[CRIU] Using CRIU to bypass SSL/TLS encryption

[Radostin Stoyanov]

Hi David,

On 31/08/18 23:14, David Elliott wrote:
> CRIU allows you to migrate TCP connections. This also means that CRIU
> allows you to migrate SSL/TLS encrypted connections, since encryption
> happens at higher layers of network stack than TCP. SSL/TLS is also
> session-based. While migrating encrypted connections, I noticed that I
> don't have to have the certificates available on the receiving host
> during the migration, and the connection will still restore properly
> and continue communication.
>
> Now consider the (somewhat contrived) example:
>
> Attacker A is interested in determining the contents of a particular
> stream of encrypted data traveling to company C. So A gets an employee
> inside C to checkpoint the application receiving the data (leaving it
> running), as well as capture a small section of the encrypted stream.
> The insider then sends the checkpoint and the captured packets to A. 
>
> A doesn't have the certificates initially used to setup the encrypted
> communication, and is able to reconstruct the application and
> successfully restore the checkpoint, with TCP connection modified to
> receive from his own IP address. A then replays the captured packet
> stream from his IP, sending the packets to the restored application,
> and receives the output from the application.
>
> Is this a security problem?
>

First, if the employee C is able to perform a checkpoint of the running
application, it means that they have root privileges on the system and
they can read the application's memory. Thus, the employee C already has
access to the content of the certificates used by the application, and
therefore can send this (instead of the checkpoint) to the attacker.

Second, for the restore to be successful, the attacker must use the same
IP address as the original system on which the checkpoint was created.

Third, I believe that the TLS session timeout might prevent a successful
restore of the connection.

Radostin