常時SSL化の落とし穴 / Pitfalls in AOSSL

Transcript

1. ©2017 AKAMAI | FASTER FORWARDTM ৗ࣌44-Խͷམͱ݀͠ Hideki Okamoto Akamai Technologies

   November 10, 2017

2. ©2017 AKAMAI | FASTER FORWARDTM The opinions expressed in this

   slide are my own and do not express the positions, strategies or opinions of

3. ©2017 AKAMAI | FASTER FORWARDTM 44-5-4ԽΛऔΓר͘ݱঢ় Photo by Chris Yang

4. ©2017 AKAMAI | FASTER FORWARDTM 26 33 56 40 52

   70 51 57 74 2015 2016 2017 (Oct) )5514
   ܦ༝ͰಡΈࠐ·Εͨϖʔδͷׂ߹ (%) US France Japan Japan Japan France US US France HTTPS encryption on the web https://transparencyreport.google.com/https/overview

5. ©2017 AKAMAI | FASTER FORWARDTM

6. ©2017 AKAMAI | FASTER FORWARDTM Not Secure ~ s ince

   J anu ar y 20 1 7 ~ (PPHMF
   $ISPNF
   ͔ΒϩάΠϯ৘ใೖྗϑΥʔϜ͕44-Խ͞Ε͍ͯͳ͍ͱܯࠂදࣔ

7. ©2017 AKAMAI | FASTER FORWARDTM

8. ©2017 AKAMAI | FASTER FORWARDTM Not Secure ~ s ince

   O ct o b er 20 1 7 ~ (PPHMF
   $ISPNF
   ͔Β44-Խ͞Ε͍ͯͳ͍શͯͷೖྗϑΥʔϜʹܯࠂදࣔ

9. ©2017 AKAMAI | FASTER FORWARDTM ,FZ
   3FJOTUBMMBUJPO
   "UUBDLT
   ,3"$, ʹ Αͬͯ8J'J͸ΑΓةݥʹͳͬͨͷ͔ KRACK

   Attacks: Breaking WPA2 https://www.krackattacks.com/

10. ©2017 AKAMAI | FASTER FORWARDTM ͳ͓ɺެऺແઢ-"/ͷ৔߹͸Ոఉ಺ແઢ-"/ͱ͸ҟͳΓɺ ෆಛఆଟ਺ͷར༻ऀ͕઀ଓ͢Δ؀ڥͰ͋ΔͨΊɺ"1઀ଓʹ ඞཁͱͳΔ44*%ͱ҉߸ԽΩʔΛෆಛఆଟ਺ͷར༻ऀͰڞ༗ ͢Δέʔε΋͋Δɻͦͷ৔߹ɺࣗ෼Ҏ֎ͷར༻ऀ΋ಉҰͷ ҉߸ԽΩʔͷ৘ใΛ஌͍ͬͯΔ͜ͱʹͳΓɺ$$.1Λ࠾༻

    ͨ͠҉߸Խ௨৴Ͱ͋ͬͯ΋ղಡ͢Δ͜ͱ͕ՄೳͰ͋Δ https://www.ipa.go.jp/files/000051453.pdf ެऺແઢ-"/Λར༻͢Δࡍɺࣗ෼Ҏ֎ͷར༻ऀͱಉҰͷ ҉߸ԽΩʔΛڞ༗͢Δ"1Ͱ͸ɺ௨৴͕҉߸Խ͞Ε͍ͯΔ ৔߹Ͱ΋౪ௌ͞ΕΔةݥੑ͕͋Δ͜ͱΛೝࣝͯ͠ཉ͍͠ ಠཱߦ੓๏ਓ৘ใॲཧਪਐػߏʰެऺແઢ-"/ར༻ʹ܎ΔڴҖͱରࡦʱ

11. ©2017 AKAMAI | FASTER FORWARDTM 2
    ͳͥ44-Խ͕ඞཁͳͷ͔ " ౪ௌɾվ᜵ɾͳΓ͢·͔͠Β ϢʔβʔΛอޢ͢ΔͨΊ 2
    ͳͥʮৗ࣌ʯ44-Խͳͷ͔

    " ࣮ࡍͷͱ͜Ζ कΔ΂͖ϖʔδɺकΒͳͯ͘΋Α͍ϖʔδͷ۠ผ͸ࠔ೉

12. ©2017 AKAMAI | FASTER FORWARDTM ϩʔυόϥϯαʔ͸44-ͷίωΫγϣϯ૿ʹ଱͑ΒΕΔͩΖ͏͔ 44-ূ໌ॻͷ४උΛͲͷΑ͏ʹਐΊΕ͹ྑ͍ͩΖ͏͔ ͋ΔΠϯϑϥ୲౰ΑΓ ݱߦͷΞϓϦέʔγϣϯ͸44-Խͯ͠΋ਖ਼͘͠ಈͩ͘Ζ͏͔ 8FCσβΠφʔʹͲ͏͍͏͓ئ͍Λ͢Ε͹ྑ͍ͩΖ͏͔

    ͋ΔΞϓϦέʔγϣϯ୲౰ΑΓ ૣ͘44-Խ͠ͳ͍ͱݕࡧΤϯδϯͷϥϯΩϯά͕Լ͕ΔͷͰ͸ͳ͍͔ 44-Խ͢ΔͱιʔγϟϧϘλϯʹӨڹ͕ग़Δͱฉ͍͕ͨʜ ͋ΔϚʔέςΟϯά୲౰ΑΓ 8FCαΠτͰͷ৘ใ࿙Ӯ΍վ᜵ͳͲͷηΩϡϦςΟϦεΫΛ௿ݮ͍ͤͨ͞ ͕ͩϏδωεʹѱӨڹ͸༩͑ΒΕͳ͍ɻ҆શʹ44-Խ͍ͨ͠ ܦӦਞΑΓ Photo by Johny Goerend

13. ©2017 AKAMAI | FASTER FORWARDTM Photo by Ian Espinosa 44-Խͷམͱ݀͠

14. ©2017 AKAMAI | FASTER FORWARDTM མͱ݀͠
    ϩʔυόϥϯα΍8FCαʔό͕44-ऴ୺ͷෛՙʹ଱͑ΒΕͳ͍ “On our production frontend

    machines, SSL/TLS accounts for less than 1% of the CPU load, less than 10 KB of memory per connection and less than 2% of network overhead. Many people believe that SSL/TLS takes a lot of CPU time and we hope the preceding numbers will help to dispel that.” - Adam Langley, Google զʑͷຊ൪؀ڥʹ͋ΔϑϩϯτΤϯυϚγϯ্ʹ͓͍ͯɺ44-5-4ͷॲཧʹ͔ ͔Δෛՙ͸ɺ $16࢖༻཰ʹͯ͠ະຬ ɺίωΫγϣϯ͋ͨΓͷϝϞϦ࢖༻཰ ʹͯ͠,#ະຬɺωοτϫʔΫͷΦʔόʔϔουʹͯ͠ະຬͰ͋Δɻଟ͘ ͷਓʑ͕44-5-4͸ଟ͘ͷ$16࣌ؒΛফඅ͢Δͱ৴͍ͯ͡Δ͕ɺզʑ͸લड़ ͷ਺ࣈʹΑͬͯ͜ͷ͍͕ٙ੖ΕΔ͜ͱΛئ͍ͬͯΔ

15. ©2017 AKAMAI | FASTER FORWARDTM མͱ݀͠
    ϩʔυόϥϯα΍8FCαʔό͕44-ऴ୺ͷෛՙʹ଱͑ΒΕͳ͍ TLS Benchmarks – HiveMQ

    https://www.hivemq.com/tls-benchmarks ҉߸༻ͷ໋ྩηοτ͕$16ʹ࣮૷͞Εͨ͜ͱͰ$16ෛՙ͸ܰ͘ͳ͕ͬͨɺ ͦΕͰ΋ͳ͓44-5-4ͷωΰγΤʔγϣϯ͸ॏ͍

16. ©2017 AKAMAI | FASTER FORWARDTM ղܾํ๏ • "LBNBJԽͯ͠1FSTJTUFOU
    $POOFDUJPOͰ44-5-4ηογϣϯΛू໿͢Δ Ωϟογϡػೳ΋ซ༻͢Δͱ͞Βʹྑ͍ •

    &$%4"ূ໌ॻ • 5-4
    4FTTJPO
    3FTVNQUJPO
    4FTTJPO
    *%
    
    4FTTJPO
    5JDLFUT མͱ݀͠
    ϩʔυόϥϯα΍8FCαʔό͕44-ऴ୺ͷෛՙʹ଱͑ΒΕͳ͍ https://blogs.akamai.com/2013/10/why-early-termination-is-not-a-bad-thing.html https://hpbn.co/transport-layer-security-tls/ ΤοδαʔόʔͰ44-5-4Λλʔϛωʔτ͢ΔͱύϑΥʔϚϯε΋޲্͢Δ

17. ©2017 AKAMAI | FASTER FORWARDTM མͱ݀͠
    .JYFE
    $POUFOUT What Is Mixed Content?

    https://developers.google.com/web/fundamentals/security/prevent-mixed-content/what-is-mixed-content

18. ©2017 AKAMAI | FASTER FORWARDTM "DUJWF
    .JYFE $POUFOU • )5514Ͱ഑৴͞Ε͍ͯΔ)5.-ʹຒΊࠐ·Εͨ+BWB4DSJQU
    $44΍ɺ

    9.-)UUQ3FRVFTUʹΑΔϦΫΤετ͕)551ͷͱ͖ʹൃੜ • 8FCϒϥ΢βʹΑΓϒϩοΫ͞ΕΔ མͱ݀͠
    .JYFE
    $POUFOUT 1BTTJWF
    .JYFE $POUFOU • )5514Ͱ഑৴͞Ε͍ͯΔ)5.-ʹຒΊࠐ·Εͨը૾ɺಈըʹΑΔϦΫΤετ ͕)551ͷͱ͖ʹൃੜ • ϒϩοΫ͸͞Εͳ͍͕ϖʔδࣗମ͸/PU
    4FDVSFͱΈͳ͞ΕΔ ೥࣌఺

19. ©2017 AKAMAI | FASTER FORWARDTM མͱ݀͠
    .JYFE
    $POUFOUT .JYFE
    $POUFOUT௵͠͸ৗ࣌44-Խʹ͓͍ͯ ΋ͬͱ΋ࠔ೉ͳ࡞ۀͰ͋Δ ڐ༰ਫ४ͷ߹ҙ $POUFOU
    4FDVSJUZ
    1PMJDZʹΑΔݕ஌

    ੾Γ໭͠खॱͷࡦఆ .JYFE
    $POUFOUTΛ ࣄલʹ௵͢ͷ͸ݱ࣮తʹ͔ͳΓ೉͍͠

20. ©2017 AKAMAI | FASTER FORWARDTM 44-ԽͷਐΊํͷྫ  ෳ਺αΠτʹ·͕ͨͬͯը૾΍"1*ΤϯυϙΠϯτͳͲͷϦιʔεΛڞ༗͍ͯ͠Δ৔߹͸ɺαΠτؒͷґଘ ؔ܎Λચ͍ग़ͯ͠)5514ʹରԠͤ͞Δॱ൪ΛܾΊΔ 

    αʔόʔଆͰ)5514௨৴͕Ͱ͖ΔΑ͏ʹ͢Δ ϖʔδ่ΕΛى͍ͯ͜͠ΔαΠτΛ֎෦ʹݟͤͳ͍ͨΊʹɺ ͜ͷ࣌఺Ͱ)5.-ʹରͯ͠֎෦͔Β)5514ͰϦΫΤετ͕དྷͯ΋)551ʹϦμΠϨΫτ͢ΔઃఆΛೖΕΔͱ ͳ͓ྑ͍  )5.-ɺ+BWB4DSJQUɺ$44ɺΞϓϦέʔγϣϯίʔυͷதͰ IUUQ
    ͱϋʔυίʔυ͞Ε͍ͯΔͱ͜ΖΛ ݟ͚ͭͯద੾ʹॻ͖׵͑Δ ػցతʹ IUUQT
    ʹஔ׵͢Δͱةݥͳ͜ͱ͕͋ΔͷͰ஫ҙ  ಺෦Ϣʔβʔ͚ͩʹ)5.-Λ)5514௨৴ͰݟͤΔΑ͏ʹͯ͠ಈ࡞֬ೝΛ͢Δɻ8FCϒϥ΢βʔͷ։ൃऀί ϯιʔϧ΍$POUFOU4FDVSJUZ1PMJDZ3FQPSU0OMZΛ׆༻ͯ͠.JYFE
    $POUFOUΛચ͍ग़͢  ҰൠϢʔβʔʹ)5514ܦ༝Ͱ)5.-ΛݟͤΔΑ͏ʹ͢Δ  )551
    ˠ )5514΁ͷϦμΠϨΫτΛೖΕΔ  ҰఆͷܦաظؒΛ͓͍ͯ)551
    4USJDU
    5SBOTQPSU
    4FDVSJUZͷ༗ޮԽɾ$PPLJFͷTFDVSFଐੑ༗ޮԽ མͱ݀͠
    .JYFE
    $POUFOUT

21. ©2017 AKAMAI | FASTER FORWARDTM མͱ݀͠
    .JYFE
    $POUFOUT ղܾํ๏ Content Security Policy

    (CSP) https://developer.mozilla.org/ja/docs/Web/Security/CSP Ͱಈతʹϖʔδ಺ͷ IUUQ
    Λ IUUQT
    ʹஔ׵Ͱ͖ͳ͍ͷͰ͔͢ • $POUFOU
    4FDVSJUZ
    1PMJDZҧ൓ϨϙʔτػೳΛ࢖͏ Ϣʔβʔͷ8FCϒϥ΢ βʔͰ.JYFE
    $POUFOU͕ൃੜ͢Δͱࢦఆͨ͠ΤϯυϙΠϯτʹใࠂͤ͞Δ • ใࠂ؅ཧπʔϧͱͯ͠ SFQPSUVSJJP ͕༗໊

22. ©2017 AKAMAI | FASTER FORWARDTM མͱ݀͠
    $SPTT0SJHJO
    3FTPVSDF
    4IBSJOH
    $034 http://www.example.com/ https://api.example.com/ https://api.example.com/article/1234

    Access-Control-Allow-Origin: http://www.example.com It Works! Ϩεϙϯεͷ "DDFTT$POUSPM"MMPX0SJHJO
    ϔομʔͱΞΫηεݩυϝΠϯ͕ εΩʔϜ IUUQIUUQT ΛؚΊͯ Ұக͍ͯ͠Δ Cross-Origin Resource Sharing (CORS) https://developer.mozilla.org/ja/docs/Web/HTTP/HTTP_access_control

23. ©2017 AKAMAI | FASTER FORWARDTM མͱ݀͠
    $SPTT0SJHJO
    3FTPVSDF
    4IBSJOH
    $034 https://www.example.com/ https://api.example.com/ https://api.example.com/article/1234

    Access-Control-Allow-Origin: http://www.example.com XMLHttpRequest cannot load https://api.example.com/article/1234. Origin https://www.example.com is not allowed by Access-Control-Allow-Origin.

24. ©2017 AKAMAI | FASTER FORWARDTM ղܾํ๏ • ϦΫΤετͷ0SJHJOϔομʔΛݟͯద੾ͳυϝΠϯ͔Βདྷ͍ͯͨΒɺͦͷ஋ Λಈతʹ"DDFTT$POUSPM"MMPX0SJHJOʹ͚ͭΔ •

    ্هॲཧΛ"QBDIF΍OHJOYͳͲͰ࣮૷͢Δ • "DDFTT$POUSPM"MMPX0SJHJO
    ˎ Λ࢖͏ ඇਪ঑ མͱ݀͠
    $SPTT0SJHJO
    3FTPVSDF
    4IBSJOH
    $034 Access-Control-Allow-Origin Multiple Origin Domains? https://stackoverflow.com/questions/1653308/access-control-allow-origin-multiple-origin-domains

25. ©2017 AKAMAI | FASTER FORWARDTM མͱ݀͠
    େྔͷ5-%ΛؚΉ44-ূ໌ॻͷऔಘ Photo by Andrew Butler

    www.example.com www.example.co.jp www.example.de www.example.co.uk www.example.fr ೝূہͷυϝΠϯ֬ೝ͕େม www.example.de www.example.ar www.example.ru www.example.th www.example.br

26. ©2017 AKAMAI | FASTER FORWARDTM ରࡦ • Ұ෦ͷ5-%͸ߋ৽͕೉͔ͬͨ͠ΓɺೝূہʹΑΔXIPJT৘ใͷ֬ೝʹ͕࣌ؒ ͔͔ͬͨΓ͢ΔͷͰɺεέδϡʔϧΛܾΊΔࡍʹ44-ূ໌ॻͷऔಘʹ͔͔Δ ࣌ؒΛे෼ʹݟੵ΋Δ

    • XIPJTʹొ࿥͞ΕͨϝʔϧΞυϨε͕༗ޮ͔Ͳ͏͔ࣄલʹ֬ೝ͢Δ མͱ݀͠
    େྔͷ5-%ΛؚΉূ໌ॻͷऔಘ

27. ©2017 AKAMAI | FASTER FORWARDTM <>
    ΍ͰϦμΠϨΫτ͢Δͱ1045ϦΫΤετ͕(&5ϦΫΤετʹͳΔ <>
    63-ͷεΩʔϜ͕มΘΔͱγΣΞϘλϯͷΧ΢ϯτ਺͕ফ͑Δ <>
    $JQIFS
    4VJUFΛద੾ʹબ୒͠ͳ͍ͱݹ͍8JOEPXTɺ"OESPJE͔ΒΞΫηεͰ͖ͳ͘ͳΔ <>
    )5514
    ˠ
    )551αΠτʹભҠ͢ΔͱભҠઌͰ3FGFSFS͕औΕͳ͍ <>
    )551)5514ࠞࡏ؀ڥͰMPDBM4UPSBHFͷऔΓѻ͍

    <>
    $PPLJFʹTFDVSFଐੑͱ)454Λ༗ޮԽ͢ΔλΠϛϯά ͦΕҎ֎ͷ஫ҙ͢΂͖఺ <>
    IUUQLJSJSJNPEFIBUFOBCMPHKQFOUSZQ <>
    IUUQTXXXBSLXFCKQCMPHBSDIJWFTIUUQT@GBDFCPPL@MJLFIUNM <>
    IUUQTXXXTTMMBCTDPNTTMUFTUDMJFOUTIUNM <>
    IUUQTUPPMTJFUGPSHIUNMSGDTFDUJPO <>
    IUUQQPTUEDDXFCTUPSBHFUIFMFTTFSFWJMGPSTFTTJPOUPLFOT <>
    IUUQTJOTJEFQJYJWCMPHDBUBUTVZ ߟྀ఺ɾରࡦ

28. ©2017 AKAMAI | FASTER FORWARDTM ໊ࢗ ϙελʔ౳ͷൢചଅਐࢿྉ ϝʔϧͷॺ໊ཝ