TLS State of the Union

www.thales-esecurity.com OPEN

TLS State of the Union

ApacheCon NA 2016Sander Temme – sctemme@apache.org

2This document may not be reproduced, modified , adapted, published, translated, in any way , in whole or in part or disclosed to a third party without prior written consent of Thales - Thales © 2016 All rights reserved.

OPEN

3This document may not be reproduced, modified , adapted, published, translated, in any way , in whole or in part or disclosed to a third party without prior written consent of Thales - Thales © 2016 All rights reserved.

OPEN

Heartbleed Impact: >60% of sites vulnerable!

4This document may not be reproduced, modified , adapted, published, translated, in any way , in whole or in part or disclosed to a third party without prior written consent of Thales - Thales © 2016 All rights reserved.

OPEN

How Many Eyeballs Are There? Really?

5This document may not be reproduced, modified , adapted, published, translated, in any way , in whole or in part or disclosed to a third party without prior written consent of Thales - Thales © 2016 All rights reserved.

OPEN

The Linux Foundation Steps In

6This document may not be reproduced, modified , adapted, published, translated, in any way , in whole or in part or disclosed to a third party without prior written consent of Thales - Thales © 2016 All rights reserved.

OPEN

The Linux Foundation Steps In

7This document may not be reproduced, modified , adapted, published, translated, in any way , in whole or in part or disclosed to a third party without prior written consent of Thales - Thales © 2016 All rights reserved.

OPEN

Core Infrastructure Initiative Grant for OpenSSL Development

8This document may not be reproduced, modified , adapted, published, translated, in any way , in whole or in part or disclosed to a third party without prior written consent of Thales - Thales © 2016 All rights reserved.

OPEN

So, What Else Happened…

9This document may not be reproduced, modified , adapted, published, translated, in any way , in whole or in part or disclosed to a third party without prior written consent of Thales - Thales © 2016 All rights reserved.

OPEN

So, What Else Happened…

www.thales-esecurity.com OPEN

What’s Going On Today?

11This document may not be reproduced, modified , adapted, published, translated, in any way , in whole or in part or disclosed to a third party without prior written consent of Thales - Thales © 2016 All rights reserved.

OPEN

Pervasive TLS Deployment

▌High Traffic Sites now default to TLSGoogle, YouTube, Yahoo!, Facebook, Twitter, Netflix (soon), …

▌ Increased consciousness

▌ Increased expertiseSecurityPerformance (https://istlsfastyet.com)

▌Going Dark is the new defaultGoogle treats you better when you’re on TLS

12This document may not be reproduced, modified , adapted, published, translated, in any way , in whole or in part or disclosed to a third party without prior written consent of Thales - Thales © 2016 All rights reserved.

OPEN

Go Dark for Free: Let’s Encrypt!

▌Free, Automated, and Open Certificate tool

▌Supported by all the browsers

▌ It’s easy!Run software agent on serverMust have root on hostCreates SSL vhost for Apache httpd

13This document may not be reproduced, modified , adapted, published, translated, in any way , in whole or in part or disclosed to a third party without prior written consent of Thales - Thales © 2016 All rights reserved.

OPEN

The Backdoor Debate

14This document may not be reproduced, modified , adapted, published, translated, in any way , in whole or in part or disclosed to a third party without prior written consent of Thales - Thales © 2016 All rights reserved.

OPEN

The Backdoor Debate

15This document may not be reproduced, modified , adapted, published, translated, in any way , in whole or in part or disclosed to a third party without prior written consent of Thales - Thales © 2016 All rights reserved.

OPEN

16This document may not be reproduced, modified , adapted, published, translated, in any way , in whole or in part or disclosed to a third party without prior written consent of Thales - Thales © 2016 All rights reserved.

OPEN

Certificates Ain’t What They Used to Be

17This document may not be reproduced, modified , adapted, published, translated, in any way , in whole or in part or disclosed to a third party without prior written consent of Thales - Thales © 2016 All rights reserved.

OPEN

Certificates

▌Don’t use self-signedIt’s never been a good ideaNow even less so

▌PKI is HardDon’t set up your own toy PKIDo it right or not at all

▌Buy certs for Intranet sitesFrom cheap commercial CAsProblem solved

www.thales-esecurity.com OPEN

What’s Next?

19This document may not be reproduced, modified , adapted, published, translated, in any way , in whole or in part or disclosed to a third party without prior written consent of Thales - Thales © 2016 All rights reserved.

OPEN

More Patches

▌ Increased OpenSSL Development

▌ Increased Adoption

▌ Increased Scrutiny

▌ Which OpenSSL version?

The one that came with your OSyum update etc.

▌ OpenSSL release streams

0.9.x is dead, don’t use it1.0.1t released May 3, 20161.0.2h released May 3, 20161.1.x is in pre-release

Expect more patches, faster

20This document may not be reproduced, modified , adapted, published, translated, in any way , in whole or in part or disclosed to a third party without prior written consent of Thales - Thales © 2016 All rights reserved.

OPEN

Recommended Key Sizes

▌Currently (May 2016)RSA: 2048bitECC: 256bit

▌Hashes: SHA-256Chrome: certificates with SHA-1 in chain insecureRoot certificates with SHA-1 ok

https://security.googleblog.com/2014/09/gradually-sunsetting-sha-1.html

http://dx.doi.org/10.6028/NIST.SP.800-57pt1r4

21This document may not be reproduced, modified , adapted, published, translated, in any way , in whole or in part or disclosed to a third party without prior written consent of Thales - Thales © 2016 All rights reserved.

OPEN

Transport Layer Security 1.3

▌Currently in developmenthttps://tlswg.github.io/tls13-spec/

▌Faster

▌More secure

22This document may not be reproduced, modified , adapted, published, translated, in any way , in whole or in part or disclosed to a third party without prior written consent of Thales - Thales © 2016 All rights reserved.

OPEN

Serverwww.example.com

TLS Static Key Handshake

Root CA Certificate

Server Certificate

Client

Here’s a Secret Scooby Snack

Hello!

Hello, it’s me!

Verify Server Identity

Derive Session Keys

Encrypted Communications

NOM NOM decrypt

NOM

23This document may not be reproduced, modified , adapted, published, translated, in any way , in whole or in part or disclosed to a third party without prior written consent of Thales - Thales © 2016 All rights reserved.

OPEN

Serverwww.example.com

Handshake with Forward Secrecy

Root CA Certificate

Server Certificate

Client

Hello!

Hello, it’s me!

Verify Server Identity

Derive Session Keys

Encrypted Communications

24This document may not be reproduced, modified , adapted, published, translated, in any way , in whole or in part or disclosed to a third party without prior written consent of Thales - Thales © 2016 All rights reserved.

OPEN

Content Inspection

Interwebs

Inspection/WAF Origin Server(s)

Switch Origin Server(s)

httpd WAF

httpd

httpd

Inspection/WAF

TLS

TLS

Re-encrypt

Port spanning

TLS

25This document may not be reproduced, modified , adapted, published, translated, in any way , in whole or in part or disclosed to a third party without prior written consent of Thales - Thales © 2016 All rights reserved.

OPEN

Content Inspection in a Forward Secrecy World

InterwebsApplication

Delivery Controller

Origin Server(s)httpd

Inspection/WAF

plaintext

TLS Re-encrypt

26This document may not be reproduced, modified , adapted, published, translated, in any way , in whole or in part or disclosed to a third party without prior written consent of Thales - Thales © 2016 All rights reserved.

OPEN

27This document may not be reproduced, modified , adapted, published, translated, in any way , in whole or in part or disclosed to a third party without prior written consent of Thales - Thales © 2016 All rights reserved.

OPEN

Strong and Getting Stronger

▌Deeper understanding of the risks

▌ Improved developmentAttentionFunding

▌Pervasive adoption

28This document may not be reproduced, modified , adapted, published, translated, in any way , in whole or in part or disclosed to a third party without prior written consent of Thales - Thales © 2016 All rights reserved.

OPEN

What Can You Do?

▌Use the tools wellDon’t make smiley faces

▌ Inform yourselfMuch information on the googlewebs

▌Don’t be a certificate problemGet rid of SHA-1 based certsBrowser vendors don’t like to show errors to your users but they will

▌Deploy patchable infrastructureBetter software is just down the road

29This document may not be reproduced, modified , adapted, published, translated, in any way , in whole or in part or disclosed to a third party without prior written consent of Thales - Thales © 2016 All rights reserved.

OPEN

Further Reading

▌ TLS 1.3 RFC in developmenthttps://tlswg.github.io/tls13-spec/

▌Blogs, Talks, Presentationshttps://istlsfastyet.com/https://blog.twitter.com/2013/forward-secrecy-at-twitter-0https://blogs.windows.com/msedgedev/2015/11/04/sha-1-deprecation-update/https://t.co/83UYUE7XZP (Chrome browser SSL related warnings)http://arstechnica.com/security/2015/04/it-wasnt-easy-but-netflix-will-soon-use-https-to-secure-video-streams/https://security.googleblog.com/2014/08/https-as-ranking-signal_6.html

30This document may not be reproduced, modified , adapted, published, translated, in any way , in whole or in part or disclosed to a third party without prior written consent of Thales - Thales © 2016 All rights reserved.

OPEN

Questions and Discussion

▌http://www.slideshare.net/sctemme

▌ sctemme@apache.org

▌Follow @keysinthecloud on Twitter