[GTALUG] Decrypting and Re-encrypting Network Traffic

[Mike]

On Tue, Sep 10, 2019 at 5:09 PM Giles Orr via talk <talk at gtalug.org> wrote:
>
> Decrypting and re-encrypting network traffic is becoming more and more popular.  I think it's an appalling violation of both trust and privacy, but corporations seem to feel justified to "protect their network" (it's not necessary to explain the logic to me, I get it ... I'm just more about individual rights).  Or maybe they're just doing it to mine your data, depending on the context.
>
> There seem to be two circumstances (this is just about web traffic):
> - a private computer on a shared network, ex. you take your personal computer to a coffeeshop
> - a company computer on a company network, ex. you sit down at your work computer
>
> I think I understand the latter: with a company computer on a company network, all that's necessary is to push a trusted certificate and all future communications will be done with that newly trusted cert and, well, you're hosed.  Everything you send is examined and re-encrypted with the receiving site's certificate at the company firewall.  Can this be detected?  Can this be prevented?
>
> It seems that some shared networks (ie. the coffeeshop in the above examples) manage to do this to people: is this only possible if they convince you to install something, and presumably that install package includes a certificate?  Or is there another way?
>

Hi Giles,  I think I understand your concerns.  First, some context of
what is typically required to eavesdrop on your PKI-negotiated and
encrypted traffic:

A TLS/SSL Man In The Middle (MITM) requires your browser to negotiate
TLS with the MITM, and the MITM goes out onto the Internet to
(separately) negotiate TLS with the site you are trying to connect to.
However, this means that the MITM needs to provide you a public
certificate for which it is in possession of the private key.
Presumably this is not a certificate whose authenticity can be traced
to a top-level Certificate Authority (CA) that your browser trusts.
That should be your detection method.  Otherwise, if you're dealing
with a large, corporate MITM (cough, Zscaler, cough), they might be
generating / issuing MITM certs on the fly from their issuing CA cert
which may actually trace to a top-level public CA.  Your detection
method in this case would be to compare the certificate and issuers
with those you see when connecting *outside* your suspect network.
Not convenient, of course.

The SSH case is generally simpler, because only a select few
masochists^H^H^H^H^H^H devotees have fully invested in X.509v3
certificate-based SSH.  An MITM would similarly need to present a key
pair of its own in order to negotiate with you, and then to your
remote on your behalf.  Your detection method here is that the key
presented by what appears to be your server isn't the same one that is
in your known_hosts file.

Cheers,
Mike