Let's go HTTPS (Codemotion Rome 2016)

ROME 18-19 MARCH 2016
Let's Go ! HTTPS
Simone Carle4

View Slide

! HTTPS

View Slide

! HTTPS
I About HTTPS
II Obtaining an SSL cer?ﬁcate
III Deploying an SSL cer?ﬁcate
IV Serving HTTPS
IV
III
II
I

View Slide

Simone Carle4
@weppos

View Slide

View Slide

About HTTPS
I
IV
III
II
I

View Slide

What is HTTPS?
IV
III
II
I

View Slide

HTTPS (also called HTTP over TLS, HTTP
over SSL, and HTTP Secure) is a protocol for
secure communica?on over a computer
network which is widely used on the
Internet. HTTPS consists of communica?on
over Hypertext Transfer Protocol (HTTP)
within a connec?on encrypted by Transport
Layer Security or its predecessor, Secure
Sockets Layer.
hTps:/
/en.wikipedia.org/wiki/HTTPS
IV
III
II
I

View Slide

What is HTTPS?
HTTPS is a secure HTTP connec?on.
IV
III
II
I

View Slide

HTTPS is HTTP
over an encrypted connec?on
secured by TLS (previously SSL).
IV
III
II
I

View Slide

HTTPS is how websites securely
exchange informa?on.
IV
III
II
I

View Slide

Secure Connec>on
Encryp>on
The process of encoding messages or informa?on in such a way that
only authorized par?es can read it.
Authen>ca>on
The process of determining whether someone or something is, in
fact, who or what it is declared to be.
IV
III
II
I

View Slide

KEEP CALM
AND
HTTP IS NOT
ENCRYPTED

View Slide

HTTP Response
HTTP Request

View Slide

! HTTPS Request
HTTP Request

View Slide

Authen>ca>on

View Slide

View Slide

SSL
Cer>ﬁcate
IV
III
II
I

View Slide

Why HTTPS?
IV
III
II
I

View Slide

Why HTTPS?
! Security
! Ranking factor
! HTTP/2
! HTML 5 features
! Chrome Geo loca?on
! Firefox form + HTTPS
IV
III
II
I

View Slide

! Security
• Data integrity
• User sensible informa?on
• Unencrypted traffic can be:
• sniffed
• modified (e.g. adver?sement or script injec?on)

View Slide

! Ranking factor
hTps:/
/webmasters.googleblog.com/2014/08/hTps-as-ranking-signal.html

View Slide

! HTTP/2
hTps:/
/webmasters.googleblog.com/2014/08/hTps-as-ranking-signal.html

View Slide

! HTML 5 powerful features
hTps:/
/blog.mozilla.org/security/2015/04/30/depreca?ng-non-secure-hTp/
hTps:/
/sites.google.com/a/chromium.org/dev/Home/chromium-security/depreca?ng-powerful-features-on-insecure-origins

View Slide

! Chrome Geo location
hTps:/
/codereview.chromium.org/1530403002/

View Slide

! Firefox form + HTTPS
hTps:/
/www.fxsitecompat.com/en-CA/docs/2015/non-hTps-sites-containing-login-form-will-be-marked-insecure/

View Slide

" SSL Cer>ficate
A cer?ficate is a digital document that contains a public key, some
informa?on about the en?ty associated with it, and a digital
signature from the cer?ficate issuer.
IV
III
II
I

View Slide

x.509 SSL Cer>ﬁcate
# Version
$ Serial Number
% Issuer
& Validity
' Subject
( Public Key "
) Extensions
IV
III
II
I

View Slide

Cer>ficate Types
! Single-name cer?ficate
example.com
! Wildcard-name cer?ficate
*.example.com
! SAN cer?ficate
example.com, www.example.com, foobar.com, …
IV
III
II
I

View Slide

Symmetric vs Asymmetric
*
!
(
encrypt
(
decrypt
Shared secret key
(
+
John
+
Jane
*
!
Jane public key
Jane private key
(
(
+
John
+
Jane
(
decrypt
(
encrypt
encryp>on
IV
III
II
I

View Slide

Symmetric encryp>on
"hello world!" "puggy eyxgr!"
"hello world!"
"puggy eyxgr!"
[["a", "b"],
["b", "w"],
["c", "n"],
["d", "r"],
["e", "u"],
["f", "o"],
["g", "v"],
["h", "p"],
["i", "s"],
["j", "z"],
["k", "k"],
["l", "g"],
["m", "m"],
["n", "h"],
["o", "y"],
["p", "c"],
["q", "j"],
["r", "x"],
["s", "d"],
["t", "t"],
["u", "f"],
["v", "i"],
["w", "e"],
["x", "l"],
["y", "a"],
["z", "q"]]
John encrypts John sends to Jane
Jane receives from John Jane decrypts
IV
III
II
I

View Slide

How does HTTPS work?
IV
III
II
I

View Slide

It's not a one-click setup :(
yet
IV
III
II
I

View Slide

Handshake
, -
DISCLAIMER: This schema is simpliﬁed on purpose.
IV
III
II
I

View Slide

Handshake
SYN
, -
IV
III
II
I

View Slide

Handshake
SYN SYN ACK
, -
IV
III
II
I

View Slide

Handshake
SYN SYN ACK
. Client Random
( Cipher suites
ClientHello
, -
IV
III
II
I

View Slide

Handshake
SYN SYN ACK
. Client Random
( Cipher suites
/ Server Random
( Cipher suite
" Cer?ﬁcates
0 Session ID
1 Server key exchange data
ClientHello
ServerHello, Cer?ﬁcate, ServerKeyExchange, ServerHelloDone
, -
IV
III
II
I

View Slide

Handshake
SYN SYN ACK
. Client Random
( Cipher suites
/ Server Random
( Cipher suite
" Cer?ﬁcates
0 Session ID
ClientHello
1 Client key exchange data
ClientKeyExchange
, -
IV
III
II
I

View Slide

Handshake
SYN SYN ACK
. Client Random
( Cipher suites
/ Server Random
( Cipher suite
" Cer?ﬁcates
0 Session ID
ClientHello
ClientKeyExchange
SYMMETRIC KEY IS GENERATED
, -
IV
III
II
I

View Slide

Handshake
SYN SYN ACK
. Client Random
( Cipher suites
/ Server Random
( Cipher suite
" Cer?ﬁcates
0 Session ID
ClientHello
! Client switches to encryp?on
! MAC of handshake
ClientKeyExchange
ChangeCipherSpec, Finished
, -
IV
III
II
I

View Slide

Handshake
SYN SYN ACK
. Client Random
( Cipher suites
/ Server Random
( Cipher suite
" Cer?ﬁcates
0 Session ID
ClientHello
! MAC of handshake
ClientKeyExchange
! Server switches to encryp?on
! MAC of handshake
, -
IV
III
II
I

View Slide

Handshake
SYN SYN ACK
. Client Random
( Cipher suites
/ Server Random
( Cipher suite
" Cer?ﬁcates
0 Session ID
ClientHello
! MAC of handshake
ClientKeyExchange
! Server switches to encryp?on
! MAC of handshake
2 Applica?on data
2 Applica?on data
, -
IV
III
II
I

View Slide

Cipher Suites
A cipher suite is a selec?on of cryptographic primi?ves and other
parameters that deﬁnes exactly how security will be implemented.
Bulletproof SSL and TLS
IV
III
II
I

View Slide

Cryptographic primi>ves
At the lowest level, cryptography relies on various cryptographic
primi0ves. Each primi?ve is designed with a par?cular useful
func?onality in mind.
The primi?ves alone are not very useful, but we can combine them
into schemes and protocols to provide robust security.
For example, we might use one primi?ve for hashing, one for
encryp>on and another for integrity checking.
IV
III
II
I

View Slide

Obtaining an SSL cer>ﬁcate
II
IV
III
II
I

View Slide

self signed vs trusted
• Provides encryp?on
• Provides authen?ca?on
• Issued and signed by a publicly
trusted Cer?ﬁca?on Authority
• Suitable for produc?on
environments as well for
tes?ng
• Generally not free
• Provides encryp?on
• Doesn't provide authen?ca?on
• self-signed
• Generally used for tes?ng
• Free

View Slide

Cer?ficate Authority
A Cer?ficate Authority (CA) is a trusted, private en?ty that issues
digital cer?ficates.
IV
III
II
I

View Slide

Chain of trust
• Browsers and opera?ng systems include a list of trusted cer?ficates
• These cer?ficates are called root cer'ficates, and they generally belong to trusted
par?es, such as cer?ficate authori?es
IV
III
II
I

View Slide

Chain of trust
• When a cer?ficate authority issues a cer?ficate, they sign the cer?ficate with
their root cer?ficate
IV
III
II
I

View Slide

Chain of trust
• Truthfully, in most cases cer?fica?on authori?es use sub-cer?ficates to sign your
cer?ficate
• These cer?ficates are called intermediate cer'ficates, and they are signed with a
root cer?ficate
IV
III
II
I

View Slide

Chain of trust
• When the browser connects to a site via HTTPS, the browser reads the site
cer?ficate
• The cer?ficate doesn't match a trusted root cer?ficate
IV
III
II
I

View Slide

Chain of trust
• The browser aTempts to download the cer?ficate that was used to sign the
current cer?ficate
• The cer?ficate doesn't match a trusted root cer?ficate
IV
III
II
I

View Slide

Chain of trust
current cer?ficate
• The cer?ficate matches a root cer?ficate
• The original cer>ficate is trusted :)
• The en?re cer>ficate chain is trusted
3
IV
III
II
I

View Slide

Chain of trust
current cer?ficate
• The cer?ficate doesn't match a root cer?ficate, and there are no more cer?ficates
• The original cer>ficate is untrusted :(
• The en?re cer>ficate chain is untrusted
4
IV
III
II
I

View Slide

IV
III
II
I

View Slide

Create a Cer>ﬁcate
Generate a 
Private/Public key pair
$ openssl genrsa -des3 -out private.key 2048
...
Enter pass phrase for private.key:
Verifying - Enter pass phrase for private.key:
IV
III
II
I

View Slide

Generate a 
Generate a 
Cer?ﬁcate Signing Request (CSR)
$ openssl req -nodes -new -key private.key -out
server.csr
...
Country Name (2 letter code) [AU]:US
Common Name (eg, YOUR name) []:www.example.com
...
IV
III
II
I

View Slide

Generate a 
Generate a 
for a self-signed cer?ficate 
Sign the cer?ficate
$ openssl x509 -req -days 365 -in server.csr -signkey
private.key -out certificate.pem
hTps:/
/devcenter.heroku.com/ar?cles/ssl-cer?ficate-self
IV
III
II
I

View Slide

Request a trusted Cer>ficate
Generate a 
Generate a 
for a trusted cer?ficate 
Request the Cer?ficate (*)
Request generally means purchase.
You can purchase an SSL cer?ficate either
from a CA, or a reseller.
Some providers offer visual tools that help you
with the request process (e.g. by genera?ng
the CSR)
(*)
IV
III
II
I

View Slide

Request a trusted Cer>ficate
Generate a 
Generate a 
for a trusted cer?ficate 
Request the Cer?ficate (*)
• Select the cer?ficate type
• Submit the CSR
• Validate the request
• Obtain the cer?ficate
(*)
IV
III
II
I

View Slide

! (DV) Domain Validated
asserts control of a domain
! (OV) Organiza?on Validated
asserts control of a domain as well basic organiza?onal vepng
! (EV) Extended Valida?on
asserts control of a domain as well extended organiza?onal vepng
Cer>ﬁcate Types
IV
III
II
I

View Slide

5 Now you should have
1. A CSR file
2. A cer?ficate file
3. A private key file
4. (op0onally) A list of
intermediate cer?ficate files
-----BEGIN CERTIFICATE-----
MIIENjCCAx6gAwIBAgIBATANBgkqhkiG9w0BAQUFADBvMQswCQYDVQQGEwJTRTEU
MBIGA1UEChMLQWRkVHJ1c3QgQUIxJjAkBgNVBAsTHUFkZFRydXN0IEV4dGVybmFs
IFRUUCBOZXR3b3JrMSIwIAYDVQQDExlBZGRUcnVzdCBFeHRlcm5hbCBDQSBSb290
MB4XDTAwMDUzMDEwNDgzOFoXDTIwMDUzMDEwNDgzOFowbzELMAkGA1UEBhMCU0Ux
FDASBgNVBAoTC0FkZFRydXN0IEFCMSYwJAYDVQQLEx1BZGRUcnVzdCBFeHRlcm5h
bCBUVFAgTmV0d29yazEiMCAGA1UEAxMZQWRkVHJ1c3QgRXh0ZXJuYWwgQ0EgUm9v
dDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALf3GjPm8gAELTngTlvt
H7xsD821+iO2zt6bETOXpClMfZOfvUq8k+0DGuOPz+VtUFrWlymUWoCwSXrbLpX9
uMq/NzgtHj6RQa1wVsfwTz/oMp50ysiQVOnGXw94nZpAPA6sYapeFI+eh6FqUNzX
mk6vBbOmcZSccbNQYArHE504B4YCqOmoaSYYkKtMsE8jqzpPhNjfzp/haW+710LX
a0Tkx63ubUFfclpxCDezeWWkWaCUN/cALw3CknLa0Dhy2xSoRcRdKn23tNbE7qzN
E0S3ySvdQwAl+mG5aWpYIxG3pzOPVnVZ9c0p10a3CitlttNCbxWyuHv77+ldU9U0
WicCAwEAAaOB3DCB2TAdBgNVHQ4EFgQUrb2YejS0Jvf6xCZU7wO94CTLVBowCwYD
VR0PBAQDAgEGMA8GA1UdEwEB/wQFMAMBAf8wgZkGA1UdIwSBkTCBjoAUrb2YejS0
Jvf6xCZU7wO94CTLVBqhc6RxMG8xCzAJBgNVBAYTAlNFMRQwEgYDVQQKEwtBZGRU
cnVzdCBBQjEmMCQGA1UECxMdQWRkVHJ1c3QgRXh0ZXJuYWwgVFRQIE5ldHdvcmsx
IjAgBgNVBAMTGUFkZFRydXN0IEV4dGVybmFsIENBIFJvb3SCAQEwDQYJKoZIhvcN
AQEFBQADggEBALCb4IUlwtYj4g+WBpKdQZic2YR5gdkeWxQHIzZlj7DYd7usQWxH
YINRsPkyPef89iYTx4AWpb9a/IfPeHmJIZriTAcKhjW88t5RxNKWt9x+Tu5w/Rw5
6wwCURQtjr0W4MHfRnXnJK3s9EK0hZNwEGe6nQY1ShjTK3rMUUKhemPR5ruhxSvC
Nr4TDea9Y355e6cJDUCrat2PisP29owaQgVR1EX1n6diIWgVIEM8med8vSTYqZEX
c4g/VhsxOBi0cQ+azcgOno4uG+GMmIPLHzHxREzGBHNJdmAPx/i9F4BrLunMTA5a
mnkPIAou1Z5jJh5VkpTYghdae9C8x49OhgQ=
-----END CERTIFICATE-----
IV
III
II
I

View Slide

Deploying an SSL cer>ﬁcate
IV
III
II
I
III

View Slide

Install the cer>ficate on the server
along with the private key, and intermediate cer?ficate chain.
Configure HTTPS
configure protocol version, cypher suite and cypher sepngs.
To deploy HTTPS you need to:
IV
III
II
I

View Slide

History of secure protocols
SSL 1 Never released
SSL 2 1996 A number of security ﬂaws
SSL 3 1995 Broken. Vulnerable to POODLE aTack
TLS 1.0 1999
TLS 1.1 2006
TLS 1.2 2008
IV
III
II
I

View Slide

Example conﬁg
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
# ssl certificate config
ssl_certificate /path/to/certificate_and_intermediates;
ssl_certificate_key /path/to/private_key;
# ssl session config
ssl_session_timeout 1d;
ssl_session_cache shared:SSL:50m;
ssl_session_tickets off;
# protocol and cipher config
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH";
ssl_prefer_server_ciphers on;
}
IV
III
II
I

View Slide

hTps:/
/mozilla.github.io/server-side-tls/ssl-conﬁg-generator/
hTps:/
/cipherli.st/
IV
III
II
I

View Slide

Heroku
$ heroku addons:create ssl:endpoint
Adding ssl:endpoint on example... done, v1 ($20/mo)
$ heroku certs:add server.crt server.key
Adding SSL Endpoint to example... done
example now served by example-2121.herokussl.com.
Certificate details:
Expires At: 2012-10-31 21:53:18 GMT
Issuer: C=US; ST=CA; L=SF; O=Heroku; CN=www.example.com
Starts At: 2011-11-01 21:53:18 GMT
hTps:/
/devcenter.heroku.com/ar?cles/ssl-endpoint
hTps:/
/devcenter.heroku.com/ar?cles/ssl-cer?ﬁcate-dnsimple
IV
III
II
I

View Slide

Caddy server
hTps:/
/caddyserver.com/
IV
III
II
I

View Slide

Caddy server
IV
III
II
I

View Slide

hTps:/
/www.ssllabs.com/ssltest/
IV
III
II
I

View Slide

Lifecycle of a Cer>ﬁcate
6 Requested
! Issued
& Expired
4 Revoked
7 Rekeyed

View Slide

Serving HTTPS
IV
III
II
I
IV

View Slide

Cookie security
$ curl -I https://dnsimple.com
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Mar 2016 15:52:08 GMT
Content-Type: text/html; charset=utf-8
Connection: keep-alive
ETag: W/"f2d21600cdff911b9ee6a44dabcda234"
Cache-Control: max-age=0, private, must-revalidate
Set-Cookie: _session=eccefb19761929d668000056d1b2; path=/; HttpOnly; secure
X-Request-Id: 9d77f4c5-ab6b-443e-91bd-76a0383d8ab5
X-Runtime: 0.016254
Strict-Transport-Security: max-age=31536000
IV
III
II
I

View Slide

Mixed Content security error
IV
III
II
I

View Slide

Chrome security debugger
IV
III
II
I

View Slide

HSTS Header
$ curl -I https://dnsimple.com
HTTP/1.1 200 OK
Server: nginx
Date: Tue, 15 Mar 2016 15:52:08 GMT
Content-Type: text/html; charset=utf-8
Connection: keep-alive
ETag: W/"f2d21600cdff911b9ee6a44dabcda234"
Cache-Control: max-age=0, private, must-revalidate
Set-Cookie: _session=eccefb19761929d668000056d1b2; path=/; HttpOnly; secure
X-Request-Id: 9d77f4c5-ab6b-443e-91bd-76a0383d8ab5
X-Runtime: 0.016254
IV
III
II
I

View Slide

HSTS Header
The ﬁrst ?me your site is accessed using HTTPS and it returns the Strict-Transport-
Security header, the browser records this informa?on, so that future aTempts to
load the site using HTTP will automa?cally use HTTPS instead.
When the expira?on ?me speciﬁed by the Strict-Transport-Security header elapses,
the next aTempt to load the site via HTTP will proceed as normal instead of
automa?cally using HTTPS.
Strict-Transport-Security: max-age=31536000; includeSubDomains
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
IV
III
II
I

View Slide

HSTS Header
Strict-Transport-Security: max-age=31536000; includeSubDomains
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
hTps:/
/developer.mozilla.org/en-US/docs/Web/Security/HTTP_strict_transport_security
hTps:/
/hstspreload.appspot.com/
IV
III
II
I

View Slide

Public Key Pinning
hTps:/
/developer.mozilla.org/en-US/docs/Web/Security/Public_Key_Pinning
Public-Key-Pins: pin-sha256="base64=="; max-age=expireTime
[; includeSubdomains][; report-uri="reportURI"]
Public-Key-Pins: max-age=5184000;
pin-sha256="r/mIkG3eEpVdm+u/ko/cwxzOMo1bk4TyHIlByibiA5E=";
pin-sha256="WoiWRyIOVNa9ihaBciRSC7XHjliYS9VwUGOIud4PB18=";
pin-sha256="JbQbUG5JMJUoI6brnx0x3vZF6jilxsapbXGVfjhN8Fg="
IV
III
II
I

View Slide

SecurityHeaders.io
IV
III
II
I

View Slide

Let's Encrypt

View Slide

Bulletproof
SSL and TLS
hTp:/
/bit.ly/codemo?on2016-sslbook
⋆ ⋆ ⋆ ⋆ ⋆

View Slide

Simone Carle4
! hTps:/
/simonecarlep.com
@weppos
Thanks!

View Slide

Let's go HTTPS (Codemotion Rome 2016)

Let's go HTTPS (Codemotion Rome 2016)

Simone Carletti

More Decks by Simone Carletti

Other Decks in Technology

Featured

Transcript