The increasing use of encryption both across the public Internet and within private enterprise networks is well documented. TLS 1.2 PFS and TLS 1.3 make it much harder for enterprises to monitor and inspect traffic for malware, data breaches, and malicious activity, as well as troubleshoot availability or performance issues on the network. Passive decryption is not possible. Inline decryption increases latency significantly increasing costs of required SLAs, and cannot inspect sessions that use pinned certificates. These concerns are shared by manufacturers of out-of-band and in-band network security and monitoring solutions and their customers. Disabling PFS in TLS 1.2 is no longer an unacceptable compromise. Therefore there is a growing need to enhance TLS visibility for TLS 1.2 PFS and 1.3 with continued support for legacy protocols in cloud networks and private data centers.
Nubeva’s Symmetric Key Intercept (SKI) solves these problems. Nubeva SKI uses sensors that discover ephemeral session secrets on active TLS client and TLS servers without certificates, PKI, man-in-the-middle, session termination, or session replay. Session secrets are detected in memory using signatures specific to the libraries or DLLs used by the application. SKI is read-only and does not require modifications to applications. SKI works for new TLS sessions as well as TLS session resumption. Discovered keys are sent to key depots or directly to Nubeva’s decryptors or 3rd party decryptors that implement Nubeva’s low-latency protocol.
The SKI architecture is comprised of
SKI Decrypt Library and
TLS libraries create session secrets during the TLS session handshake. Each TLS library creates session keys in a unique way in the process memory space. Nubeva’s core IP finds the session keys using an algorithm designed specifically for each library or application and outputs a set of instructions called a
signature. Such signatures are then used to gain access to the session keys at runtime in an extremely efficient manner. TLS signatures are compiled by Nubeva’s back-end and distributed in binary form to licensed customers.
SKI Sensors are endpoint software that uses memory hooks and signatures to discover and extract session secrets from process memory. Signature based key extraction does not participate in TLS sessions, and does not require certificates. Therefore it is possible to extract keys from any session, including sessions that traditional methods have to bypass, such as sessions using pinned certificates or client certificates or sessions to 3rd party services where certificates are not available. SKI Sensors upload signature updates regularly from a licensed source.
SKI Sensors capture and send session secrets using Nubeva’s
FastKey protocol. Session keys are sent 200μs after the secrets are created, before handshakes are completed, and 500μs before the first encrypted application data is received for inspection. This assures that sessions keys are available for decryption before the first encrypted packet of a session arrives.
In the rare event that an application uses a library does not have a signature, the SKI Sensor sends a
KeySense indication to the decryption system telling the system not to expect a key for the current application. This indication is sent as soon as a TCP handshake is detected. KeySense operates before TLS handshakes begin, giving the inspection system time to select the decryption mechanism to use.
SKI Decryptors are a turnkey container solution that receives mirrored traffic and session keys from TLS sensors and exposes a standard network interface from which inspection software can read both decrypted and encrypted traffic. SKI Decryptors can be integrated with any deep packet inspection software that does not have decryption capabilities or cannot decrypt specific cyphers. Some of the supported open-source tools are Arkime (Moloch), Bro, ntop, Suricata, and Wireshark. Decryption capacity can be increased by scaling up and out using standard load balancing methods.
High-Performance Decryption Library¶
Nubeva provides a high-performance
Decryption Library, designed for applications that need high decryption throughput. The Decryption Library are integrated into the inspection software and operates independently of underlying TCP/IP stack customizations such as higher throughput optimizations using DPDK. The Decryption Library provides high decryption throughput upwards of 10 Gbps on a single core on standard hardware for TLS 1.3 AES ciphers. Multi-threading enables decryption at rates of 100Gbps and higher. The library is augmented by an optional
FastKey Buffer library for receiving and storing keys in case the inspection tools do not receive and retrieve session keys directly.
The table shows products available for evaluation and products which require a license.
|Product||Evaluation||Full License||Product Brief|
|SKI Sensor||Binary||Binary and code||Product brief|
|SKI Decryptor||Binary||Binary and code|
|SKI Decryption Library||Binary and reference code||Product brief|
|FastKey Buffer||Binary||Binary and reference code|
|Key Buffer Example||Code||Code|