Java 17 to 21: A Showcase of JDK Security Enhancements
Summary
TLDRThe speaker, Anna, a developer advocate at Oracle, discusses Java security enhancements from JDK 17 to 21. She covers new cryptographic algorithms, the deprecation of the Security Manager, and improvements in APIs for TLS and DTLS. Anna also introduces post-quantum cryptographic algorithms and explains how to integrate them into Java applications. The talk emphasizes the importance of keeping Java secure and up-to-date, providing insights into the Java security components and practical advice for developers.
Takeaways
- 😀 Anna, a developer advocate in the Java team at Oracle, is passionate about Java programming, Kubernetes, and security.
- 🔒 Java's new release cadence delivers features every 6 months, impacting daily life with enhancements in language, performance, and security.
- 🛡️ JDK continuously improves to build secure applications, addressing the weakening of algorithms over time and the need for modern, secure applications.
- 🌟 JDK 17 to 21 introduced significant security changes, including modern cryptographic algorithms and restrictions on weakened algorithms.
- 🔐 Security Manager in JDK was deprecated for removal, impacting applications that relied on it, but still supported in JDK 17 with runtime warnings.
- 🔑 JDK 20 and 21 brought larger key sizes by default, enhancing the strength of cryptographic algorithms.
- 🌐 TLS enhancements included disabling weak algorithms and the introduction of post-quantum cryptographic algorithms like SSS/LMS for quantum resistance.
- 🧩 JDK APIs underwent improvements, with new APIs for key stores and customizing TLS and DTLS signature schemes.
- 🔄 JDK security configuration files were updated to restrict weak algorithms and provide more control over security properties.
- 🔍 JDK now aligns with native OS security features, with changes to keystore access on Windows and macOS, and updates to the cacerts file.
Q & A
Who is the presenter of the security talk?
-The presenter is Anna, who works as a developer advocate in the Java team at Oracle.
What is Anna's background in relation to the topics discussed?
-Anna enjoys programming with Java and working with Kubernetes, and she has a passion for security, having had past roles where security was a necessity.
What is the significance of Java's new release cadence?
-Java's new release cadence delivers features every 6 months, covering multiple areas including language, performance, and security, allowing users to try and provide feedback on these features.
Why is JDK security important to developers?
-JDK security is crucial because over time, algorithms can weaken and become more easily exploited. Continuous improvements in the Java platform ensure that developers can build secure applications.
What are some of the significant changes in JDK security from versions 17 to 21?
-Significant changes include the introduction of larger key sizes, the addition of post-quantum cryptographic algorithms like SSS/LMS, and the restriction or disabling of weakened algorithms.
What is the purpose of the SSS/LMS algorithm and why was it added to OpenJDK?
-The SSS/LMS algorithm is a post-quantum cryptographic algorithm designed to be resistant against the potential capabilities of large-scale quantum computers. It was added to OpenJDK to provide a quantum-resistant signature scheme for software and firmware signing.
How does the deprecation of the Security Manager in JDK 17 impact applications?
-The Security Manager was originally designed for running untrusted applets and later enhanced for fine-grain permission control, but due to its brittle permission model, difficult programming, and poor performance, it was deprecated for removal in JDK 17. However, it is still fully supported in JDK 17 with runtime warnings.
What are some API enhancements related to security in JDK 18 and later?
-API enhancements include new APIs for obtaining access to attributes in a key store without needing an extra object, and improvements to APIs that customize TLS and DTLS signature schemes.
What is the new key encapsulation mechanism API introduced in JDK 21?
-The new key encapsulation mechanism API introduced in JDK 21 is called CEM (Cryptographic Encapsulation Mechanism), which allows for more efficient encryption by not requiring padding during encapsulation.
How have JDK security changes been documented and communicated to developers?
-JDK security changes are documented in the JDK providers guide, and developers can find information on dev.java, inside.java, and youtube.com/java. Additionally, the Java security roadmap provides advanced notice of changes and testing instructions.
What is the purpose of the new system property 'secureValidation' in JDK 21?
-The 'secureValidation' system property allows for easy enabling or disabling of XML signature processing mode that adheres to secure validation policies, strengthening the security for XML signatures.
Outlines
😀 Introduction to the Security Talk
Anna, a developer advocate in the Java team at Oracle, warmly welcomes the audience to a security talk scheduled for 4:00 p.m. She expresses gratitude for the attendees and sets the expectation that they will gain valuable knowledge applicable to their daily work. Anna introduces herself as a Java and Kubernetes enthusiast with a passion for security, stemming from her past roles where she had to ensure the software she built was secure. She emphasizes the importance of Java's new release cadence, delivering features every six months across various areas including security, and encourages the audience to provide feedback on these features. The presentation aims to highlight significant changes from JDK 17 to 21, particularly in the security domain, and Anna invites the audience to share their thoughts on what security changes have occurred after JDK 17.
🔐 Java Security Components and Modern Cryptographic Algorithms
The paragraph delves into the Java security components, starting with the Java language's design for type safety and ease of use. It builds upon the foundation of cryptography, with the Java Cryptography Architecture (JCA) and Java Cryptography Extension (JCE) enabling data encryption, key management, and message authentication. The paragraph also touches on Public Key Infrastructure (PKI) for certificate validation and storage, and Generic Security Service (GSS-API) for accessing security services. The discussion continues with Transport Layer Security (TLS), digital signatures for JAR files, and frameworks for authentication and authorization. Anna emphasizes the importance of Java security, explaining how algorithms weaken over time and can be exploited, necessitating continuous improvements to the JDK for secure application development. She introduces the concept of post-quantum cryptographic algorithms, which are designed to withstand the potential threats posed by large-scale quantum computers.
🛡️ Post-Quantum Cryptography and JDK Security Enhancements
Anna discusses the integration of post-quantum cryptographic algorithms into Java security components, highlighting the first such algorithms in OpenJDK: SSS and LMS. She explains that these algorithms are designed to be resistant to quantum computing threats. The paragraph also covers the security of LMS, which relies on the security of underlying hash functions and is believed to be unbreakable even with the development of large-scale quantum computers. Anna provides a code example demonstrating how to verify a signature with the new SSS-LMS algorithm and mentions that the JDK now supports this algorithm, with key tool support coming in JDK 22. The paragraph concludes by discussing how JDK restricts weakened algorithms to ensure a robust environment for developers and end users.
🚫 Disabling Weak Algorithms and Security Warnings
This paragraph focuses on the disabling of weak algorithms in Java, starting with the deprecation of SHA-1 by NIST in 2011 and its eventual disabling in Java 18 for digital signatures. Anna explains the rationale behind disabling SHA-1 and the impact on JAR verification, especially for JARs signed before January 1, 2019. The paragraph also covers the disabling of weak TLS algorithms like 3DES and RC4, and the deprecation of TLS 1.0 and 1.1 from April 2021. Anna provides guidance on how to manage security properties and restrictions, emphasizing the risks of re-enabling weak encryption types and the importance of adhering to security best practices.
🔄 Configuring Security Properties and Algorithms
Anna discusses the configuration of security properties in Java, particularly focusing on the Java security configuration file and the krb5.conf file for Kerberos. She explains how to selectively re-enable removed weak encryption types using the 'permitenced' property, cautioning that this should be done with careful consideration. The paragraph also covers the deprecation of the Security Manager in JDK 17 and its replacement with new APIs in JDK 18, simplifying code that previously required the AccessControlContext object. Anna emphasizes the importance of understanding and configuring security properties to maintain the security and integrity of Java applications.
🌟 API Enhancements and New Cryptographic Techniques
The paragraph highlights API enhancements in JDK 18 and beyond, including new APIs for accessing key store attributes and customizing TLS and DTLS signature schemes. Anna introduces a new API for customizing named groups in TLS and DTLS, which was introduced in JDK 20. She also discusses the new Key Encapsulation Mechanism (KEM) API in JDK 21, which allows for more efficient encryption of symmetric keys using public key cryptography. The paragraph concludes with a brief overview of changes to the XML signature API, including support for Edwards curve digital signature algorithms and a new system property for secure validation.
📝 Changes to XML Signatures and Operating System Security Features
Anna covers changes to XML signatures, including the removal of the Here() function by the Santuario project and Java's decision to maintain it temporarily with a default property value. She also discusses improvements to Java's integration with native operating system security features, such as access to Windows local machine certificates and changes to macOS keychain store implementation in JDK 21. The paragraph emphasizes the importance of these changes for developers working with XML signatures and operating system-specific security features.
🔧 JDK KeyStores and Tools Improvements
This paragraph discusses updates to JDK keystores, including the removal of the password change for the cacerts keystore and the adoption of the PKCS#12 format. Anna mentions that public certificates are no longer encrypted, except for private keys. She also covers improvements to Java security tools, such as keytool and jarsigner, which now warn users about weak algorithms and provide options for specifying alternate keystore implementations. The paragraph emphasizes the importance of staying updated with JDK security tool enhancements to maintain the security of Java applications.
📊 Monitoring JDK Security Properties and Events
Anna introduces the concept of monitoring JDK security properties and events, highlighting the initial security property event from JDK Flight Recorder, which records security properties when an application starts. She also discusses the recording of security provider instance requests, providing insights into application access to security services. The paragraph emphasizes the importance of monitoring these events for maintaining application security and understanding how security properties evolve over time.
📚 Resources for JDK Security Information
The final paragraph provides a list of resources for further information on JDK security, including dev.java, inside.java, and youtube.com/java. Anna encourages contributions to dev.java, offering to guide interested parties through the process. She also shares links to specific security-related resources, such as blogs on JDK security changes, the Java security standard algorithm names page, and the Java security guide roadmap. The paragraph concludes with a thank you to the audience and an applause sign, signaling the end of the presentation.
Mindmap
Keywords
💡Java
💡Security
💡Kubernetes
💡Cryptography
💡TLS
💡Quantum-resistant algorithms
💡SHA-1
💡Security Manager
💡XML Signature
💡Keytool
💡JDK
Highlights
Introduction to the Java security talk by Anna, a developer advocate at Oracle.
Anna's passion for programming with Java and Kubernetes, along with a focus on security.
The importance of building secure software for end-user happiness.
Java's new release Cadence, delivering features every 6 months.
Significant changes in Java security from JDK 17 to 21.
The necessity of Java platform improvements for secure application development.
Overview of Java security components, including language features and cryptography.
The introduction of larger key sizes in JDK 20 and 21 for stronger security.
Discussion on post-quantum cryptographic algorithms and their integration into Java security.
The first post-Quantum cryptographic algorithms in OpenJDK, specifically SSS and LMS.
Code example demonstrating how to verify a signature with the new SSS LMS algorithm.
JDK's efforts to restrict weakened algorithms to ensure a robust security environment.
Disabling SHA-1 for jar verification in Java 18 and the rationale behind it.
Removal of weak TLS algorithms and the disabling of TLS 1.0 and 1.1 from April 2021.
Introduction of restriction rules in the Java security configuration file to manage weak algorithms.
Deprecation of the Security Manager in JDK 17 and its impact on applications.
API enhancements in JDK 18 to replace APIs that depended on the Security Manager.
New APIs for obtaining access to attributes in a key store without extra objects.
Improvements to APIs for customizing TLS and DTLS signature schemes.
Introduction of the Key Encapsulation Mechanism (KEM) API in JDK 21 for more efficient key exchange.
Changes in the API for XML signatures to support Edwards curve digital signature algorithm.
New system property 'secure validation' to control XML signature processing mode.
Removal of the HERE function in XML signatures and its impact on Java applications.
Enhancements to key store access on Windows and Mac OS in JDK 21.
Updates to the JDK keystore file format and password requirements.
Improvements to keytool and jarsigner tools for better security practice enforcement.
Introduction of events for monitoring security properties and provider instance requests.
Java Crypto Roadmap providing advanced notice of changes and testing instructions.
Resources for learning more about JDK security, including dev.java, inside.java, and YouTube channels.
Invitation for community contributions to dev.java for improving Java documentation and resources.
Transcripts
[Music]
thank you everyone for joining a
security talk at 400
p.m. it's a little late in the afternoon
for some security topics um however I'm
grateful that you're here hope you will
enjoy this presentation until the end
that you will learn some useful things
that you can take in your daily
job and I'm looking forward to your
questions um at the end of the
presentation first of all I'm Anna
currently working as a developer
advocate in the Java team at Oracle I
enjoy programming with Java probably
like many of you since you are in this
room today and of course I enjoy working
with kubernetes as well now apart from
these two passions um I also like
security um in my past roles I like
security because I had to because it's
great to build secure software you have
your end users happy when they can
safely use their
applications uh so kind of security like
for many of you is embedded in the
practices that I have when I
code now when we talk about Java we I
hope that all of us in this room are
familiar with the new release Cadence or
you get to see many features delivered
every 6 months that you can try uh that
you can give uh um a feedback on and
these features are from multiple areas
many of them on language others on
performance and someone security yet
while these features get like Prime Time
your daily life can be impacted by those
many many enhancements that are not
necessarily formulated in a Jeep and
this presentation will show some of
those significant changes from 17 to 21
so if I am to ask you and because this
is a big room I cannot see all of you
but if I to ask you the question in the
slide can you shout at
me what do you think changed a change
that happened after jdk
17 with the security and jdk
anything just shout
it
records records that's a language
feature
security manager Bingo that's a very
good one the application for removal
we're going to talk a bit about it
anything else crypto
crypto that's a broad area we're going
to talk about it too anything
else
what I didn't understand you can you
please shout it h there TS TLS yes TLS
enhancements yes all great
answers and many more because we have 50
minutes for this presentation so I had
to fill it with something but the reason
why we care so much about jdk security
as developers is because over time the
algorithms that we are that we're using
in our applications weaken and can be
exploited more easily and it happens
that a GDK release take for example GDK
8 can Outlast the lifetime when these
algorithms are viable I mean jdk8
there's still many applications running
on those so what happens is that the
Java platform the jdk gets continuously
improved so that you can build secure
applications You're Building modern
applications but still they have to be
secured you're choosing Java to evolve
your applications because you know it's
secure that's one of the main things
that comes to your mind besides the
beautiful language there are many
beautiful languages that you can utilize
but you're also choosing them because
choosing Java because of security and of
course it's good to say to the business
Java is
secure so throughout time I've seen that
well people can think of java
security um as was some broad term so
what is Java security well Java security
has many components and since I'm going
to reference them in the presentation I
just want you to have a picture in your
head when I'm talking about them so here
they are the Java security components
are in the slide and of course they
start somebody said records of course it
starts with the
language um well but in the case of
security itself that is in the jdk the
higher level abstractions like you can
see here in the slide they are built on
top of lower layer Concepts so this is
why it's this like a brick wall
diagram and of course at the bottom the
Java language anguage is designed to be
type safe and easy to use so it has many
features that you probably use in your
application but the foundation of java
security well is based on
cryptography so the cryptography
component the Java cryptography
architecture
jca um or JC the Java cryptography
extension enables you to encrypt and
decrypt data in Java manage Keys sign
and authenticate message
and much more now we have also pki that
contains apis and implementations for
validating and building certification
paths or certification chains for only
many of your applications use
certificates and of course a way to
store those keys and
certificates next we go with how the
programs can access Security Services
via this lovely acronym which I'm not
going to read from the slide because I'm
terrible reading that acronym but we can
talk afterwards what it means it stands
for generic Security Service application
program interface that's why GSS upy and
the jdk contains such a GSS up
implementation of curve Ross now the
transport layer security which was
mentioned
earlier that
component is containing apis for TLS and
dtls and of course we're signing jars so
sign jars allow you to apply digital
signatures to the jar files in order to
ensure that you're sharing those with
some data integ the data you have in
those is shared with data integrity and
authenticity now the next components
they're
together because there are a series of
Frameworks and apis that are meant for
authentication and
authorization and of course probably
some of you have worked with XML
signatures which are a component uh well
this component that contains an API
implementation for generating and
validating XML
signatures but Java security is more
than just apis built on top on the
runtime it's also tools because
sometimes you need tools in your tool
chains to maybe I don't know validate
your certificates or and of course if
the jdk comes with them why not use them
since they're there so you get a small
set of tools that can help you set
security
policies probably many of you have
utilized in this lifetime key tool at
least
experimentally it's for managing key
stores keys and certificates of course
we have jar signer the one that we
talked a little bit earlier for sign
jars that helps of course signing those
jars and the last tab are actually the
tools for working with
kbros um but since Kos is not so touched
uh I'll leave them in peace for the
moment so hope you're feeling happy to
explore what happened with jdk
security and we're going to start with
the happy Parts modern cryptographic
algorithms now I started this
presentation telling you that over time
most or all algorithms weaken so they
can be exploited more easily now if you
get strong args you can continuously um
benefit of a stronger foundation for
your
application larger key sizes have been
delivered in jdk um 20 and 21 so you can
benefit of larger key sizes by default
like in case that when you're relying
for on the defaults and you're just
instantiating something um instantiating
a key without specifying the size
although that many examples over the
internet can have the size but if you
forget about that you don't need to
worry because the GDK can build that
securely at its best for you so you can
have here a table of what changed over
time this is good because this change
protects your data and communication by
using mathematical techniques that
ensure confidentiality integrity and
authenticity
better yet the tides of security threats
increase with the advancement of
technology and if you were the Kino this
morning
you probably saw the very nice keynote
about AI how AI can help us but those
were the good parts Ai and of course
computers that have large powerful cap
and large powerful
capabilities well they can be
instrumented for the wrong as well so if
large scale quantum computers are ever
built just this is a
hypothesis all widely used digital
signature schemes like
DSA RSA ecdsa and so on have the
potential to be broken that's because
the power of computation increased so
the IT industry has worked towards the
goal of creating postquantum
cryptographic algorithms that are
designed to be safe against such
powerful capabilities to
compute so as these postquantum
cryptographic algorithms progress and
mature of course they become standards
and are gradually Incorporated with the
Java security
components so we got the first post
Quantum cryptographic algorithms in open
jdk and you have here the explanation on
the slide so that you would know what it
stands for when you read
SSS
LMS so the lat Malla signature system is
one of the um one of these algorithms
and is the stateful health uh is a
stateful hash based algorith it's all
based on the hash based signature scheme
HPS that's what it's coming from the
hierarchical signature system is the
multi- three variant of the previous one
that's why it's SSS
LMS and most importantly it's one of the
two Quantum resistant signature
algorithms that have been standardized
there is another one it's called
XMS uh s it's similar but it's last
popular so the popular variant was
chosen um for the use case of such an
algorithm uh well it's used for software
and or firware
signing um and requires for the key and
signature generation to be performed in
Hardware cryptographic modules so that
they because those they do not allow
secret keying material to be exported
even in encrypted form that's why it
makes it quantum resistant it's hard to
export that from the
hardware so if we take a step back what
was done in the jdk right if um the um
signature generation happens on Hardware
what's happening in the jdk so when in
the jdk side the signature verification
implementation was
done so while the generation happens on
Hardware you can verify that signature
in the
jdk um and of course
you can have here in the slides the
explanations on why these this algorithm
is very great another thing that I need
to tell you is that this belief that the
security of LMS because it depends on
the security of the underlying hash
functions well it is believed that this
security is will never be broken by the
development of large scale computer
quantum computers hence why it's so
loved and
adopted now how does that look in your
code so how how do you verify a
signature with this new algorithm a
little bit of code in the slide just to
show you how it looks like you can use a
key Factory implementation available
from a provider now in this case if
you're running it with open jdk
distribution it probably will choose the
sound provider because that's the first
one that it finds it matches it and that
one will read an SSS LMS public key from
a stem a serialized
format so that's Reading part and of
course you need to verify the validity
and probably you've wrote this kind of
code sometimes to verify the validity of
a signature that uses SSS slms so the
thing that changed of course is the
algorithm being supported something
that's coming in 22 Key tool can also
operate with this one as well right now
it's available at the API level but in
22 jk22 it will have ke tool will have
that as a feature too so this one was
was one of the Breakthrough changes of
21
but besides the modern cryptographic
algorithms bringing new on the jdk
restricts the algorithms that are
weakened however there are multiple ways
to limit the usage of vulnerable
algorithms either the jav Java limits or
disables them to ensure that you are
running on a robust environment for your
not only for your own development but
also for your end users so what was
restricted some people probably saw that
kind of message when they tried to
validate a jar that was signed with
shaan and that it was having its
signature uh generated before 2019 1 of
January in 2019 so that's get a you get
a warning on that what's the story
behind it why Shawan jars were disabled
by default in Java 18 as the slide says
well it happens that in
2011 the National Institutes of
standards and Technology nist formally
dicated shaan usage and kind of told the
people well you know by
2030 you should kind of phased out the
usage from digital signatures that news
came two years later in
2013 so in consequence shaan was
disabled in TLS server certificates and
XML signatures was not just here now in
order to make sure that people are not
using this any
further jdk security team thought it
would be better if your
chars if you try to sign your chars with
this algorithm well to get the warning
that well um it's not good for you so
there's a a way to maintain uh backwards
compatibility of course for some of the
JS so if your jar was time stamped prior
to
20190101 We Shall one you get kind of
get away with it but uh if you have like
a very strict security team they can
alter a little bit the security rules
for you and they can impediment it so
I've seen cases when people went even
stricter given the threat of Shawan
usage so they restricted their security
properties even more we're going to talk
about that in a little
while so this was
one um another one delivered a lot
actually more delivery in 19 and 20
we're disabling weak TLS algorithms so
somebody mentioned TLS yes there were
enhancements but also disabled things
were disabled with the
TLs so in order to make it harder to use
week 3 3D Cipher suits they have been
removed from uh the TLs Cipher suits in
jk9 next 3s and arc4 they're also not
very safe um and because they were not
very safe also their Amon thls
ecdh ecdh Cipher suit also was disabled
because it doesn't preserve forward
secrecy and also it was rarely used in
practice sometimes these algorithms
they're not just insecure but they also
used in practice so disabling them is
not that difficult and well tls1.0 T and
TLS 1.1 they were disabled from April
2021 but as of J K2 dtls 1.0 is also
disabled because applications by the way
should use dtls 1.2 protocol which is
more secure and supported by the jdk but
in case that you have
issues yes you can also enable the one
that has been disabled you can reenable
it in the Java security configuration
file but that's something that you do at
your own risk so there's always a way to
alter the Java security file
but that's at your own risk when the um
of course the guidance says
different another thing that
came in the disabled algorithms area
restriction rules so how does these
rules are being put in application how
about these weak algorithms because they
they're not taken out they needs to be a
mechanis for that so in case of Koss
there's a car five.com file where you
can set those restriction rules for
security properties of the jdk of course
is the Java security configuration file
you can set there now for kbros for
those of you that maybe this sounds a
little bit foreign kbros is the protocol
for authenticated service requests
between trusted hosts and across let's
say in trusted Network like internet but
probably you saw keros if you ever
configured an application server like in
the old times that's probably You' have
seen curb Ross and details about it in
case of those application servers
configuring the KY by 5.com file is
crucial if you're using jars of course
for jar verification certificates TLS
and so on you can always work with a
Java configuration
file so for curve Ross let's start how
does the removing look like so in the
slide on my left side I would say okay
you can find on how an exerpt of kerros
configuration file looks like and I
extracted those two configurations
specifically because they're something
important with them so first of all desk
three des and rc4 encryption types well
they were removed from the default list
of carbros encryption types but
more um they were
disabled uh and you see that there's set
alone that allow weak crypto properties
set to false in uh in the slide right
why is that well allow crypto properties
acting like a global property and when
it's said to true you're actually
allowing all the bad algorithms that you
didn't want to have to be
selected so what happens if you want to
selectively reenable some of those
removed
weak um Cur encryption types because you
need it because your application cannot
evolve without those your server doesn't
start with that in configuration so in
those situations when you are in
need don't go and set allow crypto to
True by the way you can do that
selectively with a second property with
a permitted encryption types so there
you can go and say Hey I want you to
enable selectively these algorithms I
yeah probably they're not secure or
probably May some of them are secure and
they haven't been removed but only do
this for only a selected type don't do
this for everything they use the global
one so there's a way to escape but more
controlled and well it's always to have
this message that while re-enabling any
weak encryption type or any algorithm
that's considered disabled is always at
your own risk so be pay paying attention
when you reset your
configurations they can work against you
so
next in the jdk security configuration
file this is where you can modify
information about your security
properties and we have two types of
security uh properties so now you're
going to see highlighted in the slides
the different ones so the first ones are
the disabled ones this means that this
configuration restricts various
functionality Legacy me the other ones
that you really shouldn't use them
because they will be disabled most
likely in a future jdk release so Legacy
kind of allows you a way to still use
them but be paying attention that
sometimes they're going to go in the
forever gone category of disabled yes
you can alter the list there but again
at your own
risk so somebody else said something jdk
17 yes security manager security manager
was deprecated for removal in jdk 17
H
but you probably heard a lot about it it
generated a lot of rumor that
applications will be so much impacted
about this even though to your surprise
you're going to see that well was a
feature that was originally designed as
a stand boox for running potentially
untrusted applets who uses applets
nowadays then it was later enhanced to
have a fine grain permission Pro
permission model that was never widely
used so uh pretty much it had a lot of
things that were not useful to us so
because of the brittle permission model
difficult programming model and of
course poor performance that got to its
deprecation for removal in JK
177 however security manager still fully
supported in jdk 17 but you'll receive
warnings at runtime if you try to use it
so probably you've seen
that the other thing is that several
apis in the jdk thought it was a good
idea back then to use the security
manager in the beginning so because they
were tied to security manager there had
to be some replacement there needs
something to be done to it once this one
is deprecated for removal and because
some applications really really wanted
to use the security manager because they
couldn't upgrade very fast in in time
but still wanted to take advantage of
java latest
features it's also good that you can
allow the security manager temporarily
with your application name but you
should know that since jdk18 is this
allowed to use so there are still ways
to use it but pretty much not good so
let's go back to S to the API story
there are apis in the jdk that depend on
that apis that may be un need in your
day-to-day developer
life so we're going to go to the API
enhancements because many of them are
related to that so in the case of the
API repl replacement the Jaws apis were
the ones that were depending on the
security manager so what happened is
that the security
team has been implementing options to
still use the CH apis but a little
different so for example the adjust um
subject to us and subject get subject
API that dependent on the security
manager well uh even though they did not
require the security manager that's the
fun thing they depended on that one but
they did not needed it uh well they were
replaced in
jdk18 by different apis in the same
class name subject right so let's see
how code looks like for such an example
so for example using the old API the one
depending on security manager what you
need here you need to perform work as a
particular subject right but first you
require access to you get require
getting the access control context
object first I don't know
why well you yeah just use it further
and just get the subject so it was
cumbersome why was that extra object
needed while now you just invoke the
current method on the subject which
makes much more sense right it's much
more clean you don't need the access
control context for that you already in
the
context next
related to improvements to
apis well there are new apis for um
obtaining access to attributes for in a
key store so for example if before jdk18
this is how you would write a piece of
code to get access to the attributes of
an
um to get the attributes of a key store
so you're first needed to get an entry
from the key store uh then call the C
the get attributes on that entry like
okay so I need to know the entry then
call the attributes on the entry but I
want the key store right so why not do
that so that's the Improvement this it's
not just less code it's just actually
not having an extra object when you
don't need it so access an extra object
when you actually don't need to use that
object further in your
code there are also some improvements to
the apis that customize TLS and dtl LS
signature schemes so now they're like
Setters and Getters for getting the
signature
schemes um and when you need to
negotiate a TLS or dtls
connection um and yeah this is an
enhancement for the for a job regarding
the transport layer protocol that was in
the past and also for uh TLS and
dtls
there there's a new API for um the do I
duplicate this oh no no there's a new
API for customizing named groups also
for TLS and
dtls um at some point in my slides
you're going to see like a little flying
UFO in in down there it's very little
but I'm going to give you access to the
slides some of the changes that were
done in the jdk security were back
ported as well to 8 11 and 17 so um
that's the reason you have see the
little sorts um lateral UFO there uh
with also with the backboard so that you
know what was affected and maybe you can
use it in Prior in Prior jdk versions as
well so you get set name groups and get
name groups in
there
well this change uh was introduced in
jdk 20 and allows applications to
customize and retrieve the prior
prioritized list of name groups used to
negotiate a key exchange me a key
exchange mechanism in dtls or TLS
connection so they're pretty much
important at getting access to your um
prioritized list of name groups when
you're making a TLS or dtls
connection great improvements on the API
so now we have powerful
apis but in the beginning we we talked
about SSS LMS and quantum computers so
let's Circle back a little to that so we
get better algorithms prams that could
help us protect our applications against
post about quantum computer
attacks but how about other techniques
new encryption techniques for securing
symmetric Keys using public key
cryptography so what we can enhancing
that so jdk 21 brings a new key
encapsulation mechanism API it's called
chem for short now this is a scheme with
public and private key
which probably are familiar with but
what's different to it is that the
sander uses the public key to create a
cipher text and encapsulation containing
a randomly chosen symmetric key and the
receiver decrypts the encapsulation with
the private key now unlike the
traditional uh cryptography methods this
key encapsulation mechanism is more
efficient because does not require
padding when doing the um
encapsulation because well it deres it
uses mies the encapsulation by
deriving um by by using the properties
of the public key uh to derive the
related symmetric key that is used there
in the shared secret so how does that
look
like thought to put it here a little bit
in
context so the sender creates an
encapsulation using the public key right
then the sender uses cam to encrypt data
using a symmetric algorithm and sends
that key encapsulation message to the
receiver the receiver decrypts the king
capsulation message of course with the
private
key so then the rest the encryption and
the decryption they are done similarly
now that the shared key is known to both
of
them so that was said you can use cam to
First transmit that shared symmetric key
and later use it to efficiently encrypt
the data using that symmetric algorithm
that you
chose now the API itself has three parts
as discussed earlier with the
encapsulation decapsulation and so on so
the three parts are as follows of course
you need to generate the keys so you
need a key pair generation function that
is already there actually in the jdk the
key gen to generate the public key and
private key there was nothing changed to
that one but the key pair generator API
it's in the J for a while now what was
done new for the cam API was the
encapsulation function and of course the
key decapsulation function uh that are
needed to
decapsulate the received share key so
you can output both the sender and the
receiver can trust each
other
moreover in terms of
changes um in the beginning when we
talked about components there was a
component called XML signature that one
suffed a few changes as well so the API
for XML signatures changed a little bit
meaning now that there are two more
signature methods uis that support the
Edwards curve digital signature
algorithm that's a
adsa um which means that well now you
can sign and verify um your XML with um
these two signature
Uris um uh you can find their the API
and link to
it now we also have a new system
property I put there system property I
know it's a lot on the slide but I want
you to make the difference between
system property and security property so
You' not be confused which to configure
where so there's a new system property
that's called like that's called secure
validation so it's added there to allow
you to easily enable or disable XML
signature processing mode that has like
a simple mode like enable like true or
false uh but that one when you set it it
takes into account the um secure
validation policies properties that you
set for your application so you can
strengthen even more the security for
your XML signatures if you put this one
to true that's its
purpose another important aspect that
came in
21 is about here function
so here function it was an xath function
that's defined by w3c
recommendation and for XML
signatures and it's being used in XML uh
signatures of course has been used so
far now the thing is that an upstream
project that's for XML signatures called
santuario version
302 uh decided to remove this function
however since there were already
applications Java applications that use
ACC ml signatures with
here what the security team thought it
was be it would be better to have a
property it has a default value to true
and somehow maintain the usage of this
function within the existing security
Keys the idea is just to have it for the
moment but eventually will be disabled
um the support for this one function
will be disabled since the Upstream
project doesn't have it anymore but
gives away for people to accommodate the
changes in their XML
signatures until the uh the disable of
this one is going to become
permanent another feature that comes
with uh Java security is fact that some
some of its changes are tailor to
operating
systems so to operating system the
operating H native security features
well they're typically targeting either
Mac Linux or Windows
for Windows historically speaking before
jdk9 if you wanted to see the keys and
certificates in the current user or
local machine you need of course access
to them but if you're just using Windows
my or Windows rout you are not getting
access to that so in order to uh all the
time you didn't get access to all of
those so in order to personalize this
access to the local machine certificates
for different users there has been new
types of key
store that are called Windows my local
machine like an example here or Windows
root local machine key store types they
provide access to keys and certificates
stored on the Windows operating systems
that are available to all accounts and
of course there are also ones that are
specific to current user current logged
user because well that's for to avoid
the
confusion uh with the previous windows
my and windows route respectively
all these changes are documented in the
jdk providers guide there's going to be
a link at the end of the presentation to
that one now Mac
OS Mac OS has a story as well now it's
starting with jdk 21 you can see only
The Trusted certificates if you're
running this piece of code so I suggest
you to run this piece of code for jdk
less than 21 like I don't know 17 and
compare it to the result on 21 you're
going to see to what you really have
access to on your local machine if you
have a Mac by the way so starting with
jdk 21 the Mac OS keychain store
implementation expose certificates that
are with proper trust in the user domain
admin domain or both so before 21 prints
only the user domain
certificates after 21 it prints those
that are you should you should have
access to and maybe you have access also
to the admin ones not just the user ones
that were before
um okay what I added here is that the
change was backported as well to jdk 11
and 17 so it was an important change
that was thought that it would be good
also for 11 and 17 to
have Now updates on jdk kerts file did
you use kerts
ever yep you know so you know what's it
it's Cas as key stor is part of the
jdk uh is intended to contain the root
certific that can be used to establish
trust in certificates Chain empoyed by
our application right by security
protocols that are used by our
application so you probably use it in
order to establish trust for certain
certificates now historically speaking
we used to have the password change it
we always did the password change it now
it's no longer
required of course it doesn't use a
propriatary format anymore so it uses
the pkcs 12 format and if you're using
jks it will give you a nice warning and
tell you are you sure you want to use
this
format and of course public certificates
are no longer encrypted because well
they're
public um apart from caseart
improvements there have been some tools
improvements so the evolution of java
security fostered also connection to the
tools and the monitoring practices not
just you know enhancements and
algorithms and so on it's also good to
keep an eye on what happens there
so the changes with the modernized and
disabled algorithms well they're very
useful also for key tool so key tool by
the way besides useful warnings uses
also those default Roger key key sizes
uh in jeny pair uh if the key size
option that you give to keto is not
there so for example like in this case I
didn't use the minus key size option and
by default it generated me a key
uh with of course the biggest uh size
that was available by default in my case
372 another Improvement as of jdk 21
minus j z key and of course um import
pass they warn you if you're trying to
use PBI weak algorithms so they are
warning you if you're not doing
something great like in the command here
what this command is doing actually is
looking at the
key algorithm which is Arc four and
based on that determines that well
you're trying to use a weak algorithm
and I should warn you jar signer we
talked a little bit in the beginning is
good for signing jars shaan were
disabled of course but as of
jdk9 if you need to specify the class
pad to an alternate key store
implementation you can now add it with
minus provider path option because
sometimes you're not just using the pro
the security pro providers that the jbk
comes from there are other security
providers as well uh and you want choose
to have one of those for applications it
can be in the best practices of your
company some J signer improvements
besides all that is's a command for
minus provider path on how it would work
with a effictive provider of
course
um and last but not least for monitoring
we have some events that we can look
into um how the properties of our
application have evolved so there's one
initial security property that's an an
event from for jdk flight recorder that
we can look on the events when they're
initially loaded when our application
starts what were the security properties
that our application started with now
this event is very useful when our
application changes its security
properties in the code decides to like
okay I'm going to change this um because
it's needed and so on so it's good for
keeping keeping an eye on those if you
really want to disable this one because
it's enabled by default in the shipped
default. GFC and profile. GFC uh which
are shipped with u any jdk well you can
disable it with these commands if you
are interested just copypaste them it
will do the
disable any of them um another one
recording details about security
provider instance request so every time
that your application is going to access
get service method that is going to be
recorded and information about that is
going to be provided so it serves like
an announcement location for what's
coming in
security each change on this road map
improves security uh in a different way
in some way so either that you saw early
a restriction or disabling of wals or
defaults have been increased those are
documented shaan jars disabled those are
documented very well there uh or like
tools Improvement that's again
documented there and of course because
these changes can impact you in
applications the javac crypto road map
provides for each of the
changes some testing instructions or
details how you can revert the change
like I told you in the presentation okay
if you really need to enable that weak
encryption type and Cur Ross you can do
this
selectively so that's available so it
can gives you ways to let's say
perpetuate a bit the change that was
done there so the benefit of the road
map is that you get advanced notice of
each change usually minimum 3 six months
uh before this happens and you can test
it so uh with some
exceptions these changes are backported
to all update releases so that's
something very important for you to know
as
well uh because while your applications
can of was as well depend well the
applications need the same level of
security across different jdk versions
maybe you're not using jdk 21 for all of
them you're using jdk 17 or 11 and some
of those changes there are backported
most of the time
well that being
said if you want to know more about the
jdk security there are a series of
places where you can find information so
the first place is dev. Java there's a
security place where there security
section that contains several articles
on uh jdk security more will follow
there's inside. Java where we
publish um their latest information or
research on what happens in the security
so whatever we feel that's relevant and
the security teams that's relevant we
put it there on inside. Java and last
but not least on YouTube on youtube.com/
jaava our Java Channel where you can get
information on security but many more
language features which of course we
know they're great we love them uh
performance tips and so many many many
more so all these places are just a
place for security and way more things
that can help you in your daily life as
Java
developers but I assume that many of you
are also experienced Java developers so
if you would like to teach others or to
say to others explain Concepts that are
related to Java it doesn't have to be
like advanced concepts of java can be
also basic concepts about Java like kums
you can help us improve def. Java with
your contribution because we're a big
Community we're a Java Community we
welcome the contributions to dev. Java
so we have a repo where you can
contribute with articles if you want to
contribute please make sure to contact
me I'm going to share the link with you
would be my pleasure to explain to you
how that works you're going to be part
of a review process as well but it would
be a great thing for millions of people
to read your
work
so if you want to know like specific
security stuff that are related to this
presentation these are part of the links
that I would like to tell you about so
there's a Jeet about the deprecation of
security manager probably you've seen
that one before but uh Sean Mullen is
having a very very insightful blog on
jdk security changes so he captures way
more even those little little little uh
changes are captured there so be be sure
to follow that one as well my place to
go about algorithm names because I don't
know them by heart so I'm going always
to the Java security standard algorithm
names that's a very useful page and of
course the Java security guide the road
map you can find it there and of course
there are two videos that can help you
with security
too so so that was it that I was going
to tell you about jdk security and what
changed on it was quite a lot this is
the link to the slides you can scan it
uh I'll upload this one to the J Focus
um site as well so you can get
it thank
[Applause]
you
5.0 / 5 (0 votes)
