Upgrade to Pro — share decks privately, control downloads, hide ads and more …

The Sorry State of SSL at PyCon US 2014

The Sorry State of SSL at PyCon US 2014

Those web pages with shiny lock icons boasting that your data is safe because of “256 bit encryption”? They are lying. In times of mass surveillance and commercialized Internet crime you should know why that’s the case. This talk will give you an overview that will help you to assess your personal security more realistically and to make your applications as secure as possible against all odds.

Hynek Schlawack

April 07, 2014
Tweet

More Decks by Hynek Schlawack

Other Decks in Technology

Transcript

  1. WTF

  2. TIMELINE 1995: Secure Sockets Layer 2.0, Netscape 1996: SSL 3.0,

    still Netscape 1999: Transport Layer Security 1.0, IETF
  3. TIMELINE 1995: Secure Sockets Layer 2.0, Netscape 1996: SSL 3.0,

    still Netscape 1999: Transport Layer Security 1.0, IETF 2006: TLS 1.1
  4. TIMELINE 1995: Secure Sockets Layer 2.0, Netscape 1996: SSL 3.0,

    still Netscape 1999: Transport Layer Security 1.0, IETF 2006: TLS 1.1 2008: TLS 1.2
  5. TLS

  6. SYSTEM CA • FreeBSD: ca_root_nss • debian/Red Hat: ca-certificates •

    OS X: TEA or homebrew • Windows: wincertstore
  7. SYSTEM CA • FreeBSD: ca_root_nss • debian/Red Hat: ca-certificates •

    OS X: TEA or homebrew • Windows: wincertstore • or: Mozilla/certifi
  8. DON’T VERIFY TRUST CHAIN I can pretend to be Google

    with any self-signed certificate.
  9. STANDARD LIBRARY • terrible pre-3.3 • very incomplete in 2.7

    • PFS impossible • missing options • bound to Python’s OpenSSL
  10. PYOPENSSL • Python 2.6+, 3.2+, and PyPy • more complete

    API coverage • no server ECDHE (yet)
  11. PYOPENSSL • Python 2.6+, 3.2+, and PyPy • more complete

    API coverage • no server ECDHE (yet) • cryptography!
  12. CRYPTOGRAPHY.IO • Python crypto w/o footguns • PyPy ♥ cffi

    • SecureTransport is coming! • gives pyOpenSSL momentum
  13. SERVERS lib PFS good defaults configurable eventlet hybrid ❌ ❌

    ❌ gevent stdlib ❌ ❌ ❌ gunicorn depends ❌ ❌ ❌ Tornado stdlib ❌ ❌ ❌
  14. SERVERS lib PFS good defaults configurable eventlet hybrid ❌ ❌

    ❌ gevent stdlib ❌ ❌ ❌ gunicorn depends ❌ ❌ ❌ Tornado stdlib ❌ ❌ ❌ Twisted 14.0 pyOpenSSL ✔️ ✔️ ✔️
  15. SERVERS lib PFS good defaults configurable eventlet hybrid ❌ ❌

    ❌ gevent stdlib ❌ ❌ ❌ gunicorn depends ❌ ❌ ❌ Tornado stdlib ❌ ❌ ❌ Twisted 14.0 pyOpenSSL ✔️ ✔️ ✔️ uWSGI own C code ✔️ ❌ ✔️
  16. SERVERS lib PFS good defaults configurable eventlet hybrid ❌ ❌

    ❌ gevent stdlib ❌ ❌ ❌ gunicorn depends ❌ ❌ ❌ Tornado stdlib ❌ ❌ ❌ Twisted 14.0 pyOpenSSL ✔️ ✔️ ✔️ uWSGI own C code ✔️ ❌ ✔️
  17. CLIENTS lib verifies certificates verifies hostnames good defaults eventlet hybrid

    ❌ ❌ ❌ gevent stdlib ❌ ❌ ❌ Tornado stdlib ✔️ ✔️ ❌
  18. CLIENTS lib verifies certificates verifies hostnames good defaults eventlet hybrid

    ❌ ❌ ❌ gevent stdlib ❌ ❌ ❌ Tornado stdlib ✔️ ✔️ ❌ Twisted 14.0 pyOpenSSL opt-in opt-in ✔️
  19. CLIENTS lib verifies certificates verifies hostnames good defaults eventlet hybrid

    ❌ ❌ ❌ gevent stdlib ❌ ❌ ❌ Tornado stdlib ✔️ ✔️ ❌ Twisted 14.0 pyOpenSSL opt-in opt-in ✔️ urllib2 stdlib ❌ ❌ ❌
  20. CLIENTS lib verifies certificates verifies hostnames good defaults eventlet hybrid

    ❌ ❌ ❌ gevent stdlib ❌ ❌ ❌ Tornado stdlib ✔️ ✔️ ❌ Twisted 14.0 pyOpenSSL opt-in opt-in ✔️ urllib2 stdlib ❌ ❌ ❌ urllib3/requests hybrid ✔️ ✔️ ✔️
  21. SUMMARY • keep TLS out of Python if you can

    • use pyOpenSSL-powered requests for HTTPS
  22. SUMMARY • keep TLS out of Python if you can

    • use pyOpenSSL-powered requests for HTTPS • write servers in Twisted
  23. SUMMARY • keep TLS out of Python if you can

    • use pyOpenSSL-powered requests for HTTPS • write servers in Twisted • use pyOpenSSL
  24. SUMMARY • keep TLS out of Python if you can

    • use pyOpenSSL-powered requests for HTTPS • write servers in Twisted • use pyOpenSSL • use Python 2 stdlib only for clients