The document discusses securing applications with SSL/TLS. It recommends disabling SSL v2.0, using ECDHE cipher suites where possible as they provide both fast performance and forward secrecy. Additionally, it advises not trusting default SSL/TLS configurations that come with software packages.

1. Random musings on
SSL/TLS
by Cyrus Dasadia (@ExtremeUnix)

2. Reason for configuring SSL
Identity
Confidentiality/Privacy
Integrity

3. Secure my application
Step 1: Create CSR

4. Secure my application
Step 1: Create CSR
Step 2: Buy / Self-sign a SSL Certificate

5. Secure my application
Step 1: Create CSR
Step 2: Buy / Self-sign a SSL Certificate
Step 3: Configure Apache/Nginx web-server

6. Secure my application
Step 1: Create CSR
Step 2: Buy / Self-sign a SSL Certificate
Step 3: Configure Apache/Nginx web-server
Step 4: Security Accomplished!!

7. Thank you!
Questions?

8. You were mostly wrong
Cipher suites ?
OpenSSL on system/application?
Certificate Key?
TLS version supported?

9. SSL == TLS

10. SSL ≠ TLS or is it ?
Netscape created SSL
as a product
SSL v1.0 - ??
SSL v2.0 - 1995
SSL v3.0 - 1996

11. SSL ≠ TLS or is it ?
Netscape created SSL
as a product
SSL v1.0 - ??
SSL v2.0 - 1995
SSL v3.0 - 1996
TLS came as a
standard.
TLS v1.0 - 1999
TLS v1.1 - 2006
TLS v1.2 - 2008
TLS v1.3 - draft

12. SSL/TLS connection

13. X.509
Hostname validation certs
Extended validation certs

14. Protocol Versions
● Disable SSL v2.0
● Avoid SSL v3.0
● Disable TLS compression (removed in TLS
1.3)
● Highest priority to TLS 1.2

15. Ciphers
Plain text
Key
SupaCipher Encrypted
Text

16. Ciphers: TLS
Symmetric
Block chaining
Recommended AES128 with GCM (Galois/Counter Mode)

17. Ciphers: TLS
Avoid these ciphers:
DES
EXP-*
RC4

18. KeyExchange
RSA: Fast but no forward secrecy.
DHE: Forward secrecy but not fast enough.
ECDHE: Fast and forward secrecy

19. Lets see them in action
https://www.ssllabs.com/ssltest

24. Few takeaways: Keys
● 1024 bits is asking for trouble
● 2048 bits minimal viable
● 4096 good standard
● Switch to ECDSA in future!

25. Few takeaways: Keys
Generating ECDSA keys:
256 bit key:
openssl ecparam -name prime256v1 -genkey -out my.key
512 bit key:openssl ecparam -name secp521r1 -genkey -out my.key

26. Few takeaways: Choosing a CA
● At least Supports Certificate Revocation List (CRL)
● Supports Online Certificate Status Protocol (OCSP)
● Accept trustiness of your Country/Corp CA

27. Few takeaways: Renegotiation
Disable Client Initiated Renegotiation
Apache:
Nginx:

28. Few takeaways: Performance
● Enable session resumption
● Keep-Alive is your friend
● Cache-Control: public

29. Few takeaways: Security bits
● Ensure 3rd party CDN’s use SSL
● Do not mix connection types

30. Few takeaways: Security bits
Enable HSTS (HTTP Strict Transport Security) if possible.
Apache: (mod_headers) Header add Strict-Transport-Security "max-age=
15768000;includeSubDomains"
nginx: (mod_headers) add_header Strict-Transport-Security "max-age=
15768000;includeSubDomains"

31. Few takeaway: Security bits
Apache :
SSLProtocol ALL -SSLv2
SSLHonorCipherOrder on
SSLCipherSuite
ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH
+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS
courtesy: @hynek

32. Few takeaway: Security bits
nginx :
ssl_prefer_server_ciphers on;
ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers
ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH
+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS;
courtesy: @hynek

33. STARTTLS ≠ TLS

34. STARTTLS ≠ TLS
Plain text communications viz. IMAP, POP,
SMTP needed support for encrypted
connections

35. STARTTLS ≠ TLS
Simple solution, use a different port
IMAP uses port 143, SSL/TLS port 993.
POP uses port 110, SSL/TLS port 995.
SMTP uses port 25, SSL/TLS port 465.
and LDAP, XMPP, etc.

36. STARTTLS ≠ TLS
Simple solution, use a different port
IMAP uses port 143, SSL/TLS port 993.
POP uses port 110, SSL/TLS port 995.
SMTP uses port 25, SSL/TLS port 465.
and LDAP, XMPP, etc.
But having 2 ports is just waste of resources....

37. STARTTLS ≠ TLS
STARTTLS can simply be called to upgrade a plaintext
connection to TLS.

38. Summary
Disable SSL v2.0

39. Summary
Disable SSL v2.0
Use ECDHE wherever possible

40. Summary
Disable SSL v2.0
Use ECDHE wherever possible

41. Summary
Disable SSL v2.0
Use ECDHE wherever possible
Do not trust default pkgs

42. < Thank you >