Upgrade to Pro — share decks privately, control downloads, hide ads and more …

How to use SSL/TLS correctly

duongkai
October 14, 2014

How to use SSL/TLS correctly

Presenting in Security Bootcamp, Da Nang, 10/2014

duongkai

October 14, 2014
Tweet

More Decks by duongkai

Other Decks in Technology

Transcript

  1. This Talk is All About Using When I say SSL

    TLS It means TLS and/or SSL 3
  2. It is can be written a book Hope I can

    do well in this talk! 4
  3. Protocol Attacks ✓2009: SSL Insecure Renegotiation ✓2011: BEAST ✓2012: CRIME

    ✓2013: RC4 biases, Lucky 13, BREACH ✓2014: POODLE 10
  4. And in 2014 ✓Heartbleed and CCS in OpenSSL ✓Goto in

    GnuTLS ✓BERserk in Mozilla NSS ➔ 3 Biggest SSL implementations 11
  5. You Are Doing Wrong ✓It’s too complex. ✓Crypto related is

    often hard to understand. ✓Until we must compliance 13
  6. SSL Version ✓ First developed in Netscape ✓ SSL v2:

    Oldest and broken ✓ SSL v3 (﴾1996)﴿. Old and almost secure. ✓ TLS 1.0 (﴾1999)﴿. Fine protocol ✓ TLS 1.1 (﴾2006)﴿. No known practical attacks. ✓ TLS 1.2 (﴾2008)﴿. The most secure until now ✓ TLS 1.3 is being developed https://www.trustworthyinternet.org/ssl-‐pulse/ 16
  7. SSL Version ✓ First developed in Netscape ✓ SSL v2:

    Oldest and broken ✓ SSL v3 (﴾1996)﴿. Old and almost secure. It NOT SECURE NOW. ✓ TLS 1.0 (﴾1999)﴿. Fine protocol ✓ TLS 1.1 (﴾2006)﴿. No known practical attacks. ✓ TLS 1.2 (﴾2008)﴿. The most secure until now ✓ TLS 1.3 is being developed One minute pray 4 SSL… https://www.trustworthyinternet.org/ssl-‐pulse/ 17
  8. Terms ✓CSR, Certificates, EV-‐Cert and CA. ✓Private key. ✓Block ciphers

    vs Stream ciphers ✓PFS (﴾Letter E)﴿: Perfect Forward Secrecy ✓Curves and Curves: Elliptic Curve ✓X509, PEM, PKCS#12 and conversion. ✓OpenSSL
  9. Checklist 1. Updated the latest version (﴾OS, software)﴿ 2. Get

    an 2048-‐bit certificates from CA. Better if it supports SHA256 3. Know your legacy. 4. Configure TLS on your system. 5. Verify TLS configuration with your own hands.
  10. Explanation 2. Get an 2048-‐bit certificates from CA. Better if

    it supports SHA256 ✓ 1024 bit is weak and can be broken easily.[1] [1]https://isc.sans.edu/diary/Confusion+over+SSL+and+1024+bit+keys/18775 ✓ SHA192 is on the way to be deprecated[2] [2]https://konklone.com/post/why-‐google-‐is-‐hurrying-‐the-‐web-‐to-‐kill-‐sha-‐1 ✓ 4096 is consuming CPU too much 3. Know your legacy ✓ Supported protocol version. ✓ Supported cipher suites. ✓ Your compliance.
  11. Explanation 4. Configure TLS on your system. ✓ Avoiding insecure

    ciphers: RC4, DES, 3DES, MD5, SHA1,… ✓ Turn off SSLv3 support ✓ Turn off compression ✓ AES-‐128 is good enough (﴾both secure and faster)﴿. ✓ Enable PFS if you can. ✓ Switch to use Poly1350, Salsa-‐20 and EC ✓ Reference https://wiki.mozilla.org/Security/Server_Side_TLS#Recommended_Ciphersuite https://bettercrypto.org/static/applied-‐crypto-‐hardening.pdf
  12. 26

  13. Explanation: A+ ssl_certificate  /etc/nginx/ssl/server.crt; ssl_certificate_key  /etc/nginx/ssl/server.key; ssl_trusted_certificate  /etc/nginx/ssl/AddTrustExternalCARoot.crt; ssl_dhparam  /etc/nginx/ssl/dhparam.pem;

    #  Session  Resumption ssl_session_timeout  20m; ssl_prefer_server_ciphers  on; ssl_session_cache  shared:SSL:20m; #  Enable  OCSP  stapling  (req.  nginx  v  1.3.7+) ssl_stapling  on; ssl_stapling_verify  on; ssl_protocols  TLSv1.2  TLSv1.1  TLSv1; ssl_ciphers  ECDHE-­‐RSA-­‐AES256-­‐GCM-­‐SHA384:ECDHE-­‐RSA-­‐AES128-­‐SHA256:ECDHE-­‐RSA-­‐AES128-­‐SHA:DHE-­‐RSA-­‐ AES128-­‐SHA:RC4-­‐SHA; … add_header  Strict-­‐Transport-­‐Security  "max-­‐age=31536000;  includeSubdomains"; https://gist.github.com/kennwhite/25183c3f05266ee0ad7f
  14. Explanation 5. Verify TLS configuration with your own hands. ✓

    Openssl s_client ✓ Cipherscan and some browser tools ✓ https://www.howsmyssl.com/ ✓ https://cc.dcsec.uni-‐hannover.de/ ✓ iSec Partner SSLyze ✓ SSLLabs (﴾https://www.ssllabs.com/)﴿ ✓ Make your hands dirty
  15. Reference [1] HTTPS Everywhere, Ilya Grigorik https://docs.google.com/presentation/d/15H8Sj-‐Zol1tcum0CSylhmXns5r7cvNFtzYrcwAzkTjM/ present#slide=id.g12f3ee71d_10 [2] SSL

    Pulse Project https://www.trustworthyinternet.org/ssl-‐pulse/ [3] How is my SSQL now https://www.howsmyssl.com/ [4] The Art and Science of SSL Configuration, Nick Galbreath https://speakerdeck.com/ngalbreath/the-‐art-‐and-‐science-‐of-‐ssl-‐configuration [5] Bulletproof TLS and SSL, Ivan Ristic, ISBN: 978-‐1907117046 Special Thanks to authors of photos about Da Nang and Hoi An (on Flickr): pierre_thach, nemesis1903 31