Upgrade to Pro — share decks privately, control downloads, hide ads and more …

Understanding HTTPS and TLS

Zack Tollman
April 23, 2016
Technology
0
170

Understanding HTTPS and TLS

Google, Firefox, and the IETF are currently engaged in major initiatives to convert the web to be secure by default. Page ranking, new browser APIs, and HTTP/2 are all pushing websites to require HTTPS. An HTTPS only web is imminent. Unfortunately, according to SSL Pulse, 75% of the top 1 million websites that use HTTPS are not actually secure because of misconfiguration. Do you know how to configure HTTPS properly? In my talk, I will discuss the key aspects of HTTPS to empower developers to deploy truly secure HTTPS sites.

Zack Tollman

April 23, 2016
Tweet

More Decks by Zack Tollman

See All by Zack Tollman
Defining Fast: The Hardest Problem in Performance Engineering
tollmanz
0
64
Defining Fast: The Hardest Problem in Performance Engineering
tollmanz
0
92
ReWIRED: Moving WIRED.com from WordPress to Node
tollmanz
0
160
Put an "S" on it: Moving a Large Publishing Site to HTTPS
tollmanz
1
95
Building Custom User Experiences from the Edge
tollmanz
0
84
HTTPS Migrations: The Hard Parts
tollmanz
0
170
HTTPS is Coming: Are You Prepared? (Velocity 2016)
tollmanz
0
160
HTTPS Is Coming - WP SFO
tollmanz
0
85
The Many Challenges of Object Caching in WordPress
tollmanz
0
90

Other Decks in Technology

See All in Technology
仲間から嫌われがちだった私が、アジャイルに出会い、仲間から慕われるようになるまでの道のり / I was often disliked by my peers, but then I met Agile, How I came to be admired by my peers
pauli
0
400
組織・プロセス・技術 - フロントエンドの生産性向上への複眼的アプローチ / 20230921
bengo4com
3
270
様々なユースケースに利用できる "パスキー" の 導入事例の紹介とUXの課題解説 @ DroidKaigi 2023
ritou
1
1.7k
Amazon Route 53をやさしくおさらい
minorun365
19
4.2k
自作WASMランタイムをKernelに改造する試み.pdf
riru
2
460
asken リアーキテクチャを行う背景と DDD導入戦略
murahigeas
1
120
JPOUG Tech Talk Night #7 ASAHI
asahihidehiko
0
180
【初心者向け】まだ間に合う! Hugging Face入門 -TransformersでAI推論&学習
tkhresk
3
580
Better PHP - Keep your code up to date
wernerkrauss
1
120
The Evolution of GraphQL Code Generation
n1ru4l
0
260
TypeScriptプロジェクトにスキーマ駆動開発を持ち込み、より型安全な世界へ
sansantech
PRO
1
400
モジュラモノリスにおけるトランザクション設計の考え方 / transaction design on modular monolith
nazonohito51
14
5k

Featured

See All Featured
We Have a Design System, Now What?
morganepeng
40
6.3k
RailsConf & Balkan Ruby 2019: The Past, Present, and Future of Rails at GitHub
eileencodes
123
30k
Support Driven Design
roundedbygravity
91
9.2k
Adopting Sorbet at Scale
ufuk
66
8.1k
GitHub's CSS Performance
jonrohan
1021
440k
Six Lessons from altMBA
skipperchong
17
2.6k
Rails Girls Zürich Keynote
gr2m
90
12k
A Modern Web Designer's Workflow
chriscoyier
688
190k
A designer walks into a library…
pauljervisheath
199
17k
Learning to Love Humans: Emotional Interface Design
aarron
265
38k
A Tale of Four Properties
chriscoyier
150
21k
Let's Do A Bunch of Simple Stuff to Make Websites Faster
chriscoyier
500
130k

Transcript

  1. Understanding
    HTTPS and TLS
    Zack Tollman @tollmanz

    View Slide

  2. View Slide

  3. “Pervasive monitoring is a
    technical attack that
    should be mitigated in the
    design of IETF protocols,
    where possible.”

    — IETF
    https://tools.ietf.org/html/rfc7258

    View Slide

  4. “Today we are
    announcing our intent to
    phase out non-secure
    HTTP”

    — Richard Barnes, Firefox Security Lead
    https://blog.mozilla.org/security/2015/04/30/deprecating-non-secure-http/

    View Slide

  5. HTTP/2 is TLS only in
    Chrome, Firefox, Opera,
    IE/Edge, and Safari
    https://wiki.mozilla.org/Networking/http2

    View Slide

  6. Now Later
    Less

    HTTPS
    More

    HTTPS

    View Slide

  7. HTTPS knowledge is now
    essential

    View Slide

  8. We are bad at HTTPS

    View Slide

  9. 58% of sites are not secure
    https://www.trustworthyinternet.org/ssl-pulse/

    View Slide

  10. “misconfiguration errors

    are undermining the
    potential security”

    — Kranch & Bonneau (2015)
    http://www.internetsociety.org/sites/default/files/01_4_0.pdf

    View Slide

  11. “industry-wide configuration

    problem with the
    deployment of DHE key
    exchange”

    — Huang, Adhikarla, Boneh, & Jackson
    (2014)

    http://www.w2spconf.com/2014/papers/TLS.pdf

    View Slide

  12. Why?

    View Slide

  13. Unless you are a
    cryptographer, this

    stuff is hard

    View Slide

  14. Copying and pasting is
    easy

    View Slide

  15. Knowing what you are
    doing is hard

    View Slide

  16. TLS Basics

    View Slide

  17. Transport Layer Security

    View Slide

  18. SSL v2

    SSL v3

    TLS v1

    TLS v1.1

    TLS v1.2
    1995

    1996

    1999

    2006

    2008

    View Slide

  19. TCP

    Transport Layer Security

    HTTP

    View Slide

  20. Provides authentication,
    encryption, integrity, and
    key exchange

    View Slide

  21. Authentication

    View Slide

  22. Is the server the intended
    server?

    View Slide

  23. Integrity

    View Slide

  24. Is the message received
    the message sent?

    View Slide

  25. Encryption

    View Slide

  26. Converts plaintext to
    ciphertext

    View Slide

  27. j b e q c e r f f

    View Slide

  28. j b e q c e r f f
    w o r d p r e s s

    View Slide

  29. A B C D E F
    N O P Q R S
    +13

    View Slide

  30. Letter + 13 = Cipher Letter

    View Slide

  31. Substitution Cipher

    Caesar Cipher

    View Slide

  32. Key is 13

    View Slide

  33. Key owners can encrypt
    and decrypt

    View Slide

  34. Key Exchange

    View Slide

  35. How do we establish an
    encryption key for 2
    unknown parties over an
    insecure connection?

    View Slide

  36. By Alessandro Nassiri - Museo della Scienza e della Tecnologia "Leonardo da Vinci",
    CC BY-SA 4.0, https://commons.wikimedia.org/w/index.php?curid=47910919

    View Slide

  37. Diffie-Hellman-Merkle
    key exchange

    View Slide

  38. p = 23

    g = 5
    https://github.com/tollmanz/diffie-hellman-key-exchange-demo
    Demo

    View Slide

  39. If anything goes wrong,
    make a joke about bad
    wifi

    View Slide

  40. Compromise of any of
    these, compromises the
    whole system

    View Slide

  41. Cipher Suites

    View Slide

  42. Combination of
    algorithms for
    authentication, integrity,
    encryption, and key
    exchange

    View Slide

  43. ssl_protocols TLSv1 TLSv1.1
    TLSv1.2;
    ssl_certificate /path/to/public.crt;
    ssl_certificate_key /path/to/private.key;
    ssl_ciphers ECDHE-RSA-AES128-GCM-
    SHA256:ECDHE-ECDSA-AES128-GCM-
    SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-
    ECDSA-AES256-GCM-SHA384…;
    ssl_prefer_server_ciphers on;
    https://github.com/igrigorik/istlsfastyet.com/blob/master/nginx/includes/ssl.conf

    View Slide

  44. ECDHE-RSA-AES128-GCM-SHA256

    View Slide

  45. ECDHE-RSA-AES128-GCM-SHA256
    Key Exchange

    View Slide

  46. ECDHE-RSA-AES128-GCM-SHA256
    Certificate signing
    algorithm
    (Authentication)

    View Slide

  47. ECDHE-RSA-AES128-GCM-SHA256
    Cipher (Encryption)

    View Slide

  48. ECDHE-RSA-AES128-GCM-SHA256
    Message authentication
    code (Integrity)

    View Slide

  49. ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-
    GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-
    ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-
    SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH
    +AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-
    AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-
    AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-
    AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-
    AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-
    SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-
    SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-
    SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-
    SHA256:AES256-SHA256:AES128-SHA:AES256-
    SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!
    EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-
    CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-
    SHA

    View Slide

  50. ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-
    GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-
    ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-
    SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH
    +AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-
    AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-
    AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-
    AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-
    AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-
    SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-
    SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-
    SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-
    SHA256:AES256-SHA256:AES128-SHA:AES256-
    SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!
    EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-
    CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-
    SHA

    View Slide

  51. ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-
    GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-
    ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-
    SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH
    +AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-
    AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-
    AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-
    AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-
    AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-
    SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-
    SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-
    SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-
    SHA256:AES256-SHA256:AES128-SHA:AES256-
    SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!
    EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-
    CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-
    SHA

    View Slide

  52. View Slide

  53. View Slide

  54. What?

    View Slide

  55. Use Mozilla’s guide

    https://wiki.mozilla.org/Security/Server_Side_TLS

    View Slide

  56. The Code Book

    Simon Singh
    High Performance Browser
    Networking (TLS Chapter)

    Ilya Grigorik
    Bulletproof SSL and TLS

    Ivan Ristic
    SSL and TLS: Designing and Building
    Secure Systems

    Eric Rescorla

    View Slide

  57. https://speakerdeck.com/
    tollmanz/understanding-
    https-and-tls

    @tollmanz

    View Slide