Explore the inner workings of Microsoft's Secure Channel (Schannel) SSL/TLS library in this 47-minute Black Hat conference talk. Delve into how Schannel utilizes CryptoAPI-NG (CNG) to cache various keys and session tickets for TLS/SSL connections. Examine the underlying data structures and learn techniques to extract keys and forensically relevant information about connections. Discover how to decrypt sessions using ephemeral key exchanges and understand the cache's longevity and capacity. Gain insights into Schannel's preferred cipher suites, key isolation mechanisms, and the role of the Norypt SSL Provider. Explore the decryption of persistent keys using DPAPI and session tickets, while also considering the inherent metadata TLS provides and the limitations of Schannel caching.
Cunning With CNG - Soliciting Secrets From Schannel
Overview
Syllabus
Intro
Black Hat Sound Bytes
Disclaimer
The infamous TLS Handshake
Perfect Forward Secrecy
Schannel & CNG
Schannel Prefered Cipher Suites
Microsoft's TLS/SSL Docs
Schannel Ops
CNG Key Isolation
Background Summary
What are we trying to accomplish?
The keys? What do they get us?
Session Keys
The Norypt SSL Provider (ncryptsslp.dll)
Pre-Master Secret (PMS)
Master Secret Mapped to Unique Identifier
Ephemeral & Persistent Private keys
9 Ephemeral Private Key
1 Persistent Private key
7 Decrypting Persistent Key - DPAPI
Session Ticket key
Decrypting Session Tickets
Inherent Metadata TLS Provides
Schannel Caching Parameters
This is your Schannel Cache (x64)
Limitations
Taught by
Black Hat
