Embed Size (px)
DESCRIPTION
The SSL and TLS protocols are critical to online security and performance. This session discusses how the SSL and TLS protocols work and how they are integrated with many AWS services such as Amazon CloudFront, Elastic Load Balancing, and Amazon S3. Learn how technologies such as Perfect Forward Secrecy and HSTS can be used to protect end-user data, and why browsers and servers are now removing support for version 3 of the SSL protocol, SHA-1 signatures and some encryption algorithms such as RC4. By the end of the session you'll be able to understand each of these technologies and how to adapt to the changing security landscape.
Citation preview
November 12, 2014 | Las Vegas, NV
Colm MacCárthaigh, Amazon Web Services
Secrecy Tamper proofAuthentication
1991 1994 1996 1999 2006 2008 2015
Bleichenbacher
1998
Vaudenay
2002
Pizza
2008Reneg
2009
BEAST
2011 Alert
2012
CRIME
2012
POODLE
2014
2012
RSA-1024
2013
RC42004
MD5
SSLv2
1995
SHA1
2011
2013
Lucky13
2014
3SHAKE
1991 1994 1996 1999 2006 2008 2015
1991 1994 1996 1999 2006 2008 2015
Legacy
Clients
Public/Private
key
encryption
Shared key
encryption
SignaturesHashes/Check
sums
colmmacc% ls -la /usr/bin/gcc
-rwxr-xr-x 1 root wheel 14160 Sep 26 19:06 /usr/bin/gcc
colmmacc% cat /usr/bin/gcc | shasum -a 256
24858b1cfa6ca73fd07ba4d5ea9df0e8f123930fbecff1541b13ca9522a34837
Hashes/Checksums
colmmacc% openssl speed rsa escdsa aes-128-cbc
67k/sec133k/sec
747k/sec
Public/Private
key
encryptionSignatures
Hashes/Check
sums
Internet Protocol
Transmission Control Protocol
TLS
Application Protocol (HTTP, SMTP, SQL … )
2Use public/private
keys to authenticate
and to establish a
shared secret
3Use the shared
secret to encrypt
and decrypt data
1Say hello and agree
on the algorithms to
use
Server
Hello
Server
Cert
Server
Key
Client
Key
Client
Finished
Server
Finished
App
Data
App
Data
Client
Hello
Client
Hello
Server
Hello
Server
Cert
Server
Key
Client
Key
Client
Finished
Server
Finished
App
Data
App
Data
2 31
Client
Hello
Server
Hello
Server
Cert
Server
Key
Client
Key
Client
Finished
Server
Finished
App
Data
App
Data
1 3
Client
Hello
Server
Hello
Server
Cert
Server
Key
Client
Key
Client
Finished
Server
Finished
App
Data
App
Data
Client protocol version, client time, 28 bytes of randomly generated data,
Client choice of Cipher Suites (in order of preference)
Server Name Indicator field
Cached Session ID / Cached Session Ticket
Client
Hello
Server
Hello
Server
Cert
Server
Key
Client
Key
Client
Finished
Server
Finished
App
Data
App
Data
2 3
Public/
Private
Algorithm
Perfect
Forward
Secrecy
Shared
Secret
Algorithm
Record
Auth
Algorithm
Protocol version to use, server time, 28 bytes of randomly generated data,
The Cipher Suite to use
Session ID / Session Ticket
Client
Hello
Server
Hello
Server
Cert
Server
Key
Client
Key
Client
Finished
Server
Finished
App
Data
App
Data
Client
Hello
Server
Hello
Server
Cert
Server
Key
Client
Key
Client
Finished
Server
Finished
App
Data
App
Data
# Generate a 2048-bit RSA private keyopenssl genrsa –out privkey.pem 2048
# Generate a certificate signing requestopenssl req -new -key privkey.pem -out cert.csr
Client
Hello
Server
Hello
Server
Cert
Server
Key
Client
Key
Client
Finished
Server
Finished
App
Data
App
Data
# Generate an Elliptic Curve keyopenssl ecparam –out privkey.pem –name prime256v1 –genkey
# Generate a certificate signing requestopenssl req -new -key privkey.pem -out cert.csr
Client
Hello
Server
Hello
Server
Cert
Server
Key
Client
Key
Client
Finished
Server
Finished
App
Data
App
Data
2012
RSA-10242004
MD5
SHA1
2011
Client
Hello
Server
Hello
Server
Cert
Server
Key
Client
Key
Client
Finished
Server
Finished
App
Data
App
Data
Nov 2014 Jan 2015 Jan 2015
31
Dec 2015
Client
Hello
Server
Hello
Server
Cert
Server
Key
Client
Key
Client
Finished
Server
Finished
App
Data
App
Data
O C S P
Client
Hello
Server
Hello
Server
Cert
Server
Key
Client
Key
Client
Finished
Server
Finished
App
Data
App
Data
Used for Perfect Forward Secrecy
A Diffie-Hellman public parameter is generated and sent to the client
Client
Hello
Server
Hello
Server
Cert
Server
Key
Client
Key
Client
Finished
Server
Finished
App
Data
App
Data
Perfect forward secrecy version:
Client sends another Diffie-Hellman parameter, encrypted using the server’s
public key
Legacy version:
Client sends a secret, encrypted using the server’s public key
Client
Hello
Server
Hello
Server
Cert
Server
Key
Client
Key
Client
Finished
Server
Finished
App
Data
App
Data
We’re finished and ready to send encrypted data.
There’s also a “Change cipher suite” message to initiate encryption.
Client
Hello
Server
Hello
Server
Cert
Server
Key
Client
Key
Client
Finished
Server
Finished
App
Data
App
Data
GET / HTTP/1.1Host: aws.amazon.comAccept-Encoding: gzip,deflate,sdchAccept-Language: en-US,en;q=0.8
Client
Hello
Server
Hello
Server
Cert
Server
Key
Client
Key
Client
Finished
Server
Finished
App
Data
App
Data
Reneg
2009
2014
3SHAKE
Pizza
2008
Public/
Private
Algorithm
Perfect
Forward
Secrecy
Shared
Secret
Algorithm
Record
Auth
Algorithm
Message
Type
Protocol
Version
Record
LengthEncrypted
Message
Type
Protocol
Version
Record
LengthEncrypted Encrypted Encrypted
Message
Type
Protocol
Version
Record
LengthEncrypted
Message
Type
Protocol
Version
Record
LengthEncrypted Encrypted Encrypted
Message
Type
Protocol
Version
Record
LengthHMACData
Message
Type
Protocol
Version
Record
LengthHMACData
P
A
D
Bleichenbacher
1998
Vaudenay
2002BEAST
2011
POODLE
2014
2013
RC42004
MD5
SHA1
2011
2013
Lucky13
Message
Type
Protocol
Version
Record
Length
Message
Type
Protocol
Version
Record
Length
Message
Type
Protocol
Version
Record
LengthHMACData
Message
Type
Protocol
Version
Record
Length
Encrypted
Initialization
VectorEncrypted Encrypted
TAG
Data
P
A
D
Nonce
POODLE
2014
Message
Type
Protocol
Version
Record
LengthEncrypted Encrypted Encrypted
Message
Type
Protocol
Version
Record
LengthHMACData PAD
Message
Type
Protocol
Version
Record
LengthEncrypted Encrypted
Message
Type
Protocol
Version
Record
LengthHMACData PAD
Encrypted
Message
Type
Protocol
Version
Record
LengthEncrypted Encrypted Encrypted
Message
Type
Protocol
Version
Record
LengthHMAC PAD
BEAST
2011
POODLE
2014
Pizza
2008
CRIME
2012
GET / HTTP/1.1\r\nCookie:1 1 2
GET /a HTTP/1.1\r\nCookie: 1 2 1
ECDHE
DHE
No Perfect
Forward
Secrecy
AES-128
AES-256
3DES
RC4
ECDSA
RSA
GCM
SHA128
SHA256
SHA1
MD5
ECDHE AES-128ECDSA GCM
ECDHE AES-128ECDSA
SHA128
ECDHE AES-128ECDSA
SHA256
ECDHE AES-128ECDSA
SHA1
ECDHE AES-128ECDSA
MD5
ECDHEAES-256
ECDSA GCM
No Perfect
Forward
Secrecy
RC4
RSA
SHA1
11NOV
12NOV
H S T SStrict-Transport-Security: mag-age=15768000, includeSubdomains
http://mozilla.github.io/server-side-tls/ssl-config-generator/
http://aws.amazon.com/security
SDD423 – Elastic Load Balancing Deep Dive
PFC303 – Milliseconds Matter
