different than
malware hijacking your browser of choice and hooking the API calls - which
we do see for both Firefox and Chrome.

Now, we can talk about grades of attacks, and finer nuances, but for a
debug bit that has to be set client side, it really seems a no-op, and for
which common sense would suggest is not a reasonable threat model.







Attachment:
smime.p7s

Description: S/MIME Cryptographic Signature


-- 
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto





















					Reply via email to