SlideShare a Scribd company logo

HTTPS, Here and Now

P
Philippe De Ryck

The tools at our disposal today for deploying HTTPS are tremendously powerful, and easy to use. Initiatives like Let's Encrypt offer certificates, and new security policies like HSTS and HPKP allow you to protect against extremely powerful attacks. HTTPS, Here and Now! This was an invited talk at the ICT Security Happening, organized by the VDAB Competence Center in Leuven.

Technology
1 of 90
Download to read offline
HTTPS, Here and Now Philippe De Ryck @PhilippeDeRyck Invited Speaker @ VDAB ICT Security Happening https://www.websec.be
What Is this HTTPS Thing? 2 Visit website, browse public pages Login with username and password Consult private information
It’s for Sending Sensitive Data 3 Visit website, browse public pages Login with username and password Consult private information
But All Data Is Sensitive! 4 Visit website, browse public pages Login with username and password Consult private information
But All Data Is Sensitive! 5 Visit website, browse public pages Login with username and password Consult private information
About Me – Philippe De Ryck 6 § Postdoctoral Researcher @ DistriNet (KU Leuven) § Focus on (client-side) Web security § Responsible for the Web Security training program § Dissemination of knowledge and research results § Target audiences include industry and researchers § Main author of the Primer on Client-Side Web Security § 7 attacker models, broken down in 10 capabilities § 13 attacks and their countermeasures § Overview of security best practices https://www.websec.be@PhilippeDeRyck
Overview 7 § HTTPS, under the hood § The basics of the HTTPS protocol § TLS, keys, certificates, … § Deploying HTTPS in practice § Requesting certificates § Server configuration § HTTPS on the application layer § Interactions between TLS and the Web application § The security risks of incorrectly deploying HTTPS
SSL and TLS – A bit of History 8 1994 SSL 1.0 Invented by Netscape, but never released 1995 SSL 2.0 Improvement of SSL 1.0. Quickly considered to be flawed 1996 SSL 3.0 Full rewrite, with stronger security. Will be actively used till 2014 1999 TLS 1.0 Standardization of SSL 3.0, with small improvements 2006 TLS 1.1 Update of TLS 1.0, with stronger cipher suites 2008 TLS 1.2 Update of TLS 1.1, with stronger cipher suites, and support for extensions … TLS 1.3 Strong push towards better security, with removal of old algorithms and enforcement of forward secrecy 2011 Backwards compatibility with old SSL versions (< 3) removed from spec
Opinions about HTTPS 9 § It’s really complicated, and we can not set it up § That’s why there is CloudFlare and Let’s Encrypt § It’s too costly ($$$, CPU, network) § There are free certs, and your CPU has AES instructions § Netflix does it
10http://arstechnica.com/security/2015/04/it-wasnt-easy-but-netflix-will-soon-use-https-to-secure-video-streams/ http://expandedramblings.com/index.php/netflix_statistics-facts/3/ 329 gb Amount of data pushed in 2015 400 000000
Opinions about HTTPS 11 § It’s really complicated, and we can not set it up § That’s why there is CloudFlare and Let’s Encrypt § It’s too costly ($$$, CPU, network) § There are free certs, and your CPU has AES instructions § Netflix does it § It doesn’t work well with caching § That’s why there are localized CDNs § You need one IP per website § Not since Windows XP has died …
HTTPS under the Hood 12
The S in HTTPS 13 § HTTP protocol over a secure channel § Established by the SSL/TLS protocol § Separate URI scheme within the browser HTTP:// HTTPS:// Network Stack TLS HTTPS:// HTTP:// Network Stack TLS
Positioning TLS in the Stack 14 Application Transport Internet Network HTTP TCP IP Ethernet Data Data TCP Header Data TCP Header IP Header Data TCP Header IP Header Frame Header Frame Footer
Positioning TLS in the Stack 15 Application Transport Internet Network TLS TCP IP Ethernet TLS Record TLS Record TCP Header TLS Record TCP Header IP Header TLS Record TCP Header IP Header Frame Header Frame Footer HTTP DataIMAPPOP… UDP
TLS in a Nutshell 16 § The secure channel is capable of offering … § Data confidentiality § Data integrity § Mutual entity authentication § The handshake protocol is used to negotiate parameters § The record protocol is the workhorse, transmitting data TLS Record Protocol Secure Communication Channel TLS Handshake Protocol
A Closer Look at the TLS Record Protocol 17 Application Data Fragment Compress Append Record Header Encrypt Add Integrity Check Data Integrity ensures that tampering will be detected Confidentiality ensures that the data will be private
The TLS Handshake Protocol, Simplified 18 Hi some-shop.com, Give me your key please? some-shop.com
TLS Depends on Public Key Certificates 19 § A certificate asserts that a public key X belongs to party Y § Issued by a Certificate Authority § Generally for a lot of € € € § Different levels of validation
Certificates and CAs 20 Root CAs Intermediate CAs Hey, I would like to be a CA. Please vouch that this is my key? Hey, I’m some-shop.com. Please vouch that this is my key?
The Importance of Certificates in TLS 21 ? Hi some-shop.com, Give me your key please? Hi some-shop.com, Give me your key please? some-shop.com
The Importance of Certificates in TLS 22 Give me your key please? Give me your key please? ?
Browser Warnings Are Scary 23 http://www.slate.com/articles/technology/future_tense/2015/02/ssl_warnings_users_ignore_them_can_we_fix_that.html
But Can Easily Be Avoided 24 http://www.techfor.us/2015/06/your-connection-is-not-private-er_cert_common_name_invalid/
Similar Story With Mobile Apps 25
Doing It Right Is More Effort 26 https://developer.android.com/training/articles/security-ssl.html
A Closer Look at the TLS Handshake 27 Client Hello (ciphers, extensions, …) Server Hello (cipher, extensions, …) Client Finished Server Finished Server Hello Done Verify Certificate Generate Pre- master secret Calculate keys Calculate keys Pre-master secret
Putting it Together in the Handshake 28 Client Hello (ciphers, extensions, …) Server Hello (cipher, extensions, …) Client Finished Server Finished Server Hello Done Verify Certificate Generate Pre- master secret Calculate keys Calculate keys Pre-master secret Entity Authentication
Putting it Together in the Handshake 29 Client Hello (ciphers, extensions, …) Server Hello (cipher, extensions, …) Client Finished Server Finished Server Hello Done Verify Certificate Generate Pre- master secret Calculate keys Calculate keys Pre-master secret Key Exchange
Putting it Together in the Handshake 30 Client Hello (ciphers, extensions, …) Server Hello (cipher, extensions, …) Client Finished Server Finished Server Hello Done Verify Certificate Generate Pre- master secret Calculate keys Calculate keys Pre-master secret Encryption / Integrity Checking
Putting it Together in the Handshake 31 Client Hello (ciphers, extensions, …) Server Hello (cipher, extensions, …) Client Finished Server Finished Server Hello Done Verify Certificate Generate Pre- master secret Calculate keys Calculate keys Pre-master secret Cipher Suite Negotiation
Example of the TLS Handshake 32
Overview 33 § HTTPS, under the hood § The basics of the HTTPS protocol § TLS, keys, certificates, … § Deploying HTTPS in practice § Requesting certificates § Server configuration § HTTPS on the application layer § Interactions between TLS and the Web application § The security risks of incorrectly deploying HTTPS
Deploying HTTPS in practice 34
Deploying TLS Can Be Complex 35 § The administrator needs to take a lot of steps § Create keys § Request certificate § Verify and complete the certificate chain § Configure the service to use TLS § Often used as an argument against TLS § But no longer valid, as we will see shortly …
Deploying HTTPS Step By Step 36 § To request a certificate, you need a key pair § From which you can generate a certificate signing request § With this CSR, you can get a certificate from a CA openssl genrsa –out websec_sandbox00.key 2048 openssl req –new –sha256 –key … –out ….csr
StartSSL Offers Free Certificates 37
Requesting a Certificate From StartSSL 38
Requesting a Certificate From StartSSL 39
Deploying HTTPS Step By Step 40 -----BEGIN CERTIFICATE----- MIIGQzCCBSugAwIBAgIHBkV4e/No3zANBgkqhkiG9w0BAQsFADCBjDELMAkGA1UEBhMCSUwxFjAUBgNVBAoTDVN0YXJ0Q29tIE x0ZC4xKzApBgNVBAsTIlNlY3VyZSBEaWdpdGFsIENlcnRpZmljYXRlIFNpZ25pbmcxODA2BgNVBAMTL1N0YXJ0Q29tIENsYXNz IDEgUHJpbWFyeSBJbnRlcm1lZGlhdGUgU2VydmVyIENBMB4XDTE1MDkxMzExMjIwM1oXDTE2MDkxMzAyMDgzM1owUDELMAkGA1 UEBhMCQkUxHDAaBgNVBAMTE3NhbmRib3gyMC53ZWJzZWMuYmUxIzAhBgkqhkiG9w0BCQEWFGhvc3RtYXN0ZXJAd2Vic2VjLmJl MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxtC9jgaVoZiw5kiiz7E5JGWHELnlv74R2hk7Ziw9gQzcIe3HXQTjAl BePyvXCfy/wrYbrCO1coOGH3xLBQwV4UDaWB1eVo+yO50GPn6DBet7Dvk+XS1MUceOCfzeGP+FdowA8oDe0kNe49SE8NWjELvG rYDB0pugumgsz/4ww+9kvdqrltXekzpxRYFte67jmctDVi+4nYmZjkz5HT0cV4XcXKBvLqt96hjaxTJAPTqzdvF6t2gkY42M6T QecHoIFN3N3o+wVEEh+7rT7zCLP7Sw6eGj9FkF/HIDtV4EntyaKwcGbQrnqy6zIA02pcrL1AlK9oPbizXEiNE7DqMS8wIDAQAB o4IC4zCCAt8wCQYDVR0TBAIwADALBgNVHQ8EBAMCA6gwEwYDVR0lBAwwCgYIKwYBBQUHAwEwHQYDVR0OBBYEFJzCyX0Qjl8z3F f2jLwihh36m5J+MB8GA1UdIwQYMBaAFOtCNNCYsKuf9BtrCPfMZC7vDixFMCkGA1UdEQQiMCCCE3NhbmRib3gyMC53ZWJzZWMu YmWCCXdlYnNlYy5iZTCCAVYGA1UdIASCAU0wggFJMAgGBmeBDAECATCCATsGCysGAQQBgbU3AQIDMIIBKjAuBggrBgEFBQcCAR YiaHR0cDovL3d3dy5zdGFydHNzbC5jb20vcG9saWN5LnBkZjCB9wYIKwYBBQUHAgIwgeowJxYgU3RhcnRDb20gQ2VydGlmaWNh dGlvbiBBdXRob3JpdHkwAwIBARqBvlRoaXMgY2VydGlmaWNhdGUgd2FzIGlzc3VlZCBhY2NvcmRpbmcgdG8gdGhlIENsYXNzID EgVmFsaWRhdGlvbiByZXF1aXJlbWVudHMgb2YgdGhlIFN0YXJ0Q29tIENBIHBvbGljeSwgcmVsaWFuY2Ugb25seSBmb3IgdGhl IGludGVuZGVkIHB1cnBvc2UgaW4gY29tcGxpYW5jZSBvZiB0aGUgcmVseWluZyBwYXJ0eSBvYmxpZ2F0aW9ucy4wNQYDVR0fBC 4wLDAqoCigJoYkaHR0cDovL2NybC5zdGFydHNzbC5jb20vY3J0MS1jcmwuY3JsMIGOBggrBgEFBQcBAQSBgTB/MDkGCCsGAQUF BzABhi1odHRwOi8vb2NzcC5zdGFydHNzbC5jb20vc3ViL2NsYXNzMS9zZXJ2ZXIvY2EwQgYIKwYBBQUHMAKGNmh0dHA6Ly9haW Euc3RhcnRzc2wuY29tL2NlcnRzL3N1Yi5jbGFzczEuc2VydmVyLmNhLmNydDAjBgNVHRIEHDAahhhodHRwOi8vd3d3LnN0YXJ0 c3NsLmNvbS8wDQYJKoZIhvcNAQELBQADggEBAJq45Um2ULzWpSIaK1pBGcEScEJcP9ZOZLKsZ1kV+0XV2sTXSUd5Wzha0mTkIb BLpJ0ap68je4iN8kIC0A6RjCTKYwqEgXgRM9XMC360kIyNTJ2ZqpVj+qt/ahxW7xjAhchJB293aNNrDgVLq6ms1kUGQL5LM2cS ULL4kt9Tz5f88ayMWTYftKSCXtyKmDeYVbnXi/1FWGXX09hmdqxkWcIqdb1pXzD9AouSG0ZBfVgIk3vmMvghX/V7DdOIKf/2El uQrIXhnJze/mOm566NPdJqge6o5IC3NPGos6SLK3RtPGNttJwzg6IvEpeYPunjjuRfFAtWIvciqTC83aoRWIo= -----END CERTIFICATE-----
Deploying HTTPS Step By Step 41 § With the keys and certificate, we can configure the server § Define a new virtual host § Enable the SSL engine § Point to the private key and certificate # Example NGINX configuration (bare essentials) server { listen 443; server_name sandbox00.websec.be; root /site; ssl on; ssl_certificate /etc/ssl/websec_sandbox00.pem; ssl_certificate_key /etc/ssl/websec_sandbox00.key; ssl_protocols SSLv3 TLSv1.0 TLSv1.1 TLSv1.2; ssl_prefer_server_ciphers on; }
Deploying HTTPS Step By Step 42 § With the keys and certificate, we can configure the server § Define a new virtual host § Enable the SSL engine § Point to the private key and certificate # Example Apache configuration (bare essentials) <VirtualHost *:443> ServerName sandbox00.websec.be DocumentRoot /site SSLEngine On SSLCertificateFile /etc/ssl/websec_sandbox00.pem SSLCertificateKeyFile /etc/ssl/websec_sandbox00.key </VirtualHost>
Still a Tedious Process … 43 https://letsencrypt.org
Let’s Encrypt Pushes for HTTPS Everywhere 44 § Free certificates for everyone § Let’s Encrypt has established a CA to issue certificates § They have built a toolchain to automate the process git clone https://github.com/letsencrypt/letsencrypt . ./letsencrypt-auto certonly --webroot -w /var/www/ -d www.websec.be
Let’s Encrypt Automates Domain Validation 45 https://letsencrypt.org/howitworks/technology/
Let’s Encrypt Automates Certificate Issuing 46 https://letsencrypt.org/howitworks/technology/
Where Should a Connection Go? 47 Client Hello (ciphers, extensions, …) Server Hello (cipher, extensions, …) Client Finished Server Finished Server Hello Done Verify Certificate Generate Pre- master secret Calculate keys Calculate keys Pre-master secret GET example.com
Server Name Indication (SNI) 48 § SNI is a TLS extension § Includes the hostname a client is connecting to § Allows the server software to send it to the correct virtual host § SNI allows admins to run multiple TLS servers on one IP § Which is great, since IPv4 addresses are limited anyway § Client support has increased a lot since Windows XP died J § Often only one SSL configuration per Web server supported § Because underlying stack takes care of it
SSL Termination 49 § A single point in the network where SSL connections end § Sensitive key material is stored in one single place § Dedicated crypto hardware can take care of the SSL operations § Internal servers run interactive web sites § Higher chance of getting compromised § They can use self-signed certs internally § Server software may be less trustworthy than the termination point
Overview 50 § HTTPS, under the hood § The basics of the HTTPS protocol § TLS, keys, certificates, … § Deploying HTTPS in practice § Requesting certificates § Server configuration § HTTPS on the application layer § Interactions between TLS and the Web application § The security risks of incorrectly deploying HTTPS
HTTPS on the Application Layer 51
Verifying your TLS Deployment 52 § How do you know if you deployed HTTPS correctly? § The browser seems to be happy … § But the browser is very forgiving if you screw up § Qualys offers an SSL server test § Checks your configuration against current best practices § Gives you a grade based on how good/bad your setup is
https://www.ssllabs.com/ssltest/
Default Ubuntu 14.04 LTS Installation https://www.ssllabs.com/ssltest/
https://www.ssllabs.com/ssltest/
Want to Run Your Own Test? 56 https://www.ssllabs.com/ssltest/
Great TLS Score, but what with Security? 57 https://www.ssllabs.com/ssltest/
Deploying Sites over HTTP is a Bad Idea 58some-shop.com Visit http://some-shop.com Welcome, please log in Login as Philippe to http://some-shop.com/login Welcome Philippe Visit http://some-shop.com/catalog Here you go Philippe, please buy lots of stuff …
Deploying Sites over HTTP is a Bad Idea 59 § Eavesdropping attacks are trivial nowadays § But nobody cares … § Take the BEL20 ... Only 2 sites use HTTPS for their main page 2 sites even submit login forms over HTTP http://deredactie.be/cm/vrtnieuws/binnenland/1.2163105 http://www.clickx.be/nieuws/134342/telenet-laat-je-surfen-via-de-modem-van-je-buren/
HTTPS to the Rescue 60some-shop.com Visit http://some-shop.com Welcome, please log in Login as Philippe to https://some-shop.com/login Welcome Philippe Visit http://some-shop.com/catalog Here you go Philippe, please buy lots of stuff
Session Hijacking 61some-shop.com Visit http://some-shop.com Welcome, please log in Login as Philippe to https://some-shop.com/login Welcome Philippe Visit http://some-shop.com/catalog Here you go Philippe, please buy lots of stuff Visit http://some-shop.com/catalog Here you go Philippe, please buy lots of stuff
Man in the Middle Attacks 62 some-shop.com Visit http://some-shop.com Welcome, please log in Login as Philippe Welcome Philippe Send items to address X Items will be sent to X Visit http://some-shop.com Welcome, please log in Login as Philippe Welcome Philippe Send items to address A Items will be sent to A
Stripping HTTPS from Login Forms 63 some-shop.com Visit http://some-shop.com Welcome, please log in Login as Philippe Welcome Philippe Send items to address X Items will be sent to X Visit http://some-shop.com Welcome, please log in Login as Philippe Welcome Philippe Send items to address A Items will be sent to A Rewrite HTTPS to HTTP
Demo Time 64 § Demo with the Wifi Pineapple § Wireless honeypot § Can be configured as a hotspot § Can also mimic other hotspots
Our Setup 65 § We control the wireless access point § Full man-in-the-middle attack some-shop.com
Stripping HTTPS from Login Forms 66 some-shop.com Visit http://some-shop.com Welcome, please log in Login as Philippe Welcome Philippe Send items to address X Items will be sent to X Visit http://some-shop.com Welcome, please log in Login as Philippe Welcome Philippe Send items to address A Items will be sent to A Rewrite HTTPS to HTTP
HTTPS Prevents Man in the Middle Attacks 67 some-shop.com Visit https://some-shop.com Welcome, please log in Login as Philippe Welcome Philippe Send items to address X Items will be sent to X Visit https://some-shop.com Welcome, please log in Login as Philippe Welcome Philippe Send items to address A Items will be sent to A
Bootstrapping the HTTPS Site 68 GET http://some-shop.com some-shop.com 301 Moved Permanently Location: https://some-shop.com GET https://some-shop.com 200 OK Response page
SSL Stripping 69 GET http://some-shop.com 200 OK Response page POST http://some-shop.com GET http://… 301 Moved GET https://… 200 OK Rewrite HTTPS URLs User: philippe & pass: pazzw0rd POST https://… some-shop.com
HTTP Strict Transport Security (HSTS) 70 § Instruct the browser to only visit a site over HTTPS § Once-enabled no HTTP requests will be sent anymore § Prevents SSL stripping attacks § Prevents cookie stealing over HTTP GET https://websec.be websec.be 200 OK Response page
Diving into HSTS 71 § HSTS is a server-driven browser-enforced security policy § Server sends the Strict-Transport-Security response header § Browser enforces this for the lifetime specified in the header § Effectively prevents SSL stripping attacks § HSTS originates from a research proposal: ForceHTTPS § First proposed in 2008, standardized in 2012 Strict-Transport-Security: max-age=31536000
Specifying the HSTS header 72 § Configuration is straightforward § max-age specifies the duration for forcing the use of HTTPS § includeSubdomains specifies whether subdomains are included § The protection is only applied for the duration of max-age § Make sure this value covers non-frequent visitors § The value 0 disables the HSTS policy for this particular host • Only if received over an error-free channel 4 4 7 11From version … 4.4.4 7.1 Strict-Transport-Security: max-age=31536000; includeSubdomains
HSTS Best Practices 73 § HSTS Header processing § HSTS response headers must be sent over a secure channel § Headers received on an insecure channel are ignored § Incorrectly formatted headers are ignored § Only the first header will be processed § HSTS does not care about TCP ports § Matches only on hostname § Port 80 is translated to 443, other ports are preserved
HSTS Overview 74 GET https://websec.be websec.be 200 OK Response page Strict-Transport-Security: max-age=31536000; includeSubdomains GET https://websec.be 200 OK Response page Strict-Transport-Security: max-age=31536000; includeSubdomains www.websec.be GET https://www.websec.be 200 OK Response page Strict-Transport-Security: max-age=31536000; includeSubdomains
The Bootstrapping Problem … Again 75 GET https://websec.be websec.be 200 OK Response page Strict-Transport-Security: max-age=31536000; includeSubdomains GET https://websec.be 200 OK Response page Strict-Transport-Security: max-age=31536000; includeSubdomains www.websec.be GET https://www.websec.be 200 OK Response page Strict-Transport-Security: max-age=31536000; includeSubdomains
Preloading HSTS 76 § The bootstrapping problem is solved by a preloaded list § Contains all sites that have explicitly subscribed to HSTS § Distributed along with the browsers § Available on https://hstspreload.appspot.com/
Conditions for making the preload list 77 § Having a valid certificate (no SHA1 allowed after 2016) § Redirect all HTTP traffic to HTTPS § Serve all subdomains over HTTPS (especially www if it exists) § Serve HSTS on the base domain (e.g. websec.be) § Max-age of at least 18 weeks § includeSubdomains must be specified § preload must be specified § In case of a redirect, specify HSTS on the redirect, not the destination Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
Inspecting HSTS in the Browser 78 § Available through chrome://net-internals/#hsts
Inspecting HSTS in the Browser 79 § Available through chrome://net-internals/#hsts
Inspecting HSTS in the Browser 80 § Available through chrome://net-internals/#hsts
How to Get an A+ Rating? 82 ssl on; ssl_certificate /etc/letsencrypt/live/www.websec.be/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/www.websec.be/privkey.pem ssl_dhparam /etc/ssl/dhparams.pem; ssl_session_timeout 5m; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers 'ECDHE-ECDSA-AES128-GCM-SHA256 ECDHE-ECDSA-AES256-GCM- SHA384 ECDHE-ECDSA-AES128-SHA ECDHE-ECDSA-AES256-SHA ECDHE-ECDSA- AES128-SHA256 ECDHE-ECDSA-AES256-SHA384 ECDHE-RSA-AES128-GCM-SHA256 ECDHE-RSA-AES256-GCM-SHA384 ECDHE-RSA-AES128-SHA ECDHE-RSA-AES256-SHA ECDHE-RSA-AES128-SHA256 ECDHE-RSA-AES256-SHA384 DHE-RSA-AES128-GCM- SHA256 DHE-RSA-AES256-GCM-SHA384 DHE-RSA-AES128-SHA DHE-RSA-AES256- SHA DHE-RSA-AES128-SHA256 DHE-RSA-AES256-SHA256'; ssl_prefer_server_ciphers on; add_header Strict-Transport-Security "max-age=31556926";}
Conclusion 83
Things Will Get Worse … 84 § More SSL/TLS failures will be discovered § CAs misbehaving or getting hacked § Server administrators deploying imperfect configurations § Client software being clueless about SSL http://www.pentestpartners.com/blog/hacking-defcon-23s-iot-village-samsung-fridge/ http://www.zdnet.com/article/hundreds-of-android-apps-open-to-ssl-linked-intercept-fail/
The Push for HTTPS Will Become Stronger 85 § Browser vendors and corporations are pushing for HTTPS § Google already uses HTTPS as a ranking signal for search § Mozilla will mark HTTP sites with password fields as insecure § The US government mandates the use of HTTPS § All publicly accessible sites § By the end of 2016 § The use of HTTPS is gaining widespread attention § Mainstream media pick up an HTTPS story now and then § Remember the article about Belgian banks
Wrapping Up 86 § The time of closed networks is over § Networks are available everywhere, to all kinds of devices § Do not put explicit trust in the network infrastructure § HTTPS effectively prevents passive and active attacks § New security policies push security even further (HSTS, HPKP) § For the first time, we can defend against very powerful attacks § Only awareness is standing in the way of HTTPS deployment
Week-long application security course https://www.secappdev.org
Progressive Web Security course 1. Why simply deploying HTTPS will not get you an A+ grade 2. How to avoid common pitfalls in authentication and authorization 3. Why modern security technologies will eradicate XSS 4. Four new browser communication mechanisms, and how they affect you State-of-the-art technologies Hands-on labs included 3rd edition starts on April 12th 2016 https://www.websec.be
HTTPS, Here and Now Acknowledgements Icons by Visual Pharm (https://icons8.com)
HTTPS, Here and Now Philippe De Ryck philippe.deryck@cs.kuleuven.be /in/philippederyck https://www.websec.be @PhilippeDeRyck

Recommended

HTTPS: All you need to know
HTTPS: All you need to knowHTTPS: All you need to know
HTTPS: All you need to knowOVHcloud
 
WPNYC: Moving your site to HTTPS
WPNYC: Moving your site to HTTPSWPNYC: Moving your site to HTTPS
WPNYC: Moving your site to HTTPSPaul Schreiber
 
HTTPS and YOU
HTTPS and YOUHTTPS and YOU
HTTPS and YOUEric Lewis
 
HTTPS: What, Why and How (SmashingConf Freiburg, Sep 2015)
HTTPS: What, Why and How (SmashingConf Freiburg, Sep 2015)HTTPS: What, Why and How (SmashingConf Freiburg, Sep 2015)
HTTPS: What, Why and How (SmashingConf Freiburg, Sep 2015)Guy Podjarny
 
HTTPS Explained Through Fairy Tales
HTTPS Explained Through Fairy TalesHTTPS Explained Through Fairy Tales
HTTPS Explained Through Fairy TalesOVHcloud
 
Ost ssl lec
Ost ssl lecOst ssl lec
Ost ssl lecKaustubh Joshi
 
TLS
TLSTLS
TLSDaniel Stenberg
 
How broken is TLS?
How broken is TLS?How broken is TLS?
How broken is TLS?hannob
 

Recommended

HTTPS: All you need to know
HTTPS: All you need to knowHTTPS: All you need to know
HTTPS: All you need to knowOVHcloud
 
WPNYC: Moving your site to HTTPS
WPNYC: Moving your site to HTTPSWPNYC: Moving your site to HTTPS
WPNYC: Moving your site to HTTPSPaul Schreiber
 
HTTPS and YOU
HTTPS and YOUHTTPS and YOU
HTTPS and YOUEric Lewis
 
HTTPS: What, Why and How (SmashingConf Freiburg, Sep 2015)
HTTPS: What, Why and How (SmashingConf Freiburg, Sep 2015)HTTPS: What, Why and How (SmashingConf Freiburg, Sep 2015)
HTTPS: What, Why and How (SmashingConf Freiburg, Sep 2015)Guy Podjarny
 
HTTPS Explained Through Fairy Tales
HTTPS Explained Through Fairy TalesHTTPS Explained Through Fairy Tales
HTTPS Explained Through Fairy TalesOVHcloud
 
Ost ssl lec
Ost ssl lecOst ssl lec
Ost ssl lecKaustubh Joshi
 
TLS
TLSTLS
TLSDaniel Stenberg
 
How broken is TLS?
How broken is TLS?How broken is TLS?
How broken is TLS?hannob
 
Random musings on SSL/TLS configuration
Random musings on SSL/TLS configurationRandom musings on SSL/TLS configuration
Random musings on SSL/TLS configurationextremeunix
 
Getting started with HTTPS | LumoSpark webinar
Getting started with HTTPS | LumoSpark webinar Getting started with HTTPS | LumoSpark webinar
Getting started with HTTPS | LumoSpark webinar LumoSpark
 
Let's Encrypt! Wait. Why? How?
Let's Encrypt! Wait. Why? How?Let's Encrypt! Wait. Why? How?
Let's Encrypt! Wait. Why? How?Nancy Thanki
 
Let's Encrypt! Wait. Why? How? - WC Pune
Let's Encrypt! Wait. Why? How? - WC PuneLet's Encrypt! Wait. Why? How? - WC Pune
Let's Encrypt! Wait. Why? How? - WC PuneNancy Thanki
 
SSL State of the Union
SSL State of the UnionSSL State of the Union
SSL State of the UnionSander Temme
 
Ssl certificate in internet world
Ssl certificate in internet worldSsl certificate in internet world
Ssl certificate in internet worldjamesbarns729
 
Lets Encrypt!
Lets Encrypt!Lets Encrypt!
Lets Encrypt!Joerg Henning
 
HTTPS @Scale
HTTPS @ScaleHTTPS @Scale
HTTPS @ScaleArvind Mani
 
Some tales about TLS
Some tales about TLSSome tales about TLS
Some tales about TLShannob
 
BlueHat v17 || TLS 1.3 - Full speed ahead... mind the warnings - the great, t...
BlueHat v17 || TLS 1.3 - Full speed ahead... mind the warnings - the great, t...BlueHat v17 || TLS 1.3 - Full speed ahead... mind the warnings - the great, t...
BlueHat v17 || TLS 1.3 - Full speed ahead... mind the warnings - the great, t...BlueHat Security Conference
 
TLS Interception considered harmful (Chaos Communication Camp 2015)
TLS Interception considered harmful (Chaos Communication Camp 2015)TLS Interception considered harmful (Chaos Communication Camp 2015)
TLS Interception considered harmful (Chaos Communication Camp 2015)hannob
 
VisualWorks Security Reloaded - STIC 2012
VisualWorks Security Reloaded - STIC 2012VisualWorks Security Reloaded - STIC 2012
VisualWorks Security Reloaded - STIC 2012Martin Kobetic
 
第0回ワススタ!! #wasbookを読もう
第0回ワススタ!! #wasbookを読もう第0回ワススタ!! #wasbookを読もう
第0回ワススタ!! #wasbookを読もうTatsuya Tobioka
 
320.1-Cryptography
320.1-Cryptography320.1-Cryptography
320.1-Cryptographybehrad eslamifar
 
Insecurity-In-Security version.1 (2010)
Insecurity-In-Security version.1 (2010)Insecurity-In-Security version.1 (2010)
Insecurity-In-Security version.1 (2010)Abhishek Kumar
 
Ansible ssh y comandos ad-hoc
Ansible ssh y comandos ad-hocAnsible ssh y comandos ad-hoc
Ansible ssh y comandos ad-hocRaul Hugo
 
Altitude SF 2017: QUIC - A low-latency secure transport for HTTP
Altitude SF 2017: QUIC - A low-latency secure transport for HTTPAltitude SF 2017: QUIC - A low-latency secure transport for HTTP
Altitude SF 2017: QUIC - A low-latency secure transport for HTTPFastly
 
wolfSSL TLS 1.3 Support in 2018
wolfSSL TLS 1.3 Support in 2018wolfSSL TLS 1.3 Support in 2018
wolfSSL TLS 1.3 Support in 2018wolfSSL
 
Insecurity-In-Security version.2 (2011)
Insecurity-In-Security version.2 (2011)Insecurity-In-Security version.2 (2011)
Insecurity-In-Security version.2 (2011)Abhishek Kumar
 
SSL, X.509, HTTPS - How to configure your HTTPS server
SSL, X.509, HTTPS - How to configure your HTTPS serverSSL, X.509, HTTPS - How to configure your HTTPS server
SSL, X.509, HTTPS - How to configure your HTTPS serverhannob
 
Hacker Halted 2014 - Why Botnet Takedowns Never Work, Unless It’s a SmackDown!
Hacker Halted 2014 - Why Botnet Takedowns Never Work, Unless It’s a SmackDown!Hacker Halted 2014 - Why Botnet Takedowns Never Work, Unless It’s a SmackDown!
Hacker Halted 2014 - Why Botnet Takedowns Never Work, Unless It’s a SmackDown!EC-Council
 
Cehv8 Labs - Module14: SQL Injection
Cehv8 Labs - Module14: SQL InjectionCehv8 Labs - Module14: SQL Injection
Cehv8 Labs - Module14: SQL InjectionVuz Dở Hơi
 

More Related Content

What's hot

Random musings on SSL/TLS configuration
Random musings on SSL/TLS configurationRandom musings on SSL/TLS configuration
Random musings on SSL/TLS configurationextremeunix
 
Getting started with HTTPS | LumoSpark webinar
Getting started with HTTPS | LumoSpark webinar Getting started with HTTPS | LumoSpark webinar
Getting started with HTTPS | LumoSpark webinar LumoSpark
 
Let's Encrypt! Wait. Why? How?
Let's Encrypt! Wait. Why? How?Let's Encrypt! Wait. Why? How?
Let's Encrypt! Wait. Why? How?Nancy Thanki
 
Let's Encrypt! Wait. Why? How? - WC Pune
Let's Encrypt! Wait. Why? How? - WC PuneLet's Encrypt! Wait. Why? How? - WC Pune
Let's Encrypt! Wait. Why? How? - WC PuneNancy Thanki
 
SSL State of the Union
SSL State of the UnionSSL State of the Union
SSL State of the UnionSander Temme
 
Ssl certificate in internet world
Ssl certificate in internet worldSsl certificate in internet world
Ssl certificate in internet worldjamesbarns729
 
Some tales about TLS
Some tales about TLSSome tales about TLS
Some tales about TLShannob
 
BlueHat v17 || TLS 1.3 - Full speed ahead... mind the warnings - the great, t...
BlueHat v17 || TLS 1.3 - Full speed ahead... mind the warnings - the great, t...BlueHat v17 || TLS 1.3 - Full speed ahead... mind the warnings - the great, t...
BlueHat v17 || TLS 1.3 - Full speed ahead... mind the warnings - the great, t...BlueHat Security Conference
 
TLS Interception considered harmful (Chaos Communication Camp 2015)
TLS Interception considered harmful (Chaos Communication Camp 2015)TLS Interception considered harmful (Chaos Communication Camp 2015)
TLS Interception considered harmful (Chaos Communication Camp 2015)hannob
 
VisualWorks Security Reloaded - STIC 2012
VisualWorks Security Reloaded - STIC 2012VisualWorks Security Reloaded - STIC 2012
VisualWorks Security Reloaded - STIC 2012Martin Kobetic
 
第0回ワススタ!! #wasbookを読もう
第0回ワススタ!! #wasbookを読もう第0回ワススタ!! #wasbookを読もう
第0回ワススタ!! #wasbookを読もうTatsuya Tobioka
 
Insecurity-In-Security version.1 (2010)
Insecurity-In-Security version.1 (2010)Insecurity-In-Security version.1 (2010)
Insecurity-In-Security version.1 (2010)Abhishek Kumar
 
Ansible ssh y comandos ad-hoc
Ansible ssh y comandos ad-hocAnsible ssh y comandos ad-hoc
Ansible ssh y comandos ad-hocRaul Hugo
 
Altitude SF 2017: QUIC - A low-latency secure transport for HTTP
Altitude SF 2017: QUIC - A low-latency secure transport for HTTPAltitude SF 2017: QUIC - A low-latency secure transport for HTTP
Altitude SF 2017: QUIC - A low-latency secure transport for HTTPFastly
 
wolfSSL TLS 1.3 Support in 2018
wolfSSL TLS 1.3 Support in 2018wolfSSL TLS 1.3 Support in 2018
wolfSSL TLS 1.3 Support in 2018wolfSSL
 
Insecurity-In-Security version.2 (2011)
Insecurity-In-Security version.2 (2011)Insecurity-In-Security version.2 (2011)
Insecurity-In-Security version.2 (2011)Abhishek Kumar
 
SSL, X.509, HTTPS - How to configure your HTTPS server
SSL, X.509, HTTPS - How to configure your HTTPS serverSSL, X.509, HTTPS - How to configure your HTTPS server
SSL, X.509, HTTPS - How to configure your HTTPS serverhannob
 

What's hot (20)

Random musings on SSL/TLS configuration
Random musings on SSL/TLS configurationRandom musings on SSL/TLS configuration
Random musings on SSL/TLS configuration
 
Getting started with HTTPS | LumoSpark webinar
Getting started with HTTPS | LumoSpark webinar Getting started with HTTPS | LumoSpark webinar
Getting started with HTTPS | LumoSpark webinar
 
Let's Encrypt! Wait. Why? How?
Let's Encrypt! Wait. Why? How?Let's Encrypt! Wait. Why? How?
Let's Encrypt! Wait. Why? How?
 
Let's Encrypt! Wait. Why? How? - WC Pune
Let's Encrypt! Wait. Why? How? - WC PuneLet's Encrypt! Wait. Why? How? - WC Pune
Let's Encrypt! Wait. Why? How? - WC Pune
 
SSL State of the Union
SSL State of the UnionSSL State of the Union
SSL State of the Union
 
Ssl certificate in internet world
Ssl certificate in internet worldSsl certificate in internet world
Ssl certificate in internet world
 
Lets Encrypt!
Lets Encrypt!Lets Encrypt!
Lets Encrypt!
 
HTTPS @Scale
HTTPS @ScaleHTTPS @Scale
HTTPS @Scale
 
Some tales about TLS
Some tales about TLSSome tales about TLS
Some tales about TLS
 
BlueHat v17 || TLS 1.3 - Full speed ahead... mind the warnings - the great, t...
BlueHat v17 || TLS 1.3 - Full speed ahead... mind the warnings - the great, t...BlueHat v17 || TLS 1.3 - Full speed ahead... mind the warnings - the great, t...
BlueHat v17 || TLS 1.3 - Full speed ahead... mind the warnings - the great, t...
 
TLS Interception considered harmful (Chaos Communication Camp 2015)
TLS Interception considered harmful (Chaos Communication Camp 2015)TLS Interception considered harmful (Chaos Communication Camp 2015)
TLS Interception considered harmful (Chaos Communication Camp 2015)
 
VisualWorks Security Reloaded - STIC 2012
VisualWorks Security Reloaded - STIC 2012VisualWorks Security Reloaded - STIC 2012
VisualWorks Security Reloaded - STIC 2012
 
第0回ワススタ!! #wasbookを読もう
第0回ワススタ!! #wasbookを読もう第0回ワススタ!! #wasbookを読もう
第0回ワススタ!! #wasbookを読もう
 
320.1-Cryptography
320.1-Cryptography320.1-Cryptography
320.1-Cryptography
 
Insecurity-In-Security version.1 (2010)
Insecurity-In-Security version.1 (2010)Insecurity-In-Security version.1 (2010)
Insecurity-In-Security version.1 (2010)
 
Ansible ssh y comandos ad-hoc
Ansible ssh y comandos ad-hocAnsible ssh y comandos ad-hoc
Ansible ssh y comandos ad-hoc
 
Altitude SF 2017: QUIC - A low-latency secure transport for HTTP
Altitude SF 2017: QUIC - A low-latency secure transport for HTTPAltitude SF 2017: QUIC - A low-latency secure transport for HTTP
Altitude SF 2017: QUIC - A low-latency secure transport for HTTP
 
wolfSSL TLS 1.3 Support in 2018
wolfSSL TLS 1.3 Support in 2018wolfSSL TLS 1.3 Support in 2018
wolfSSL TLS 1.3 Support in 2018
 
Insecurity-In-Security version.2 (2011)
Insecurity-In-Security version.2 (2011)Insecurity-In-Security version.2 (2011)
Insecurity-In-Security version.2 (2011)
 
SSL, X.509, HTTPS - How to configure your HTTPS server
SSL, X.509, HTTPS - How to configure your HTTPS serverSSL, X.509, HTTPS - How to configure your HTTPS server
SSL, X.509, HTTPS - How to configure your HTTPS server
 

Viewers also liked

Hacker Halted 2014 - Why Botnet Takedowns Never Work, Unless It’s a SmackDown!
Hacker Halted 2014 - Why Botnet Takedowns Never Work, Unless It’s a SmackDown!Hacker Halted 2014 - Why Botnet Takedowns Never Work, Unless It’s a SmackDown!
Hacker Halted 2014 - Why Botnet Takedowns Never Work, Unless It’s a SmackDown!EC-Council
 
Cehv8 Labs - Module14: SQL Injection
Cehv8 Labs - Module14: SQL InjectionCehv8 Labs - Module14: SQL Injection
Cehv8 Labs - Module14: SQL InjectionVuz Dở Hơi
 
Advanced Web Hosting
Advanced Web HostingAdvanced Web Hosting
Advanced Web HostingOVHcloud
 
Moving from HTTP to HTTPS
Moving from HTTP to HTTPSMoving from HTTP to HTTPS
Moving from HTTP to HTTPSBlake Crosby
 
A Brief Introduction in SQL Injection
A Brief Introduction in SQL InjectionA Brief Introduction in SQL Injection
A Brief Introduction in SQL InjectionSina Manavi
 
BrightonSEO Sep 2015 - HTTPS | Mark Thomas
BrightonSEO Sep 2015 - HTTPS | Mark Thomas BrightonSEO Sep 2015 - HTTPS | Mark Thomas
BrightonSEO Sep 2015 - HTTPS | Mark Thomas Anna Morrison
 
9 dạng bài tập định khoản kế toán
9 dạng bài tập định khoản kế toán9 dạng bài tập định khoản kế toán
9 dạng bài tập định khoản kế toánLớp kế toán trưởng
 

Viewers also liked (8)

Hacker Halted 2014 - Why Botnet Takedowns Never Work, Unless It’s a SmackDown!
Hacker Halted 2014 - Why Botnet Takedowns Never Work, Unless It’s a SmackDown!Hacker Halted 2014 - Why Botnet Takedowns Never Work, Unless It’s a SmackDown!
Hacker Halted 2014 - Why Botnet Takedowns Never Work, Unless It’s a SmackDown!
 
Cehv8 Labs - Module14: SQL Injection
Cehv8 Labs - Module14: SQL InjectionCehv8 Labs - Module14: SQL Injection
Cehv8 Labs - Module14: SQL Injection
 
Advanced Web Hosting
Advanced Web HostingAdvanced Web Hosting
Advanced Web Hosting
 
Moving from HTTP to HTTPS
Moving from HTTP to HTTPSMoving from HTTP to HTTPS
Moving from HTTP to HTTPS
 
A Brief Introduction in SQL Injection
A Brief Introduction in SQL InjectionA Brief Introduction in SQL Injection
A Brief Introduction in SQL Injection
 
BrightonSEO Sep 2015 - HTTPS | Mark Thomas
BrightonSEO Sep 2015 - HTTPS | Mark Thomas BrightonSEO Sep 2015 - HTTPS | Mark Thomas
BrightonSEO Sep 2015 - HTTPS | Mark Thomas
 
Bài tập kế toán tài chính doanh nghiệp có đáp án
Bài tập kế toán tài chính doanh nghiệp có đáp ánBài tập kế toán tài chính doanh nghiệp có đáp án
Bài tập kế toán tài chính doanh nghiệp có đáp án
 
9 dạng bài tập định khoản kế toán
9 dạng bài tập định khoản kế toán9 dạng bài tập định khoản kế toán
9 dạng bài tập định khoản kế toán
 

Similar to HTTPS, Here and Now

#Morecrypto (with tis) - version 2.2
#Morecrypto (with tis) - version 2.2#Morecrypto (with tis) - version 2.2
#Morecrypto (with tis) - version 2.2Olle E Johansson
 
Introduction to SSL and How to Exploit & Secure
Introduction to SSL and How to Exploit & SecureIntroduction to SSL and How to Exploit & Secure
Introduction to SSL and How to Exploit & SecureBrian Ritchie
 
Geek Guide: Apache Web Servers and SSL Authentication
Geek Guide: Apache Web Servers and SSL AuthenticationGeek Guide: Apache Web Servers and SSL Authentication
Geek Guide: Apache Web Servers and SSL AuthenticationRapidSSLOnline.com
 
White paper - Full SSL automation with OneClickSSL
White paper - Full SSL automation with OneClickSSLWhite paper - Full SSL automation with OneClickSSL
White paper - Full SSL automation with OneClickSSLGlobalSign
 
Secure socket layer
Secure socket layerSecure socket layer
Secure socket layerBU
 
Webinar SSL English
Webinar SSL EnglishWebinar SSL English
Webinar SSL EnglishSSL247®
 
#Morecrypto 1.8 - with introduction to TLS
#Morecrypto 1.8 - with introduction to TLS#Morecrypto 1.8 - with introduction to TLS
#Morecrypto 1.8 - with introduction to TLSOlle E Johansson
 
Alfresco DevCon 2019: Encryption at-rest and in-transit
Alfresco DevCon 2019: Encryption at-rest and in-transitAlfresco DevCon 2019: Encryption at-rest and in-transit
Alfresco DevCon 2019: Encryption at-rest and in-transitToni de la Fuente
 
All you need to know about transport layer security
All you need to know about transport layer securityAll you need to know about transport layer security
All you need to know about transport layer securityMaarten Smeets
 
An Introduction to DANE - Securing TLS using DNSSEC
An Introduction to DANE - Securing TLS using DNSSECAn Introduction to DANE - Securing TLS using DNSSEC
An Introduction to DANE - Securing TLS using DNSSECCarlos Martinez Cagnazzo
 
[Cluj] Turn SSL ON
[Cluj] Turn SSL ON[Cluj] Turn SSL ON
[Cluj] Turn SSL ONOWASP EEE
 
Secure Communication with an Insecure Internet Infrastructure
Secure Communication with an Insecure Internet InfrastructureSecure Communication with an Insecure Internet Infrastructure
Secure Communication with an Insecure Internet Infrastructurewebhostingguy
 
SECURE SOCKET LAYER ( WEB SECURITY )
SECURE SOCKET LAYER ( WEB SECURITY )SECURE SOCKET LAYER ( WEB SECURITY )
SECURE SOCKET LAYER ( WEB SECURITY )Monodip Singha Roy
 
PPT ON WEB SECURITY BY MONODIP SINGHA ROY
PPT ON WEB SECURITY BY MONODIP SINGHA ROYPPT ON WEB SECURITY BY MONODIP SINGHA ROY
PPT ON WEB SECURITY BY MONODIP SINGHA ROYMonodip Singha Roy
 
Case Studies and Lessons Learned from SSL/TLS Certificate Verification Vulner...
Case Studies and Lessons Learned from SSL/TLS Certificate Verification Vulner...Case Studies and Lessons Learned from SSL/TLS Certificate Verification Vulner...
Case Studies and Lessons Learned from SSL/TLS Certificate Verification Vulner...JPCERT Coordination Center
 
Securing Data in Transit -
Securing Data in Transit - Securing Data in Transit -
Securing Data in Transit - wolfSSL
 
WordCamp Raleigh 2017 - Move from HTTP to HTTPS or become irrelevant - Peter ...
WordCamp Raleigh 2017 - Move from HTTP to HTTPS or become irrelevant - Peter ...WordCamp Raleigh 2017 - Move from HTTP to HTTPS or become irrelevant - Peter ...
WordCamp Raleigh 2017 - Move from HTTP to HTTPS or become irrelevant - Peter ...Peter LaFond
 
Network Security_Module_2_Dr Shivashankar
Network Security_Module_2_Dr ShivashankarNetwork Security_Module_2_Dr Shivashankar
Network Security_Module_2_Dr ShivashankarDr. Shivashankar
 
e-Xpert Gate / Reverse Proxy - WAF 1ere génération
e-Xpert Gate / Reverse Proxy - WAF 1ere génératione-Xpert Gate / Reverse Proxy - WAF 1ere génération
e-Xpert Gate / Reverse Proxy - WAF 1ere générationSylvain Maret
 

Similar to HTTPS, Here and Now (20)

#Morecrypto (with tis) - version 2.2
#Morecrypto (with tis) - version 2.2#Morecrypto (with tis) - version 2.2
#Morecrypto (with tis) - version 2.2
 
Introduction to SSL and How to Exploit & Secure
Introduction to SSL and How to Exploit & SecureIntroduction to SSL and How to Exploit & Secure
Introduction to SSL and How to Exploit & Secure
 
Geek Guide: Apache Web Servers and SSL Authentication
Geek Guide: Apache Web Servers and SSL AuthenticationGeek Guide: Apache Web Servers and SSL Authentication
Geek Guide: Apache Web Servers and SSL Authentication
 
White paper - Full SSL automation with OneClickSSL
White paper - Full SSL automation with OneClickSSLWhite paper - Full SSL automation with OneClickSSL
White paper - Full SSL automation with OneClickSSL
 
Secure socket layer
Secure socket layerSecure socket layer
Secure socket layer
 
Webinar SSL English
Webinar SSL EnglishWebinar SSL English
Webinar SSL English
 
#Morecrypto 1.8 - with introduction to TLS
#Morecrypto 1.8 - with introduction to TLS#Morecrypto 1.8 - with introduction to TLS
#Morecrypto 1.8 - with introduction to TLS
 
Alfresco DevCon 2019: Encryption at-rest and in-transit
Alfresco DevCon 2019: Encryption at-rest and in-transitAlfresco DevCon 2019: Encryption at-rest and in-transit
Alfresco DevCon 2019: Encryption at-rest and in-transit
 
All you need to know about transport layer security
All you need to know about transport layer securityAll you need to know about transport layer security
All you need to know about transport layer security
 
An Introduction to DANE - Securing TLS using DNSSEC
An Introduction to DANE - Securing TLS using DNSSECAn Introduction to DANE - Securing TLS using DNSSEC
An Introduction to DANE - Securing TLS using DNSSEC
 
SSL overview
SSL overviewSSL overview
SSL overview
 
[Cluj] Turn SSL ON
[Cluj] Turn SSL ON[Cluj] Turn SSL ON
[Cluj] Turn SSL ON
 
Secure Communication with an Insecure Internet Infrastructure
Secure Communication with an Insecure Internet InfrastructureSecure Communication with an Insecure Internet Infrastructure
Secure Communication with an Insecure Internet Infrastructure
 
SECURE SOCKET LAYER ( WEB SECURITY )
SECURE SOCKET LAYER ( WEB SECURITY )SECURE SOCKET LAYER ( WEB SECURITY )
SECURE SOCKET LAYER ( WEB SECURITY )
 
PPT ON WEB SECURITY BY MONODIP SINGHA ROY
PPT ON WEB SECURITY BY MONODIP SINGHA ROYPPT ON WEB SECURITY BY MONODIP SINGHA ROY
PPT ON WEB SECURITY BY MONODIP SINGHA ROY
 
Case Studies and Lessons Learned from SSL/TLS Certificate Verification Vulner...
Case Studies and Lessons Learned from SSL/TLS Certificate Verification Vulner...Case Studies and Lessons Learned from SSL/TLS Certificate Verification Vulner...
Case Studies and Lessons Learned from SSL/TLS Certificate Verification Vulner...
 
Securing Data in Transit -
Securing Data in Transit - Securing Data in Transit -
Securing Data in Transit -
 
WordCamp Raleigh 2017 - Move from HTTP to HTTPS or become irrelevant - Peter ...
WordCamp Raleigh 2017 - Move from HTTP to HTTPS or become irrelevant - Peter ...WordCamp Raleigh 2017 - Move from HTTP to HTTPS or become irrelevant - Peter ...
WordCamp Raleigh 2017 - Move from HTTP to HTTPS or become irrelevant - Peter ...
 
Network Security_Module_2_Dr Shivashankar
Network Security_Module_2_Dr ShivashankarNetwork Security_Module_2_Dr Shivashankar
Network Security_Module_2_Dr Shivashankar
 
e-Xpert Gate / Reverse Proxy - WAF 1ere génération
e-Xpert Gate / Reverse Proxy - WAF 1ere génératione-Xpert Gate / Reverse Proxy - WAF 1ere génération
e-Xpert Gate / Reverse Proxy - WAF 1ere génération
 

More from Philippe De Ryck

Are you botching the security of your AngularJS applications? (DevFest 2016)
Are you botching the security of your AngularJS applications? (DevFest 2016)Are you botching the security of your AngularJS applications? (DevFest 2016)
Are you botching the security of your AngularJS applications? (DevFest 2016)Philippe De Ryck
 
Why Traditional Web Security Technologies no Longer Suffice to Keep You Safe
Why Traditional Web Security Technologies no Longer Suffice to Keep You SafeWhy Traditional Web Security Technologies no Longer Suffice to Keep You Safe
Why Traditional Web Security Technologies no Longer Suffice to Keep You SafePhilippe De Ryck
 
Securing your EmberJS Application
Securing your EmberJS ApplicationSecuring your EmberJS Application
Securing your EmberJS ApplicationPhilippe De Ryck
 
Securing your AngularJS Application
Securing your AngularJS ApplicationSecuring your AngularJS Application
Securing your AngularJS ApplicationPhilippe De Ryck
 
Getting Single Page Application Security Right
Getting Single Page Application Security RightGetting Single Page Application Security Right
Getting Single Page Application Security RightPhilippe De Ryck
 

More from Philippe De Ryck (7)

Are you botching the security of your AngularJS applications? (DevFest 2016)
Are you botching the security of your AngularJS applications? (DevFest 2016)Are you botching the security of your AngularJS applications? (DevFest 2016)
Are you botching the security of your AngularJS applications? (DevFest 2016)
 
Why Traditional Web Security Technologies no Longer Suffice to Keep You Safe
Why Traditional Web Security Technologies no Longer Suffice to Keep You SafeWhy Traditional Web Security Technologies no Longer Suffice to Keep You Safe
Why Traditional Web Security Technologies no Longer Suffice to Keep You Safe
 
Securing your EmberJS Application
Securing your EmberJS ApplicationSecuring your EmberJS Application
Securing your EmberJS Application
 
Securing your AngularJS Application
Securing your AngularJS ApplicationSecuring your AngularJS Application
Securing your AngularJS Application
 
Getting Single Page Application Security Right
Getting Single Page Application Security RightGetting Single Page Application Security Right
Getting Single Page Application Security Right
 
Subresource Integrity
Subresource IntegritySubresource Integrity
Subresource Integrity
 
Why Web Security Matters!
Why Web Security Matters!Why Web Security Matters!
Why Web Security Matters!
 

Recently uploaded

Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsJoaquim Jorge
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businesspanagenda
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...apidays
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024The Digital Insurer
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?Igalia
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProduct Anonymous
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MIND CTI
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 

Recently uploaded (20)

Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
Apidays New York 2024 - The Good, the Bad and the Governed by David O'Neill, ...
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 

HTTPS, Here and Now

  • 1. HTTPS, Here and Now Philippe De Ryck @PhilippeDeRyck Invited Speaker @ VDAB ICT Security Happening https://www.websec.be
  • 2. What Is this HTTPS Thing? 2 Visit website, browse public pages Login with username and password Consult private information
  • 3. It’s for Sending Sensitive Data 3 Visit website, browse public pages Login with username and password Consult private information
  • 4. But All Data Is Sensitive! 4 Visit website, browse public pages Login with username and password Consult private information
  • 5. But All Data Is Sensitive! 5 Visit website, browse public pages Login with username and password Consult private information
  • 6. About Me – Philippe De Ryck 6 § Postdoctoral Researcher @ DistriNet (KU Leuven) § Focus on (client-side) Web security § Responsible for the Web Security training program § Dissemination of knowledge and research results § Target audiences include industry and researchers § Main author of the Primer on Client-Side Web Security § 7 attacker models, broken down in 10 capabilities § 13 attacks and their countermeasures § Overview of security best practices https://www.websec.be@PhilippeDeRyck
  • 7. Overview 7 § HTTPS, under the hood § The basics of the HTTPS protocol § TLS, keys, certificates, … § Deploying HTTPS in practice § Requesting certificates § Server configuration § HTTPS on the application layer § Interactions between TLS and the Web application § The security risks of incorrectly deploying HTTPS
  • 8. SSL and TLS – A bit of History 8 1994 SSL 1.0 Invented by Netscape, but never released 1995 SSL 2.0 Improvement of SSL 1.0. Quickly considered to be flawed 1996 SSL 3.0 Full rewrite, with stronger security. Will be actively used till 2014 1999 TLS 1.0 Standardization of SSL 3.0, with small improvements 2006 TLS 1.1 Update of TLS 1.0, with stronger cipher suites 2008 TLS 1.2 Update of TLS 1.1, with stronger cipher suites, and support for extensions … TLS 1.3 Strong push towards better security, with removal of old algorithms and enforcement of forward secrecy 2011 Backwards compatibility with old SSL versions (< 3) removed from spec
  • 9. Opinions about HTTPS 9 § It’s really complicated, and we can not set it up § That’s why there is CloudFlare and Let’s Encrypt § It’s too costly ($$$, CPU, network) § There are free certs, and your CPU has AES instructions § Netflix does it
  • 11. Opinions about HTTPS 11 § It’s really complicated, and we can not set it up § That’s why there is CloudFlare and Let’s Encrypt § It’s too costly ($$$, CPU, network) § There are free certs, and your CPU has AES instructions § Netflix does it § It doesn’t work well with caching § That’s why there are localized CDNs § You need one IP per website § Not since Windows XP has died …
  • 12. HTTPS under the Hood 12
  • 13. The S in HTTPS 13 § HTTP protocol over a secure channel § Established by the SSL/TLS protocol § Separate URI scheme within the browser HTTP:// HTTPS:// Network Stack TLS HTTPS:// HTTP:// Network Stack TLS
  • 14. Positioning TLS in the Stack 14 Application Transport Internet Network HTTP TCP IP Ethernet Data Data TCP Header Data TCP Header IP Header Data TCP Header IP Header Frame Header Frame Footer
  • 15. Positioning TLS in the Stack 15 Application Transport Internet Network TLS TCP IP Ethernet TLS Record TLS Record TCP Header TLS Record TCP Header IP Header TLS Record TCP Header IP Header Frame Header Frame Footer HTTP DataIMAPPOP… UDP
  • 16. TLS in a Nutshell 16 § The secure channel is capable of offering … § Data confidentiality § Data integrity § Mutual entity authentication § The handshake protocol is used to negotiate parameters § The record protocol is the workhorse, transmitting data TLS Record Protocol Secure Communication Channel TLS Handshake Protocol
  • 17. A Closer Look at the TLS Record Protocol 17 Application Data Fragment Compress Append Record Header Encrypt Add Integrity Check Data Integrity ensures that tampering will be detected Confidentiality ensures that the data will be private
  • 18. The TLS Handshake Protocol, Simplified 18 Hi some-shop.com, Give me your key please? some-shop.com
  • 19. TLS Depends on Public Key Certificates 19 § A certificate asserts that a public key X belongs to party Y § Issued by a Certificate Authority § Generally for a lot of € € € § Different levels of validation
  • 20. Certificates and CAs 20 Root CAs Intermediate CAs Hey, I would like to be a CA. Please vouch that this is my key? Hey, I’m some-shop.com. Please vouch that this is my key?
  • 21. The Importance of Certificates in TLS 21 ? Hi some-shop.com, Give me your key please? Hi some-shop.com, Give me your key please? some-shop.com
  • 22. The Importance of Certificates in TLS 22 Give me your key please? Give me your key please? ?
  • 23. Browser Warnings Are Scary 23 http://www.slate.com/articles/technology/future_tense/2015/02/ssl_warnings_users_ignore_them_can_we_fix_that.html
  • 24. But Can Easily Be Avoided 24 http://www.techfor.us/2015/06/your-connection-is-not-private-er_cert_common_name_invalid/
  • 25. Similar Story With Mobile Apps 25
  • 26. Doing It Right Is More Effort 26 https://developer.android.com/training/articles/security-ssl.html
  • 27. A Closer Look at the TLS Handshake 27 Client Hello (ciphers, extensions, …) Server Hello (cipher, extensions, …) Client Finished Server Finished Server Hello Done Verify Certificate Generate Pre- master secret Calculate keys Calculate keys Pre-master secret
  • 28. Putting it Together in the Handshake 28 Client Hello (ciphers, extensions, …) Server Hello (cipher, extensions, …) Client Finished Server Finished Server Hello Done Verify Certificate Generate Pre- master secret Calculate keys Calculate keys Pre-master secret Entity Authentication
  • 29. Putting it Together in the Handshake 29 Client Hello (ciphers, extensions, …) Server Hello (cipher, extensions, …) Client Finished Server Finished Server Hello Done Verify Certificate Generate Pre- master secret Calculate keys Calculate keys Pre-master secret Key Exchange
  • 30. Putting it Together in the Handshake 30 Client Hello (ciphers, extensions, …) Server Hello (cipher, extensions, …) Client Finished Server Finished Server Hello Done Verify Certificate Generate Pre- master secret Calculate keys Calculate keys Pre-master secret Encryption / Integrity Checking
  • 31. Putting it Together in the Handshake 31 Client Hello (ciphers, extensions, …) Server Hello (cipher, extensions, …) Client Finished Server Finished Server Hello Done Verify Certificate Generate Pre- master secret Calculate keys Calculate keys Pre-master secret Cipher Suite Negotiation
  • 32. Example of the TLS Handshake 32
  • 33. Overview 33 § HTTPS, under the hood § The basics of the HTTPS protocol § TLS, keys, certificates, … § Deploying HTTPS in practice § Requesting certificates § Server configuration § HTTPS on the application layer § Interactions between TLS and the Web application § The security risks of incorrectly deploying HTTPS
  • 34. Deploying HTTPS in practice 34
  • 35. Deploying TLS Can Be Complex 35 § The administrator needs to take a lot of steps § Create keys § Request certificate § Verify and complete the certificate chain § Configure the service to use TLS § Often used as an argument against TLS § But no longer valid, as we will see shortly …
  • 36. Deploying HTTPS Step By Step 36 § To request a certificate, you need a key pair § From which you can generate a certificate signing request § With this CSR, you can get a certificate from a CA openssl genrsa –out websec_sandbox00.key 2048 openssl req –new –sha256 –key … –out ….csr
  • 37. StartSSL Offers Free Certificates 37
  • 38. Requesting a Certificate From StartSSL 38
  • 39. Requesting a Certificate From StartSSL 39
  • 40. Deploying HTTPS Step By Step 40 -----BEGIN CERTIFICATE----- MIIGQzCCBSugAwIBAgIHBkV4e/No3zANBgkqhkiG9w0BAQsFADCBjDELMAkGA1UEBhMCSUwxFjAUBgNVBAoTDVN0YXJ0Q29tIE x0ZC4xKzApBgNVBAsTIlNlY3VyZSBEaWdpdGFsIENlcnRpZmljYXRlIFNpZ25pbmcxODA2BgNVBAMTL1N0YXJ0Q29tIENsYXNz IDEgUHJpbWFyeSBJbnRlcm1lZGlhdGUgU2VydmVyIENBMB4XDTE1MDkxMzExMjIwM1oXDTE2MDkxMzAyMDgzM1owUDELMAkGA1 UEBhMCQkUxHDAaBgNVBAMTE3NhbmRib3gyMC53ZWJzZWMuYmUxIzAhBgkqhkiG9w0BCQEWFGhvc3RtYXN0ZXJAd2Vic2VjLmJl MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxtC9jgaVoZiw5kiiz7E5JGWHELnlv74R2hk7Ziw9gQzcIe3HXQTjAl BePyvXCfy/wrYbrCO1coOGH3xLBQwV4UDaWB1eVo+yO50GPn6DBet7Dvk+XS1MUceOCfzeGP+FdowA8oDe0kNe49SE8NWjELvG rYDB0pugumgsz/4ww+9kvdqrltXekzpxRYFte67jmctDVi+4nYmZjkz5HT0cV4XcXKBvLqt96hjaxTJAPTqzdvF6t2gkY42M6T QecHoIFN3N3o+wVEEh+7rT7zCLP7Sw6eGj9FkF/HIDtV4EntyaKwcGbQrnqy6zIA02pcrL1AlK9oPbizXEiNE7DqMS8wIDAQAB o4IC4zCCAt8wCQYDVR0TBAIwADALBgNVHQ8EBAMCA6gwEwYDVR0lBAwwCgYIKwYBBQUHAwEwHQYDVR0OBBYEFJzCyX0Qjl8z3F f2jLwihh36m5J+MB8GA1UdIwQYMBaAFOtCNNCYsKuf9BtrCPfMZC7vDixFMCkGA1UdEQQiMCCCE3NhbmRib3gyMC53ZWJzZWMu YmWCCXdlYnNlYy5iZTCCAVYGA1UdIASCAU0wggFJMAgGBmeBDAECATCCATsGCysGAQQBgbU3AQIDMIIBKjAuBggrBgEFBQcCAR YiaHR0cDovL3d3dy5zdGFydHNzbC5jb20vcG9saWN5LnBkZjCB9wYIKwYBBQUHAgIwgeowJxYgU3RhcnRDb20gQ2VydGlmaWNh dGlvbiBBdXRob3JpdHkwAwIBARqBvlRoaXMgY2VydGlmaWNhdGUgd2FzIGlzc3VlZCBhY2NvcmRpbmcgdG8gdGhlIENsYXNzID EgVmFsaWRhdGlvbiByZXF1aXJlbWVudHMgb2YgdGhlIFN0YXJ0Q29tIENBIHBvbGljeSwgcmVsaWFuY2Ugb25seSBmb3IgdGhl IGludGVuZGVkIHB1cnBvc2UgaW4gY29tcGxpYW5jZSBvZiB0aGUgcmVseWluZyBwYXJ0eSBvYmxpZ2F0aW9ucy4wNQYDVR0fBC 4wLDAqoCigJoYkaHR0cDovL2NybC5zdGFydHNzbC5jb20vY3J0MS1jcmwuY3JsMIGOBggrBgEFBQcBAQSBgTB/MDkGCCsGAQUF BzABhi1odHRwOi8vb2NzcC5zdGFydHNzbC5jb20vc3ViL2NsYXNzMS9zZXJ2ZXIvY2EwQgYIKwYBBQUHMAKGNmh0dHA6Ly9haW Euc3RhcnRzc2wuY29tL2NlcnRzL3N1Yi5jbGFzczEuc2VydmVyLmNhLmNydDAjBgNVHRIEHDAahhhodHRwOi8vd3d3LnN0YXJ0 c3NsLmNvbS8wDQYJKoZIhvcNAQELBQADggEBAJq45Um2ULzWpSIaK1pBGcEScEJcP9ZOZLKsZ1kV+0XV2sTXSUd5Wzha0mTkIb BLpJ0ap68je4iN8kIC0A6RjCTKYwqEgXgRM9XMC360kIyNTJ2ZqpVj+qt/ahxW7xjAhchJB293aNNrDgVLq6ms1kUGQL5LM2cS ULL4kt9Tz5f88ayMWTYftKSCXtyKmDeYVbnXi/1FWGXX09hmdqxkWcIqdb1pXzD9AouSG0ZBfVgIk3vmMvghX/V7DdOIKf/2El uQrIXhnJze/mOm566NPdJqge6o5IC3NPGos6SLK3RtPGNttJwzg6IvEpeYPunjjuRfFAtWIvciqTC83aoRWIo= -----END CERTIFICATE-----
  • 41. Deploying HTTPS Step By Step 41 § With the keys and certificate, we can configure the server § Define a new virtual host § Enable the SSL engine § Point to the private key and certificate # Example NGINX configuration (bare essentials) server { listen 443; server_name sandbox00.websec.be; root /site; ssl on; ssl_certificate /etc/ssl/websec_sandbox00.pem; ssl_certificate_key /etc/ssl/websec_sandbox00.key; ssl_protocols SSLv3 TLSv1.0 TLSv1.1 TLSv1.2; ssl_prefer_server_ciphers on; }
  • 42. Deploying HTTPS Step By Step 42 § With the keys and certificate, we can configure the server § Define a new virtual host § Enable the SSL engine § Point to the private key and certificate # Example Apache configuration (bare essentials) <VirtualHost *:443> ServerName sandbox00.websec.be DocumentRoot /site SSLEngine On SSLCertificateFile /etc/ssl/websec_sandbox00.pem SSLCertificateKeyFile /etc/ssl/websec_sandbox00.key </VirtualHost>
  • 43. Still a Tedious Process … 43 https://letsencrypt.org
  • 44. Let’s Encrypt Pushes for HTTPS Everywhere 44 § Free certificates for everyone § Let’s Encrypt has established a CA to issue certificates § They have built a toolchain to automate the process git clone https://github.com/letsencrypt/letsencrypt . ./letsencrypt-auto certonly --webroot -w /var/www/ -d www.websec.be
  • 45. Let’s Encrypt Automates Domain Validation 45 https://letsencrypt.org/howitworks/technology/
  • 46. Let’s Encrypt Automates Certificate Issuing 46 https://letsencrypt.org/howitworks/technology/
  • 47. Where Should a Connection Go? 47 Client Hello (ciphers, extensions, …) Server Hello (cipher, extensions, …) Client Finished Server Finished Server Hello Done Verify Certificate Generate Pre- master secret Calculate keys Calculate keys Pre-master secret GET example.com
  • 48. Server Name Indication (SNI) 48 § SNI is a TLS extension § Includes the hostname a client is connecting to § Allows the server software to send it to the correct virtual host § SNI allows admins to run multiple TLS servers on one IP § Which is great, since IPv4 addresses are limited anyway § Client support has increased a lot since Windows XP died J § Often only one SSL configuration per Web server supported § Because underlying stack takes care of it
  • 49. SSL Termination 49 § A single point in the network where SSL connections end § Sensitive key material is stored in one single place § Dedicated crypto hardware can take care of the SSL operations § Internal servers run interactive web sites § Higher chance of getting compromised § They can use self-signed certs internally § Server software may be less trustworthy than the termination point
  • 50. Overview 50 § HTTPS, under the hood § The basics of the HTTPS protocol § TLS, keys, certificates, … § Deploying HTTPS in practice § Requesting certificates § Server configuration § HTTPS on the application layer § Interactions between TLS and the Web application § The security risks of incorrectly deploying HTTPS
  • 51. HTTPS on the Application Layer 51
  • 52. Verifying your TLS Deployment 52 § How do you know if you deployed HTTPS correctly? § The browser seems to be happy … § But the browser is very forgiving if you screw up § Qualys offers an SSL server test § Checks your configuration against current best practices § Gives you a grade based on how good/bad your setup is
  • 54. Default Ubuntu 14.04 LTS Installation https://www.ssllabs.com/ssltest/
  • 56. Want to Run Your Own Test? 56 https://www.ssllabs.com/ssltest/
  • 57. Great TLS Score, but what with Security? 57 https://www.ssllabs.com/ssltest/
  • 58. Deploying Sites over HTTP is a Bad Idea 58some-shop.com Visit http://some-shop.com Welcome, please log in Login as Philippe to http://some-shop.com/login Welcome Philippe Visit http://some-shop.com/catalog Here you go Philippe, please buy lots of stuff …
  • 59. Deploying Sites over HTTP is a Bad Idea 59 § Eavesdropping attacks are trivial nowadays § But nobody cares … § Take the BEL20 ... Only 2 sites use HTTPS for their main page 2 sites even submit login forms over HTTP http://deredactie.be/cm/vrtnieuws/binnenland/1.2163105 http://www.clickx.be/nieuws/134342/telenet-laat-je-surfen-via-de-modem-van-je-buren/
  • 60. HTTPS to the Rescue 60some-shop.com Visit http://some-shop.com Welcome, please log in Login as Philippe to https://some-shop.com/login Welcome Philippe Visit http://some-shop.com/catalog Here you go Philippe, please buy lots of stuff
  • 61. Session Hijacking 61some-shop.com Visit http://some-shop.com Welcome, please log in Login as Philippe to https://some-shop.com/login Welcome Philippe Visit http://some-shop.com/catalog Here you go Philippe, please buy lots of stuff Visit http://some-shop.com/catalog Here you go Philippe, please buy lots of stuff
  • 62. Man in the Middle Attacks 62 some-shop.com Visit http://some-shop.com Welcome, please log in Login as Philippe Welcome Philippe Send items to address X Items will be sent to X Visit http://some-shop.com Welcome, please log in Login as Philippe Welcome Philippe Send items to address A Items will be sent to A
  • 63. Stripping HTTPS from Login Forms 63 some-shop.com Visit http://some-shop.com Welcome, please log in Login as Philippe Welcome Philippe Send items to address X Items will be sent to X Visit http://some-shop.com Welcome, please log in Login as Philippe Welcome Philippe Send items to address A Items will be sent to A Rewrite HTTPS to HTTP
  • 64. Demo Time 64 § Demo with the Wifi Pineapple § Wireless honeypot § Can be configured as a hotspot § Can also mimic other hotspots
  • 65. Our Setup 65 § We control the wireless access point § Full man-in-the-middle attack some-shop.com
  • 66. Stripping HTTPS from Login Forms 66 some-shop.com Visit http://some-shop.com Welcome, please log in Login as Philippe Welcome Philippe Send items to address X Items will be sent to X Visit http://some-shop.com Welcome, please log in Login as Philippe Welcome Philippe Send items to address A Items will be sent to A Rewrite HTTPS to HTTP
  • 67. HTTPS Prevents Man in the Middle Attacks 67 some-shop.com Visit https://some-shop.com Welcome, please log in Login as Philippe Welcome Philippe Send items to address X Items will be sent to X Visit https://some-shop.com Welcome, please log in Login as Philippe Welcome Philippe Send items to address A Items will be sent to A
  • 68. Bootstrapping the HTTPS Site 68 GET http://some-shop.com some-shop.com 301 Moved Permanently Location: https://some-shop.com GET https://some-shop.com 200 OK Response page
  • 69. SSL Stripping 69 GET http://some-shop.com 200 OK Response page POST http://some-shop.com GET http://… 301 Moved GET https://… 200 OK Rewrite HTTPS URLs User: philippe & pass: pazzw0rd POST https://… some-shop.com
  • 70. HTTP Strict Transport Security (HSTS) 70 § Instruct the browser to only visit a site over HTTPS § Once-enabled no HTTP requests will be sent anymore § Prevents SSL stripping attacks § Prevents cookie stealing over HTTP GET https://websec.be websec.be 200 OK Response page
  • 71. Diving into HSTS 71 § HSTS is a server-driven browser-enforced security policy § Server sends the Strict-Transport-Security response header § Browser enforces this for the lifetime specified in the header § Effectively prevents SSL stripping attacks § HSTS originates from a research proposal: ForceHTTPS § First proposed in 2008, standardized in 2012 Strict-Transport-Security: max-age=31536000
  • 72. Specifying the HSTS header 72 § Configuration is straightforward § max-age specifies the duration for forcing the use of HTTPS § includeSubdomains specifies whether subdomains are included § The protection is only applied for the duration of max-age § Make sure this value covers non-frequent visitors § The value 0 disables the HSTS policy for this particular host • Only if received over an error-free channel 4 4 7 11From version … 4.4.4 7.1 Strict-Transport-Security: max-age=31536000; includeSubdomains
  • 73. HSTS Best Practices 73 § HSTS Header processing § HSTS response headers must be sent over a secure channel § Headers received on an insecure channel are ignored § Incorrectly formatted headers are ignored § Only the first header will be processed § HSTS does not care about TCP ports § Matches only on hostname § Port 80 is translated to 443, other ports are preserved
  • 74. HSTS Overview 74 GET https://websec.be websec.be 200 OK Response page Strict-Transport-Security: max-age=31536000; includeSubdomains GET https://websec.be 200 OK Response page Strict-Transport-Security: max-age=31536000; includeSubdomains www.websec.be GET https://www.websec.be 200 OK Response page Strict-Transport-Security: max-age=31536000; includeSubdomains
  • 75. The Bootstrapping Problem … Again 75 GET https://websec.be websec.be 200 OK Response page Strict-Transport-Security: max-age=31536000; includeSubdomains GET https://websec.be 200 OK Response page Strict-Transport-Security: max-age=31536000; includeSubdomains www.websec.be GET https://www.websec.be 200 OK Response page Strict-Transport-Security: max-age=31536000; includeSubdomains
  • 76. Preloading HSTS 76 § The bootstrapping problem is solved by a preloaded list § Contains all sites that have explicitly subscribed to HSTS § Distributed along with the browsers § Available on https://hstspreload.appspot.com/
  • 77. Conditions for making the preload list 77 § Having a valid certificate (no SHA1 allowed after 2016) § Redirect all HTTP traffic to HTTPS § Serve all subdomains over HTTPS (especially www if it exists) § Serve HSTS on the base domain (e.g. websec.be) § Max-age of at least 18 weeks § includeSubdomains must be specified § preload must be specified § In case of a redirect, specify HSTS on the redirect, not the destination Strict-Transport-Security: max-age=31536000; includeSubdomains; preload
  • 78. Inspecting HSTS in the Browser 78 § Available through chrome://net-internals/#hsts
  • 79. Inspecting HSTS in the Browser 79 § Available through chrome://net-internals/#hsts
  • 80. Inspecting HSTS in the Browser 80 § Available through chrome://net-internals/#hsts
  • 81.
  • 82. How to Get an A+ Rating? 82 ssl on; ssl_certificate /etc/letsencrypt/live/www.websec.be/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/www.websec.be/privkey.pem ssl_dhparam /etc/ssl/dhparams.pem; ssl_session_timeout 5m; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers 'ECDHE-ECDSA-AES128-GCM-SHA256 ECDHE-ECDSA-AES256-GCM- SHA384 ECDHE-ECDSA-AES128-SHA ECDHE-ECDSA-AES256-SHA ECDHE-ECDSA- AES128-SHA256 ECDHE-ECDSA-AES256-SHA384 ECDHE-RSA-AES128-GCM-SHA256 ECDHE-RSA-AES256-GCM-SHA384 ECDHE-RSA-AES128-SHA ECDHE-RSA-AES256-SHA ECDHE-RSA-AES128-SHA256 ECDHE-RSA-AES256-SHA384 DHE-RSA-AES128-GCM- SHA256 DHE-RSA-AES256-GCM-SHA384 DHE-RSA-AES128-SHA DHE-RSA-AES256- SHA DHE-RSA-AES128-SHA256 DHE-RSA-AES256-SHA256'; ssl_prefer_server_ciphers on; add_header Strict-Transport-Security "max-age=31556926";}
  • 84. Things Will Get Worse … 84 § More SSL/TLS failures will be discovered § CAs misbehaving or getting hacked § Server administrators deploying imperfect configurations § Client software being clueless about SSL http://www.pentestpartners.com/blog/hacking-defcon-23s-iot-village-samsung-fridge/ http://www.zdnet.com/article/hundreds-of-android-apps-open-to-ssl-linked-intercept-fail/
  • 85. The Push for HTTPS Will Become Stronger 85 § Browser vendors and corporations are pushing for HTTPS § Google already uses HTTPS as a ranking signal for search § Mozilla will mark HTTP sites with password fields as insecure § The US government mandates the use of HTTPS § All publicly accessible sites § By the end of 2016 § The use of HTTPS is gaining widespread attention § Mainstream media pick up an HTTPS story now and then § Remember the article about Belgian banks
  • 86. Wrapping Up 86 § The time of closed networks is over § Networks are available everywhere, to all kinds of devices § Do not put explicit trust in the network infrastructure § HTTPS effectively prevents passive and active attacks § New security policies push security even further (HSTS, HPKP) § For the first time, we can defend against very powerful attacks § Only awareness is standing in the way of HTTPS deployment
  • 87. Week-long application security course https://www.secappdev.org
  • 88. Progressive Web Security course 1. Why simply deploying HTTPS will not get you an A+ grade 2. How to avoid common pitfalls in authentication and authorization 3. Why modern security technologies will eradicate XSS 4. Four new browser communication mechanisms, and how they affect you State-of-the-art technologies Hands-on labs included 3rd edition starts on April 12th 2016 https://www.websec.be
  • 89. HTTPS, Here and Now Acknowledgements Icons by Visual Pharm (https://icons8.com)
  • 90. HTTPS, Here and Now Philippe De Ryck philippe.deryck@cs.kuleuven.be /in/philippederyck https://www.websec.be @PhilippeDeRyck