Nov 062013
 

Public Key cryptography solves one of the main problems with strong cryptography. How do you securely share the encryption/decryption key? If you have a secure channel for doing that, then why not use the same channel to send your plaintext message?

Public Key cryptography uses one key to encrypt and a different key to decrypt. This means you can share your Public Key with the world and anyone can use it to encrypt a message to you, but you are the only person with access to the Private Key to decrypt the message. Clever stuff!

This allows all sorts of exciting things – encryption, signing, non-repudiation and more.

But how does the maths behind this work? I’ve written a worked example below which shows a simplified version of how RSA encryption works. I’ve used small numbers so that you can follow along with a calculator, or a pencil and paper if you are cleverer than me!

Choose two random (large) prime numbers, p and q:
p = 13
q = 7

Multiply the numbers together to get the modulus, N, (the maximum value we can encrypt).
N = pq = 13*7 = 91  This is known as a trapdoor function – it’s easy to work out N if you know pq but very difficult to discover p and q if you only know N (for bigger numbers than we are using here)

Choose a public key, e.
e = 5 (generally chosen from {3, 5, 17, 257, 65537} which are also prime numbers)

To compute the associated private key, you need to know the two prime numbers (p and q). First compute φ (phi)
φ = (p-1)(q-1) =(13-1)(7-1) = 12*6 = 72

Then compute the private key, d.
d = (1/e) mod φ  or, written differently,  ed = 1 mod φ

In English, this means “find a whole number, d, which, when multiplied by ‘e’ and then divided by ‘φ’, leaves a remainder of 1″ – there will be multiple values which are suitable.

Substituting the known values, we get
5d = 1 mod 72,  so d = 29  (because 5*29/72 = 2 remainder 1) or 461 (because 5*461/72 = 32 remainder 1) or 7373(because 5*7373/72 = 512 remainder 1) or other, larger, numbers…

We’ll choose the smallest number ’29’ here to make the calculations later a bit easier.

We now have all the required parts to encrypt and decrypt a message.

The public key which you share with the world is (N, e) = (N = 91, e =5)
The private key which is known only to you is (N, d) = (N = 91, d = 29)
The key pair is written ((N,e), d) – in our case ((91, 5), 29)

Before we can encrypt a message, we need to convert the message from letters to numbers. Lets use the standard Unicode Transformation Format 8-bit (UTF-8) encoding where each letter is represented by a number:

A = 65 G = 71 M = 77 S = 83 Y = 89
B = 66 H = 72 N = 78 T = 84 Z = 90
C = 67 I = 73 O = 79 U = 85
D = 68 J = 74 P = 80 V = 86
E = 69 K = 75 Q = 81 W = 87
F = 70 L = 76 R = 82 X = 88

– a space would be represented by 32

So, the message “ATTACK” would be encoded as 65, 84, 84, 65, 67, 75

To encrypt the plaintext message, m, into cypertext, c
c = me mod N
(remember, ‘e’ and ‘N’ are both public information)

A would be 655 mod 91 = 1,160,290,625 mod 91 = 39 (1,160,290,625 / 91 = 12,750,446 remainder 39)
T would be 845 mod 91   = 4,182,119,424 mod 91 = 28
C would be 675 mod 91   = 1,350,125,107 mod 91 = 58
K would be 755 mod 91   = 2,373,046,875 mod 91 = 17

Our encrypted message is now 39, 28, 28, 39, 58, 17

to decrypt the cyphertext, c, back to the plaintext, m
m = cd mod N
(remember, ‘d’ is only known to us!)

39 would be 3929 mod 91 = 1.3831637670618865315545398098597e+46 mod 91 = 65
28 would be 2829 mod 91 = 9.2807464717109449615203639109421e+41 mod 91 = 84
58 would be 5829 mod 91 = 1.37851600677743110483676343403e+51 mod 91 = 67
17 would be 1729 mod 91 = 4.8196857210675091509141182522307e+35 mod 91 = 75

Tip:
3929 mod 91 is “the remainder when 39 multiplied by itself 29 times is divided by 91″ – The numbers when we worked this out above become enormous – we can keep the numbers smaller by dividing by 91 and keeping just the remainder as we go along. If we do this one step at a time, we get:
1: 39*39 = 1,521 – this is bigger than N (91) so we can divide by 91 to get 16 remainder 65 (just keep the remainder!)
2: 65*39 = 2,535 – we can divide by 91 to get 27 remainder 78
3: 78*39 = 3,042 – we can divide by 91 to get 33 remainder 39
…and so on…
27: 65*39 mod 91 = 78
28: 78*39 mod 91 = 39
29: 39*39 mod 91 = 65  <— the same answer we got by doing 3929 mod 91

Our decrypted message, then, is 65, 84, 84, 65, 67, 75 which decodes to ATTACK using the UTF-8 table!

Let me know in the comments below if this makes sense and is useful…

Oct 302013
 

Certutil is a really useful tool for administering various parts of a Microsoft CA, but not all the switches are documented – they don’t even show up when you do a ‘certutil -v -?’ to show the full help.

So far, I have found the following verbs and options – the verbs have documentation if you specify them on the command line e.g. ‘certutil -setsmtpinfo -v -?’ I have only included the ‘hidden’ verbs and options below – you can find the standard options by checking the certutil help.

If you have any other verbs and options I’ve missed, please let me know in the comments and I’ll add them to this page. If you have any clever ways of using certutil, please let me know – I’m always looking for better ways of doing things!

Note: Microsoft may have hidden these options for a reason – use them with care, and at your own risk! Microsoft probably won’t provide support if you hit problems!

Verbs:
setsmtpinfo
Usage:
CertUtil [Options] -setsmtpinfo LogonName
Set SMTP info
[-config Machine\CAName] [-p Password]

getsmtpinfo
Usage:
CertUtil [Options] -getsmtpinfo
Get SMTP info
[-config Machine\CAName]

7f
Usage:
CertUtil [Options] -7f CertFile
Check certificate for 0x7f length encodings

Class
Usage:
CertUtil [Options] -Class [ClassId | ProgId | DllName | *]
Display COM registry information
[-f]

CNGConfig
Usage:
CertUtil [Options] -CNGConfig
Display CNG Configuration
[-silent]

csptest
Usage:
CertUtil [Options] -csptest [Algorithm]
Test CSPs installed on this machine
[-user] [-silent] [-csp Provider]

csplist
Usage:
CertUtil [Options] -csplist [Algorithm]
List CSPs installed on this machine
[-user] [-silent] [-csp Provider]

delkey
Usage:
CertUtil [Options] -delkey KeyContainerName
Delete named key container
[-user] [-silent] [-csp Provider]

key
Usage:
CertUtil [Options] -key [KeyContainerName | -]
List key containers
[-user] [-silent] [-csp Provider]

SCDump
Usage:
CertUtil [Options] -SCDump [ReaderName]
Dump smart card file information
[-f] [-silent] [-split] [-p Password]

URL
Usage:
CertUtil [Options] -URL InFile | URL
Verify Certificate or CRL URLs
[-f] [-split]

SetCASites
Usage:
CertUtil [Options] -SetCASites [SiteName]
Set Site Names for CAs
[-f] [-silent] [-config Machine\CAName] [-dc DCName]

SetCATemplates
Usage:
CertUtil [Options] -SetCATemplates [+ | -]TemplateList
Set templates for CA

dsAddTemplate
Usage:
CertUtil [Options] -dsAddTemplate TemplateInfFile
Add DS Templates
[-dc DCName]

dsTemplate
Usage:
CertUtil [Options] -dsTemplate [Template]
Display DS Template Attributes
[-silent] [-dc DCName]

dsDeltaCRL
Usage:
CertUtil [Options] -dsDeltaCRL [FullDSDN] | [CRLIndex [OutFile]]
Display DS Delta CRLs
[-enterprise] [-user] [-config Machine\CAName] [-dc DCName]

dsCRL
Usage:
CertUtil [Options] -dsCRL [FullDSDN] | [CRLIndex [OutFile]]
Display DS CRLs
[-enterprise] [-user] [-config Machine\CAName] [-dc DCName]

dsCert
Usage:
CertUtil [Options] -dsCert [FullDSDN] | [CertId [OutFile]]
Display DS Certificates
[-enterprise] [-user] [-config Machine\CAName] [-dc DCName]

dsDel
Usage:
CertUtil [Options] -dsDel CN
Delete DS DNs
[-split] [-dc DCName]

ds
Usage:
CertUtil [Options] -ds [CN]
Display DS DNs
[-f] [-split] [-dc DCName]

getcert
Usage:
CertUtil [Options] -getcert [ObjectId | ERA | KRA [CommonName]]
Select a certificate from a selection UI
[-silent] [-split]

enumstore
Usage:
CertUtil [Options] -enumstore [\\MachineName]
Enumerate certificate stores
MachineName — remote machine name.
[-enterprise] [-user] [-GroupPolicy]

exportPFX
Usage:
CertUtil [Options] -exportPFX [CertificateStoreName] CertId PFXFile [Modifiers]
Export certificate and private key
CertificateStoreName — Certificate store name.  See -store.
CertId — Certificate or CRL match token.  See -store.
PFXFile — exported PFX data output file
Modifiers — Comma separated list of one or more of the following:
NoChain — Do not export the certificate chain
NoRoot — Do not export the root certificate
Defaults to personal machine store.
[-f] [-enterprise] [-user] [-GroupPolicy] [-split] [-p Password] [-t Timeout]

CAPropInfo
Usage:
CertUtil [Options] -CAPropInfo
Display CA Property Type Information
[-config Machine\CAName]

getconfig3
Usage:
CertUtil [Options] -getconfig3
Get configuration via ICertConfig

getconfig2
Usage:
CertUtil [Options] -getconfig2
Get default configuration string via ICertGetConfig

Options: (I can’t find any info about what these do – some experimentation will be required!)
-admin
-reverse
-oldpfx
-protect
-v1
-unicode
-nocrlf
-nocr
-idispatch

Sep 232013
 

What happens if an attacker compromises your root private key?

SSL certificates are used to authenticate clients and servers and to provide a means of securely sharing a secret key which is then used to encrypt communication between the server and client.

In order to do this, you have to have a level of trust in the body which issues the certificates; the Certification Authority or CA.

The way this works in practice is that you place the Root Certificate of the Certification Authority in your ‘Trusted Root Certification Authorities’ store on your computer. This says ‘I trust all certificates signed by the private key associated with this certificate’. Since the private key is only known by the Certification Authority, any certificate signed with the key must have been issued by the authority, and passed all the checks as defined in their CPS (Certification Practice Statement).

Once the infrastructure is in place, the flow is as follows:

SSL flow

Over complicated diagram showing keys and certificates.

  1. The client connects to the web server and requests a secure connection.
  2. The web server sends its certificate which includes a public key.
  3. The client verifies the certificate by checking the name matches the site name, that it has not expired (or been revoked) and that it is signed by a trusted authority.
  4. The client chooses a symmetric encryption key and encrypts it with the public key from the certificate. This is sent to the server
  5. The server decrypts the message with its private key. The browser and web server now share a symmetric key which is unknown to anyone else. This key is used to encrypt all communication for the rest of the session.

The security of the above transaction relies on the private key being stored securely by the web server. If someone had access to that key, they could decrypt the message containing the secret symmetric session key and therefor read all the encrypted messages which follow during that session. However, its unlikely that the owner of the web server would allow the key to leave the server. If an attacker managed to compromise the server to such an extent that he had access to the key, he would have full control of the server and would be able to access the communication anyway. If a government requested the key through legal means, they would be able to read all the communication but, again, they would get much more information by just requesting full access to the server.

So everything is nice and safe as long as the private key is kept secure. (There are, of course, other problems if, for example, there is malware on either end, but I’m ignoring that here).

So, what happens if someone gets access to the Certification Authority’s Private Key either by compromising their key store or by demanding it via legal channels?

Having the root private key would still not allow the attacker to intercept the symmetric key as it is encrypted using the public/private keypair generated by the web server, and the private key is still only known by the web server. It would, however, allow the attacker to create his own certificate and sign it with the Root CA private key. This would mean that it is trusted by the client computer and it would be very difficult to tell it apart from the genuine server certificate.

The attacker can now perform a ‘Man-in-the-middle’ (MITM) attack to capture all the traffic between the client and server. He does this by posing as the web server and authenticating with the client. The client now sends the symmetric key to the attacker encrypted with the attacker’s public key. The attacker decrypts the key and sets up a secure connection with the client. At the same time, the attacker connects to the genuine site and poses as the client. The attacker acts as a proxy between the client and server and can read both sides of the communication. Further, the attacker can change the information from either side. Say, for example, you think you are connected to your bank and you check your balance. The attacker can report the correct balance, but in the background could transfer all your money into his own account. If he needs any extra passwords, or a two-factor authentication, he can prompt you for those details and, if its convincing enough, you may be fooled into providing what he needs.

May 272013
 

I regularly connect to the Internet using free WiFi hotspots with my Nexus 7 tablet and, although most of the services I connect to use SSL to secure the connection, I felt it would be a good idea to have some extra protection in the form of a VPN.

A VPN, or Virtual Private Network, is a secure connection from your device to a proxy server which makes all your internet retests on your behalf. This means that anyone attempting to listen in on your connection to the WiFi access point will not be able to read any of your data, and won’t even be able to see what sites you are visiting (of course, you need to trust the VPN operator as they may have access to all your traffic!)

There are many VPNs to chose from, some free and some who charge. I decided to try Hotspot Shield which has Android, iOS and Windows versions. They offer a free service and a paid subscription – I decided to try the paid version which promises private browsing, malware protection, and data savings and only costs £0.69 / $0.99 per month.

The client installed with no problem on my Nexus 7 tablet and I was able to purchase the subscription via Google Play without any problem. The connection establishes quickly and seems stable (I found the free version dropped the connection regularly which had the unwanted side effect of leaving you connected to the internet insecurely with no warning). Browsing seems to be a bit quicker when connected to the VPN, and I have seen reports online that the data compression saves approximately 30% which seems about right to me.

The subscription should allow the client to be run on up to 5 devices but, unfortunately, my account code (which needs to be entered on each additional device) is not displayed when I choose the appropriate option from the menu.

I have installed the free version on my Motorola RAZR i phone (running Android 4.1.2) but I cannot get it to connect at all. I get an ‘error 1024′ popup which indicates a connection time out. I have submitted a support request to the Anchorfree team who produce Hotspot Shield and I will update the solution here as soon as I have one.

image

Main screen showing successful connection to the VPN

image

Screenshot showing the missing account code


image

Screenshot showing unprotected connection on phone


image

Screenshot showing connection error on phone

Update 2 July 2013, My Hotspot Shield reverted to the free version despite still having an active subscription. This meant that I no longer had malware protection, and I got adverts popping up when i started the VPN. My issue with not being able to use the subscription on multiple devices was never resolved. I contacted AnchorFree to query the new problem and the following day my subscription was mysteriously cancelled. I have had no response from AnchorFree. I have now uninstalled Hotspot Shield and cannot recommend it due to poor technical support and customer service. It’s a shame since the application actually seems to work well.

Jul 152012
 

I’m sure you’ve seen reports in the news recently of all the online services which have been hacked causing their users’ passwords to be exposed. Assuming the website has followed best practice and only stored password hashes, this shouldn’t be a big deal as it will take the hackers some time to decode the password and in that time you can log on and change your password. However, a lot of people will use the same password on multiple services. This means that, if a hacker gets access to one password, he may be able to log into lots of other services using your account.

The Security industry is constantly reminding people not to use the same password for multiple services, but this is an almost impossible task. I recently spent a couple of days tracking down all my online accounts and setting secure passwords on all of them – I found 78 different accounts – there is no way I could remember 78 unique passwords without some sort of reminder.

A few years ago I came up with one solution, but I think I now have a better one.

My original solution was to come up with a password which I would be able to remember – I used a line from a book, taking the first letter of each letter to make up the password.

For example, if I chose the line “It was a bright cold day in April, and the clocks were striking thirteen.”, my password would be IwabcdiA,atcws13. That’s not a bad starting point as it’s easily memorable, 17 characters long, it has upper and lower case letters, numbers and symbols. But, we now need some way to make it unique to each site.

I added the consonants from the site name to the middle of the password. For example, www.google.com would become “Ggl” and my password would be IwabcdiA,Gglatcws13. My twitter password would be IwabcdiA,Twttratcws13.The problem with this system is that an attacker who finds one of your passwords might recognise the string “Twttr” as being related to Twitter and be able to guess your other passwords.

I realised that it would be more secure to have completely unique passwords for every site, and tried to find a way of performing some sort of hashing algorithm on the domain name with and appended salt mentally to produce a unique password. It turns out this is pretty difficult to do. I came up with the following system which will allow you to work out your password with a pen and paper – I think this is better than having your passwords written down, and does not rely on having access to a password manager (although I have a solution to that too!)

Ok, bare with me – this gets a bit complicated, but after you have done it a couple of times it becomes easier.

I’m not a cryptographer, so I can’t vouch for this being at all secure, use it at your own risk. In my opinion, though, it must be more secure than using the same password in multiple places.

  1. Firstly, choose a secret number, say 5 numbers long. I’ll use 35187 as an example – this is used for every password
  2. Next, take the domain name – example.com
  3. Use RotX on each of the numbers where X is a digit of your secret number. RotX just means to count X letters through the alphabet from your starting letter. So, C Rot5 would become H (count in your head “C,d,e,f,g,H”) We will change our domain name e+3, x+5, a+1, m+8, p+7 (then repeat your number as necessary) l+3, e+5, .+1 (I’ll come back to the dot in a second), c+ 8, o+7, m+3
  4. We now have hcbuwoj.kvp
  5. Where there is punctuation, count the number of characters before the symbol and use [shift]+number to create a symbol. In this case, hcbuwoj has 7 characters, and [shift]+7 gives an & symbol.
  6. We now have hcbuwoj&kvp
  7. Transpose (swap) each pair of characters – this becomes chubow&jvkp
  8. Capitalise all characters which are on the left side of the keyboard – this becomes ChuBoW&jkp
  9. Before each group of capital letters, enter the number of preceding lower case letters – we now have 0Chu2Bo1W&jkp
  10. Before each number insert [shift]+[n+1], that is, increase the number by one and insert the symbol which you get by typing shift and the number. On a UK keyboard, this gives !0Chu£2Bo”1W&jkp which is your final password.

You can, of course, come up with your own set of steps and customise to suit your own taste. The idea is to come up with a password which looks as random as possible and does not obviously relate to the original domain name.

This system may be useful where you are travelling across borders and do not want to transport passwords which could be intercepted by the authorities.

You can make some changes to the above steps to speed up the generation process – for example step 8 can be done at the same time as step 3.

Do you have any better systems, or see any holes in the system? Let me know in the comments!

Jul 132012
 

Recently, there has been a spate of websites being hacked and passwords being exposed.

Although I do use unique passwords on all sites they all followed a rule which meant that, if one password was exposed, it wouldn’t take a genius to work out the others. I know that a lot of people use the same password for multiple online accounts. And who can blame them, I have found I have 59 different accounts (that I know of!) – who can remember that many unique passwords?

I decided it was time to come up with a better system. I wasn’t interested storing the passwords on my computer as I wouldn’t have access to them on my phone, or at work, or if I was using a friend’s computer.

I considered writing them down and carrying them in my wallet as has been suggested previously by Bruce Schneier, but I didn’t want to face the mad dash to change my passwords if I ever lost my wallet.

I came up with a system which will give you a secure(?) password for every site, but it has drawbacks. I may post the method later.

I did some research and found that it is possible to use a password manager and share the database via Dropbox which makes it available on all your computers and on your mobile phone. Problem solved!

Here are the steps you will need to follow to set it up for yourself.

  • Sign up for a Dropbox account and install the client on your desktop computer. If you use this link, we both get some extra free space and I will be forever thankful to you Smilehttp://db.tt/4Db0HSpj
  • Download KeePass from http://keepass.info/download.html It is available for Windows, Mac and Linux. I suggest you download the Classic Edition rather than the Professional Edition as it will allow you to write passwords on your mobile (The professional edition will only allow read access from your phone)
  • Install KeePass, following the wizard and run it when complete.
  • Create a new database in KeePass by choosing File > New
  • Choose a strong password as the master password – this will be the only password you need to remember.
  • Repeat the password when prompted.
  • You should now see the main KeePass window with categories under which you can save passwords.
  • See the excellent Keepass FAQ for details on how to enter and generate secure passwords (it’s easy)

image

  • Save the database to your local Dropbox folder.

image

  • Close the desktop client.
  • Download the Dropbox app for your phone and install it – enter the details you used when signing up for your dropbox account.
  • Download the appropriate client for your mobile phone. I use Android, so downloaded KeePassDroid.
  • Open the mobile Dropbox client and you should see the .kdb – click on it and it will open in KeePass.
  • Enter the secure password you set up earlier and click ‘OK’
  • You will now see the General group – click on it and you will see the same sub-groups which you saw in the desktop client. Once you have stored your passwords, you will be able to access them under the appropriate group.

So, now all my passwords are secure, how do I use them on my phone?

  • Open the General group, then the Internet sub-group – you will see all your website logins.
  • Click the site you want to access.
  • In the notifications bar at the top of the screen, you will see two new entries with padlock symbols next to them: Copy username to clipboard and Copy password to clipboard
  • Click the URL of the site and navigate to the login screen
  • Choose ‘Copy username to clipboard’ from your notification area and paste it into the Username field on the Website
  • Choose ‘Copy password to clipboard’ from your notification area and paste it into the Password field on the Website
  • Click ‘Login’ – you are in the site without having to memorise your password!

Now, go and change all your passwords choosing secure, unique passwords and store them in your password manager. If a hacker gets one of your passwords, your other accounts will still be safe, and if you choose complex enough passwords, the hacker may not even be able to get your password at all if they are stored as hashes by the website.

If you’ve found this useful, please sign up to Dropbox using my link so we both get some extra free space! Thanks!

Feb 262012
 

What is an SSL certificate?
At its most basic level, an SSL certificate is used to encrypt electronic communication, to authenticate users or devices, and to sign electronic communication. There are various types of SSL certificate – Web Server certificates, Email certificates, code signing certificates etc.
Here, I will describe the process of creating a new SSL certificate for use on a website as this is the most common use for certificates. At some point, I may write further guides describing different types too.

What are the components of an SSL certificate?
SSL certificates contain a number of pieces of information:
Subject – the name of the entity being identified by the certificate.
Private key – never seen by the client.
Public key – associated with the private key.
Issuer – the name of the Certification Authority who has signed the certificate.
Serial number – a unique identifier for the certificate
Validity period – the start and end dates between which the certificate can be considered valid.
Usage – a description of what the associated public/private  key pair can be used for.
Digital Signature – the signature of the issuer.

The certificate uses Public Key cryptography to encrypt, sign and authenticate.
The private key is known only to the owner of the certificate. A piece of information encrypted with this key can only be decrypted by the associated public key.

How do we communicate securely?
Let’s assume a situation where I want to communicate securely with you. I make a connection to your web server and request your certificate. Your server supplies the certificate which contains your public key. I generate a master key which we will both use to encrypt our communication. I encrypt the master key with your public key and send it to you. You are the only person who can decrypt the master key as you are the only person who knows your private key.

We have now securely exchanged a master key without anyone else being able to know it and can communicate securely.

What is signing?
In the same way you can sign a letter to ‘prove’ that it was written by you (assuming no one is capable of forging your signature), you can digitally sign an electronic communication to prove it was created by you – this also confirms that the content has not been changed since you signed it (and means you can’t deny the document was created by you)
When you digitally sign a document, you hash the content and encrypt the hash value with your private key. This is then sent with your certificate and the document. When I receive the signed document, I can decrypt the hash using your public key from the certificate. I then hash the document myself and confirm the two hashes match.

But, how do I know you are you?
Communicating securely is fine, but how do I know you are who you claim to be and not someone pretending to be you?
Public Key Cryptography to the rescue again!
When you create a certificate, you can have it signed by a Certification Authority (CA) – they will do some checks to confirm your identity; generally by doing a WHOIS search against your domain name and verifying your name and address.
Once they have established that you own the domain for which you are creating the certificate, they will digitally sign the certificate for you. This means they are vouching for your identity.
Every web browser comes with a list of CAs which it trusts – there are hundreds of them. When I receive your certificate, I check who it was issued by. If it was issued by a CA which I trust, I am able to confirm that it is signed by them and I know that I can trust the certificate.

Great, how do I create a web certificate then?
The high level steps to create a certificate signed by a CA are:
Create a public/private key pair.
Send the public key and certificate info to a trusted CA
The CA creates and signs a certificate which contains your domain name and private key.
You install the certificate on your web sever where it is associated with the private key.

Creating the key pair.
I will use the Microsoft IIS web sever as an example because I am most familiar with it. Other web severs use similar steps.
IIS has a wizard to step you through creating a certificate…
In IIS, right-click on your website and choose ‘properties’.
On the Directory Security tab, click the Server Certificate button this will open the wizard.
Choose ‘Create a new certificate’ then ‘Prepare the request now, but send it later’.
Enter the details as you are prompted for them and, at the end, save the certificate request somewhere you can find it.

You have now created the keypair and prepared a Certificate Signing Request (CSR) ready to submit to your favorite Certification Authority.
The CSR is a block of text which is uploaded to the CA as part of the enrolment process. Once enrolment is complete, the CA will provide you with your new certificate – either as some text displayed on screen or as a file in an email. Either way, it should be saved as a file on your web server.

Installing to certificate
Back in the certificate wizard in IIS, choose ‘Process the pending request’
Choose the file supplied by your CA and follow the wizard to install your certificate.

The certificate should now be served when you visit the website in your browser on port 443. (https://)
You should probably make a secure backup of the certificate now by exporting it from the certificates snap-in.

For Apache servers, the CSR is created using the OpenSSL software – there are plenty of guides online.

 

If you have found this article useful, please consider purchasing an SSL certificate from Godaddy using my affiliate link – http://x.co/lesault – It will help me keep the site online! Thanks.

Enhanced by Zemanta
Dec 152011
 
P2E safe

Burg Wächter P2E safe

I have recently purchased a free-standing home safe from Burg Wächter (sometimes spelt Burg Waechter). The Pointsafe range comes in four sizes P1, P2, P3 and P4 and is available with an electronic pad lock or a key. I bought the electronic P2E version. The electronic version comes with two ‘override’ keys in case you forget the combination. Remember to store these keys securely, but not in your safe!

The safe is rated for £1000 cash or £10000 jewellery, so is not a high security safe but sounds about right for the things I would store in a home safe (passport and other documents, a small amount of emergency cash and a backup of my photographs on disk). The P2E version has single skinned walls (3.5mm steel) and a double skinned door. There is an internal metal shelf, and the floor is felt-lined. The back and floor each have two holes for fixing the safe to a wall or floor with the supplied bolts, plastic blanking cover the holes at the back.  The door seems solid, with two locking bolts which extend 16mm when locked. The door hinge is visible at the bottom of the door – this may be a weakness. The external dimensions of the safe are 255(h)x350(w)x300(d), internally they are 248(h)x343(w)x241(d). The volume is 20.5l and the safe weighs 16.5Kg. The safe is large enough for A4 paper with a little room to spare, but you will have to bend it to fit it through the door.

The keypad is responsive and makes a quiet beep when you press the buttons. The single line LCD display is not backlit so can be difficult to read, but you really don’t need to read it when opening or closing the safe. When not in use, the display shows the current time.

The bolts are driven by an internal motor rather than by turning a handle on the front – this should make the safe less susceptible to opening by ‘bumping’. After entering the correct code, the spring-loaded door swings open automatically.

The batteries (4xAA) are accessible from the outside of the safe, and the emergency keyhole is located behind them. The keys are four-sided cruciform keys which make the lock harder to pick and the keys harder to duplicate than a standard or tubular key.

The safe comes with the batteries, keys and two fixing bolts hidden in the packaging – be careful you don’t throw them out!

The electronic lock has two codes – the user code (1-6 digits) which you would use day to day for opening the safe and a master code (8 digits) which should be stored safely to allow the safe to be opened if the user code is forgotten (again, don’t store this in the safe!) The safe can also be set into ‘hotel mode’ which means a new user code needs to be entered in order to lock the safe if it is left open for more than 5 minutes.

The default user code is 168 and default master code is 12345678 – these should both be changed as soon as possible.

Overall, this seems to be a reasonable home safe which does not have many of the common security problems often seen in cheaper safes.

The user manual(pdf) is available on the Burg-Wächter website.

Enhanced by Zemanta
Aug 292010
 
Rusty Padlock

Padlock by Ralph Aichinger

Certification Authorities (CAs) offer two types of SSL certificate, one type includes Server Gate Cryptography (SGC) and is often promoted as a premium, or high security option and is charged at a much higher price than the non-SGC equivalent. So, it should be a no-brainer that you should buy the best, most expensive certificate you can afford to ensure the security of traffic with your website, shouldn’t it?

Well, no.

Until late 1999, the United States were imposing restrictions on the export of strong cryptography which resulted in ‘export versions’ of Internet Explorer, Netscape and other web browsers which did not enable high encryption by default. Instead, browsing SSL sites with an ‘export version’ browser resulted in a connection which was encrypted with 40 or 56-bit encryption. A non-export version would negotiate 128-bit encryption. To allow very sensitive sites to step-up the encryption to 128-bit even on an export version browser, special certificates were issued to authorised sites, for example government sites and financial institutions, which would unlock the high encryption functionality and allow 128-bit secure connections.
By 2000, the export restrictions were dropped and the international browser versions began supporting 128-bit encryption by default. At the same time, SGC certificates were offered to anyone who wanted them to allow older export browsers to use high encryption.

For a few years after 2000, it made sense to use an SGC enabled certificate if you wanted to ensure everyone could access your site securely and it was worth paying a premium to ensure that your site was available to the maximum number of customers. Now, though, there are many fewer users with the old browsers, so you won’t affect as many customers by removing the SGC capability.

But, it can’t hurt to use an SGC certificate, can it?

Well, yes.

These old browsers (e.g. Internet Explorer 4.01 to 5.01, Netscape 4.07 to 4.72) are over 10 years old now, they have not received security updates or patches since 2000. The security patches which have been released for more modern browsers in the past ten years help to protect the system against keyloggers, viruses and other malware which can intercept data on the client, even if it is transmitted across the network securely encrypted. This means that the connection which is assumed to be secure by the user probably isn’t, and malware in the browser could potentially be carrying out unauthorised transactions on your server using the client’s credentials. Worse still, the malware could hide the fraudulent transactions from the user so he never sees evidence of a problem.

Updating these browsers to modern, secure versions is free and simple. High-encryption packs are available from Microsoft for older operating systems – Windows 95, Windows 98, Windows NT and Windows 2000, and a huge variety of secure browsers are available for free download.

So, how many customers are likely to be unable to access my site when I move to non-SGC certificates?

In an Entrust Whitepaper on the subject from July 2009, the estimate is that 0.07% of browsers on the Internet would be affected, less than 1 in a thousand, and this number is likely to be even lower now.

This small percentage of users who will be unable to connect to your site are unlikely to be surprised as more and more of the Internet will be becoming unavailable to them every day as other sites move away from these outdated certificates. It really is time they dragged themselves into the 21st Century and spent 5 minutes upgrading their browsers to ensure their connection is secure. By making sites unavailable to them, you are doing your customers a favour by encouraging them to upgrade, and are helping to protect your other customers by making it harder for malware to get a foothold on your server.

There is one very important change you need to make to your server though, ensure that weak encryption is not supported otherwise these old browsers will negotiate 40 or 56-bit connections with your server!

Enhanced by Zemanta
Feb 032010
 

The Domain Renewal Group's bill-like letter

When I came home from work, an official looking envelope from the ‘Domain Renewal Group’ was waiting for me. Inside was an equally official looking letter which I initially thought was a bill. It turns out it is just a marketing letter posing as a renewal notice for one of my domains.

It seems they look at the WHOIS records for domains which are expiring soon and send out these letters in the hope someone will think it is a bill and give them a cheque or credit card number. They expect me to pay £20 to renew my domain and make them my new registrar, this is vastly more expensive than renewing with my current registrar which would cost only £5.46 for a year.

I think this is a deliberately deceiving letter designed to look like a bill in the hope that it will just be paid and forgotten – many people with websites don’t really understand the roles of registrar, hosting company etc. and this will just confuse them further.

In short, if you’re happy with your current registrar, don’t bother changing. If you do decide to change, don’t be forced into it by someone sending you direct marketing letters.