New Security Control Enhancements – Java 9-12
Speaker: Jim Manico @manicode
For more blog posts, see The Oracle Code One table of contents
- JEP = JDK Enhancement Proposal
- Formal process
- A lot of work
- See https://java.com/en/jre-jdk-cryptoroadmap.html (java.com/cryptoroadmap redirects here)
- Java 8 had a lot of changes and enhancements
- Ephermal cipher suite – rotates keys regularly
- Better random number support
- Consider third party libraries for crypto. Key management is hard. Want keys stored in vault. Your code should never touch the key.
Java 9 : JEP 290 – Filter Incoming Serialization Data
- When you shut down Tomcat, it is serializes everything including sessions into files. When start up Tomcat, it deserializes.
- Don’t deserialize anything untrest.
- Can inject malware, read any file, run any OS command
- Research talked about problem in 2011
- Learned about problem in 2016 with Apache Commons Collections Gadget
- Better to use JSON/XML
- JEP-290 – ObjectInputFIlter interface. Validates classes before deserialization. Validates array sizes and deserialization limits
- jdk.serialFilter – can specify limits
- Was backported all the way back to Java 6
- In 2017, “friday the 13th json attacks”
- Turn off features not using: ex: XML DTD parsing
- Patching critical. Ex: Jackson in last 18 months
- Live attacks start within hours of framework/library security announcements
- Security knowledge becoming more specialized. 20-30 people know spring security really well
Other Java 9
- JEP 273 – Deterministic Random bit generator – as good as can get in Java
- JEP-287 – SHA-3
TLS Benefits (https)
- Confidentiality – can’t view data
- Integrity – can’t change data in transit
- Authenticity – ensure site think visiting is the right one
- Use everywhere
- Internal apps can be easy attack vector if don’t use TLS/HTTPS
- Symmetric key exchange fast
- Asymmetric is slow. Used for authentication and key exchange. That way the symmetric key is exchanged asymmetrically.
- All versions of SSL are dead at this point. TLS 1.0 is also dead.
- Credit card processor charges higher fees if use old TLS version.
- TLS 1.2+ encouraged. 1.3 is widespread
- Test at server at https://www.ssllabs.com
- JEP 319 – open sourced core root certs. Now OpenJDK and Oracle JDK use same certs. Had to sign Oracle’s contributor agreement
- JEP 324 – Curve25519 and Curve448. More efficient and security. Important in Europe because NSA involved in prior versions.
- JEP 319 – ChaCha20 is a new stream cipher. Poly1305 is one time authenticator. Combined they provide an AEAD algorithm. (authenticated encryption.) Again important outside US because can’t export ciphers to embargoed countries. Some US customers adopt as well.
- JEP 332 TLS 1.3 – Much faster. Easier to configure. Old ciphers removed. Didn’t add much, but took a lot away. Supported by Chrome 65+, Edge 76+, Safari 12.1+ and Firefox 52+
- No JEPs
- Many small enhancements like the keytool and SecurityManager
- No JEPs
- Many small features.
- Support Microsoft Cryptography Next Generation API
I wish this talk was earlier in the day when my brain was working better. The concepts were good. I think the details were lost on me because Jeanne == morning person. That said, I learned a bunch of stuff and I’m glad I stayed for it! I really liked having the JEPs as reference numbers