Slide 1

Slide 1 text

What you should know about HTTPS By Ahmad Alfy http://alfy.me

Slide 2

Slide 2 text

Agenda • What is HTTPS • HTTPS value proposition • Components of HTTPS • Certificate authorities • Implementing HTTPS • Additional benefits for HTTPS • Popular incidents

Slide 3

Slide 3 text

What is HTTPS? • HTTPS protocol was developed to ensure end to end encryption between 2 entities trying to communicate. • HTTPS primarily protect against a type of security breech called “The Man in the Middle Attack”

Slide 4

Slide 4 text

No content

Slide 5

Slide 5 text

• Free WiFi networks at coffee shops • ISPs manipulating and inspecting traffic • Nationwide surveillance and inspection

Slide 6

Slide 6 text

Value proposition • Confidentiality
 No one will be able to see what is happening between you and the server (confidential information like passwords and emails, cookies … etc.) • Integrity
 Ensuring that the content served from the server has not been modified. (Injecting malicious code like key loggers, trackers … etc.) • Authenticity
 Makes you sure you are actually talking to who you think you are talking to. (Protect against DNS hijacking, phishing attacks … etc.)

Slide 7

Slide 7 text

Components of HTTPS • SSL and TLS • The TLS handshake • Certificates handling in browsers and operating systems.

Slide 8

Slide 8 text

SSL and TLS The two terms are used interchangeably but they mean two different things. SSL TLS Secure Socket Layer Transport Layer Security Developed by Netscape Defined in 1999 as an upgrade to SSL 3.0 2.0 launched in 1995 1.1 launched in 2006 3.0 launched in 1996 1.2 launched in 2008 In 2014 it because obsolete due to a type of attack called POODLE 1.3 is in working draft early in 2017

Slide 9

Slide 9 text

TLS Handshake Client hello Server hello Client key exchange Server finished

Slide 10

Slide 10 text

Client Hello Component • Protocol
 The SSL/TLS protocol version the client wishes to use during the session. • Random
 This value is formed of 4 bytes representing the current time • Session id
 The client may decide to reuse previously established session. The session cache is usually shared between normal and privacy modes of the browser. • Cypher suites • Compression methods
 If a compression method is preferred like gzip. • Extensions
 Most notable example is the SNI (Server Name Indication). Source: https://idea.popcount.org/2012-06-16-dissecting-ssl-handshake/

Slide 11

Slide 11 text

Certification authorities • These are authorities who are authorized to issue certificates. They require legal document • CAs are limited and they undergo a lot of investigation before being added to the list • If a CA commit any violation; they are immediately added to a revocation list where all their certificates become invalid. • CA lists are handled differently according to the operating systems and the browsers.

Slide 12

Slide 12 text

CA list on Mac is accessible from Keychain access. Used by Google Chrome

Slide 13

Slide 13 text

Firefox Certificate Manager

Slide 14

Slide 14 text

Implementing HTTPS • Obtaining the certificate. • Paid certificates from CAs • Free certificates from Let’s Encrypt or Cloudflare • Installing the certificate on the server • Renewal of the certificate

Slide 15

Slide 15 text

What’s Next?

Slide 16

Slide 16 text

1. HTTPS everywhere Permanent redirects for traffic from HTTP to HTTP

Slide 17

Slide 17 text

2. Update references of the assets from HTTP to HTTPS

Slide 18

Slide 18 text

No content

Slide 19

Slide 19 text

• If the browser attempts to load HTTP url over HTTPS; it will evaluate the content • Images will be loaded but the address bar will show a notice of the attempt to load insecure requests. • scripts, iframes, embeddable content will be blocked.

Slide 20

Slide 20 text

1. Automagically update all the requests

Slide 21

Slide 21 text

2. Automatically block all insecure requests

Slide 22

Slide 22 text

Loading insecure content

Slide 23

Slide 23 text

3. HTTP Strict Transport Security (HTST)

Slide 24

Slide 24 text

The problem • The first connection between the client and the server can be done over http then the server redirect the client to HTTPS through an 301 redirect. • On this initial connection, a man in the middle attack can happen and redirect the client somewhere else.

Slide 25

Slide 25 text

The solution • Using HSTS header. • HSTS force the browser to make a 307 (internal) redirect if the user attempt to load the HTTP version. • The header have the following directives: 1. includeSubDomains 2. max-age = age in seconds

Slide 26

Slide 26 text

No content

Slide 27

Slide 27 text

What about the first time you try to connect to an https website using http?

Slide 28

Slide 28 text

HSTS Preload

Slide 29

Slide 29 text

Preloaded websites in Chrome

Slide 30

Slide 30 text

Other benefits for using HTTPS

Slide 31

Slide 31 text

1. Performance improvement • HTTPS take more rounds from and to the server during the initial handshake but it happens only during the initial connection. • The client is able to use the same HTTPS connection using the session id. • HTTPS itself doesn’t grant any performance improvement but it open the doors to use HTTP/2

Slide 32

Slide 32 text

Currently HTTP/2 is only supported over HTTPS

Slide 33

Slide 33 text

Source: https://istlsfastyet.com/

Slide 34

Slide 34 text

2. SEO Benefit Higher ranking for websites using HTTPS

Slide 35

Slide 35 text

3. Privacy Benefits By design; referer header is not set if unsecured HTTP request is referred from an HTTPS request

Slide 36

Slide 36 text

Bonus stuff

Slide 37

Slide 37 text

Debugging HTTPS

Slide 38

Slide 38 text

No content

Slide 39

Slide 39 text

No content

Slide 40

Slide 40 text

Entity verification vs Domain verification

Slide 41

Slide 41 text

Public Key Pinning (PKP) • PKP is a security mechanism delivered via an HTTP header which allows HTTPS websites to resist impersonation by attackers using mis-issued or otherwise fraudulent certificates. • PKP contains: • SHA 256 encryption of the public key • max-age • includeSubmdomains • report-uri

Slide 42

Slide 42 text

Popular Cases

Slide 43

Slide 43 text

FireSheep for Firefox • FireSheep is an extension developed for Firefox released on October 2010. This extension used packet sniffing to intercept all insecure traffic from different devices on the same network. • It was being promoted as “The Facebook Hacking Tool” because users used it for session hijacking and gaining access to other users using Facebook on their network. • Mozilla addon website didn’t blacklist or disable it as it was stated it should be used for demonstration and education purposes.

Slide 44

Slide 44 text

Tunisia plants country-wide keystroke logger on Facebook During the Arab Spring and specifically right before Facebook forcing HTTPS on their login page; the government injected key loggers on Facebook, GMail and Yahoo login pages to steal login credentials from the users.

Slide 45

Slide 45 text

Source: https://www.theregister.co.uk/2011/01/25/tunisia_facebook_password_slurping/

Slide 46

Slide 46 text

With great power come great responsibility

Slide 47

Slide 47 text

• In 2015, An Egyptian company called MCS Holding was given the authority to issue certificates from China Internet Network Information Center (CNNIC) on their behalf in an attempt to bring issuing certificates to the MENA region. • The company successfully issued a few certificates for testing their application and it worked as expected.

Slide 48

Slide 48 text

• Someone tried to see what happen if they issued a certificate on behalf of Google and use it for a “Man In The Middle Attack” to decrypt the traffic between a client and Google servers. • The incident was reported immediately and Google published a statement regarding the incident. • Google immediately alerted CNNIC and other browser vendors about the incident and pushed an update to Chrome to block MCS certificates. • Google used this incident to highlight the importance of their Certificate Transparency project.

Slide 49

Slide 49 text

Source: http://www.mcsholding.com/MCSResponse.aspx

Slide 50

Slide 50 text

Source: https://security.googleblog.com/2015/03/maintaining-digital-certificate-security.html

Slide 51

Slide 51 text

Port Mortem Analysis How did Google figured this out? PKP

Slide 52

Slide 52 text

Further Readings •How does HTTPS actually work?
 http://robertheaton.com/2014/03/27/how-does-https-actually-work/ •What Is An SSL/TLS Handshake?
 https://www.websecurity.symantec.com/security-topics/how-does-ssl-handshake-work •The SSL Handshake
 http://publib.boulder.ibm.com/tividd/td/ITAME/SC32-1363-00/en_US/HTML/ss7aumst18.htm •Is TLS Fast Yet
 https://istlsfastyet.com/ •Anatomy and Performance of SSL Processing
 http://www.cs.ucr.edu/~bhuyan/papers/ssl.pdf •Dissecting SSL handshake
 https://idea.popcount.org/2012-06-16-dissecting-ssl-handshake/ • The Transport Layer Security (TLS) Protocol Version 1.2 - Hello Request
 https://tools.ietf.org/html/rfc5246#section-7.4.1.1

Slide 53

Slide 53 text

Questions?

Slide 54

Slide 54 text

Thank you!