$30 off During Our Annual Pro Sale. View Details »

HTTPS is Coming: Are You Prepared?

Zack Tollman
November 07, 2015
Technology
0
180

HTTPS is Coming: Are You Prepared?

Google, Firefox, and the IETF are currently engaged in major initiatives to convert the web to be secure by default. Page ranking, new browser APIs, and HTTP/2 are all pushing websites to require HTTPS. An HTTPS only web is imminent. Unfortunately, according to SSL Pulse, 75% of the top 1 million websites that use HTTPS are not actually secure because of misconfiguration. Do you know how to configure HTTPS properly? In this talk, we will discuss the key aspects of HTTPS to empower developers to deploy truly secure HTTPS sites.

Zack Tollman

November 07, 2015
Tweet

More Decks by Zack Tollman

See All by Zack Tollman
Defining Fast: The Hardest Problem in Performance Engineering
tollmanz
0
68
Defining Fast: The Hardest Problem in Performance Engineering
tollmanz
0
95
ReWIRED: Moving WIRED.com from WordPress to Node
tollmanz
0
170
Put an "S" on it: Moving a Large Publishing Site to HTTPS
tollmanz
1
100
Building Custom User Experiences from the Edge
tollmanz
0
87
HTTPS Migrations: The Hard Parts
tollmanz
0
180
HTTPS is Coming: Are You Prepared? (Velocity 2016)
tollmanz
0
160
Understanding HTTPS and TLS
tollmanz
0
180
HTTPS Is Coming - WP SFO
tollmanz
0
89

Other Decks in Technology

See All in Technology
2023-12-01 吉祥寺.pm ベストプラクティスと組織とIaC
masasuzu
1
250
kintone テクニカルライター採用ピッチ資料
cybozuinsideout
PRO
0
710
Java Language Future
chiroito
4
1.3k
從心開始的純軟之路
line_developers_tw
PRO
0
1.1k
開発生産性大幅アップ!Postman VS Code拡張機能
nagix
0
120
開発組織の体制づくり、いつやるか問題
akiroom
0
1.5k
VS CodeとPostmanを活用した効率的なAPI開発 / Efficient API development using VS Code and Postman
yokawasa
3
290
デザインシステム仕切り直し
chloe463
1
1.7k
LINEでのコミュニケーションにマスコットキーホルダーを使ってみる / LINEを使ったLT大会 #5
you
PRO
0
100
Rest Clientユーザーの自分がPostman の VS Code拡張機能を扱ってみた感想
smt7174
0
120
RDBを使う単体テストの前に 用意しておきたい環境を考え てみたの
bun913
0
400
走馬灯のIaCは考えておいて
nwiizo
6
3.3k

Featured

See All Featured
Put a Button on it: Removing Barriers to Going Fast.
kastner
56
2.8k
個人開発の失敗を避けるイケてる考え方 / tips for indie hackers
panda_program
44
12k
Robots, Beer and Maslow
schacon
154
7.7k
How STYLIGHT went responsive
nonsquared
89
4.5k
Sharpening the Axe: The Primacy of Toolmaking
bcantrill
12
1k
Designing the Hi-DPI Web
ddemaree
274
33k
A Philosophy of Restraint
colly
194
15k
Dealing with People You Can't Stand - Big Design 2015
cassininazir
352
21k
Java REST API Framework Comparison - PWX 2021
mraible
PRO
18
6.4k
A designer walks into a library…
pauljervisheath
199
22k
Producing Creativity
orderedlist
PRO
335
38k
Helping Users Find Their Own Way: Creating Modern Search Experiences
danielanewman
15
1.7k

Transcript

  1. HTTPS Is Coming:
    Are You Prepared?
    @tollmanz
    Zack Tollman

    View Slide

  2. An HTTPS only web is coming

    View Slide

  3. Today we are announcing our
    intent to phase out non-secure
    HTTP
    — Richard Barnes, Firefox Security Lead
    https://blog.mozilla.org/security/2015/04/30/deprecating-non-secure-http/

    View Slide

  4. HTTP/2 is HTTPS only in
    Chrome, Firefox, Opera,
    Safari, and IE/Edge

    View Slide

  5. Pervasive monitoring is a
    technical attack that should be
    mitigated in the design of IETF
    protocols, where possible
    https://tools.ietf.org/html/rfc7258

    View Slide

  6. Now Later
    Less
    HTTPS
    More
    HTTPS

    View Slide

  7. But there’s a problem

    View Slide

  8. We implement HTTPS
    poorly

    View Slide

  9. SSL Pulse
    Reviews HTTPS sites in Alexa’s
    Top 300k sites
    https://www.trustworthyinternet.org/ssl-pulse/

    View Slide

  10. 70% are
    insecure

    View Slide

  11. “misconfiguration errors
    are undermining the potential
    security”
    Kranch & Bonneau (2015)
    http://www.internetsociety.org/sites/default/files/01_4_0.pdf

    View Slide

  12. “industry-wide configuration
    problem with the deployment
    of DHE key exchange"
    Huang, Adhikarla, Boneh, & Jackson (2014)
    http://www.w2spconf.com/2014/papers/TLS.pdf

    View Slide

  13. Why?

    View Slide

  14. Unless you are a cryptographer,
    this stuff is hard

    View Slide

  15. Copying and pasting is easy

    View Slide

  16. ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_certificate /path/to/public.crt;
    ssl_certificate_key /path/to/private.key;
    ssl_prefer_server_ciphers on;
    ssl_ciphers ECDHE-RSA-AES128-GCM-
    SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-
    RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-
    GCM-SHA384…;
    https://github.com/igrigorik/istlsfastyet.com/blob/master/nginx/includes/ssl.conf

    View Slide

  17. Knowing what you are
    doing is hard

    View Slide

  18. TLS Basics

    View Slide

  19. Transport Layer Security

    View Slide

  20. HTTP
    Transport Layer Security
    TCP

    View Slide

  21. SSLv2 1995
    SSLv3 1996
    TLSv1.0 1999
    TLSv1.1 2006
    TLSv1.2 2008

    View Slide

  22. Provides authentication,
    encryption, integrity, and
    key exchange

    View Slide

  23. Authentication

    View Slide

  24. Authentication
    TLS certificates

    View Slide

  25. Integrity

    View Slide

  26. Encryption

    View Slide

  27. jbeqcerff

    View Slide

  28. WordPress

    View Slide

  29. Substitution Cipher

    View Slide

  30. A + 13 = N
    B + 13 = O
    C + 13 = P

    View Slide

  31. 13 is the Key

    View Slide

  32. Key exchange

    View Slide

  33. Demo
    https://github.com/tollmanz/diffie-hellman-key-exchange-demo
    p = 23

    g = 5

    View Slide

  34. Compromise of any of these,
    compromises the whole system

    View Slide

  35. Cipher Suites

    View Slide

  36. Combination of algorithms for
    authentication, encryption,
    integrity and key exchange

    View Slide

  37. ECDHE-RSA-AES128-GCM-SHA256

    View Slide

  38. ECDHE-RSA-AES128-GCM-SHA256
    Key Exchange

    View Slide

  39. ECDHE-RSA-AES128-GCM-SHA256
    Certificate signing algorithm
    (authentication)

    View Slide

  40. ECDHE-RSA-AES128-GCM-SHA256
    Cipher (Encryption)

    View Slide

  41. ECDHE-RSA-AES128-GCM-SHA256
    Message authentication code
    (integrity)

    View Slide

  42. ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-
    GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-
    ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-
    SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH
    +AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-
    AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-
    AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-
    AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-
    AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-
    SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-
    SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-
    SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-
    SHA256:AES256-SHA256:AES128-SHA:AES256-
    SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!
    EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-
    CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-
    SHA

    View Slide

  43. ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-
    GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-
    ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-
    SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH
    +AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-
    AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-
    AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-
    AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-
    AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-
    SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-
    SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-
    SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-
    SHA256:AES256-SHA256:AES128-SHA:AES256-
    SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!
    EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-
    CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-
    SHA

    View Slide

  44. ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-
    GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-
    ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-
    SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH
    +AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-
    AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-
    AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-
    AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-
    AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-
    SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-
    SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-
    SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-
    SHA256:AES256-SHA256:AES128-SHA:AES256-
    SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!
    EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-
    CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-
    SHA

    View Slide

  45. View Slide

  46. View Slide

  47. So…huh?

    View Slide

  48. Use Mozilla’s guide
    https://wiki.mozilla.org/Security/
    Server_Side_TLS

    View Slide

  49. HTTP Strict Transport Security

    View Slide

  50. SSL Stripping
    http://www.thoughtcrime.org/software/sslstrip/

    View Slide

  51. What if HTTP variant
    was never accessed?

    View Slide

  52. HSTS blocks browser from
    HTTP version of site

    View Slide

  53. Recommendation
    Set HSTS headers

    View Slide

  54. Set HSTS only after mixed
    content issues are resolved

    View Slide

  55. The Code Book
    Simon Singh
    High Performance Browser Networking (TLS Chapter)
    Ilya Grigorik
    Bulletproof SSL and TLS
    Ivan Ristic
    SSL and TLS: Designing and Building Secure Systems
    Eric Rescorla

    View Slide

  56. @tollmanz
    Zack Tollman

    View Slide