This document summarizes a talk on using TLS (Transport Layer Security) and SSL (Secure Sockets Layer). It discusses the history and evolution of TLS protocols, vulnerabilities discovered over time like Heartbleed, and recommendations for secure TLS configuration. Key recommendations include using TLS 1.2, 2048-bit certificates, disabling insecure ciphers and SSLv3, enabling perfect forward secrecy, and verifying TLS configuration with tools like SSLyze and SSL Labs. The talk also demonstrates TLS configuration through Nginx and OpenSSL.

1. State-‐of-‐the-‐Art Using TLS
@duongkai
Security Bootcamp, Da Nang, 2014

2. /me
✓ Phạm Tùng Dương
✓ Solution Engineer @ISP
✓ Security Interested

3. This Talk is All About Using
When I say SSL
It means TLS
and/or SSL

4. It is can be written a book
Hope I can do
well in this talk!

5. Yeah, and Some…
It’s Soooo Sleepy!

6. Somewhere on the Earth…

7. SSL-‐by-‐default

8. It’s Important Than Ever

9. Protocol Attacks
✓2009: SSL Insecure Renegotiation
✓2011: BEAST
✓2012: CRIME
✓2013: RC4 biases, Lucky 13, BREACH
✓2014: POODLE

10. And in 2014
✓Heartbleed and CCS in OpenSSL
✓Goto in GnuTLS
✓BERserk in Mozilla NSS
➔ 3 Biggest SSL implementations

11. In Pentest Industry

12. You Are Doing Wrong
✓It’s too complex.
✓Crypto related is often hard to
understand.

13. SSL IN ACTION
Or Your Service Should Be SSL By Default!

14. SSL Version
✓ First developed in Netscape
✓ SSL v2: Oldest and broken
✓ SSL v3 (﴾1996)﴿. Old and almost secure.
✓ TLS 1.0 (﴾1999)﴿. Fine protocol
✓ TLS 1.1 (﴾2006)﴿. No known practical
attacks.
✓ TLS 1.2 (﴾2008)﴿. The most secure until now
✓ TLS 1.3 is being developed
https://www.trustworthyinternet.org/ssl-‐pulse/

15. SSL Version
✓ First developed in Netscape
✓ SSL v2: Oldest and broken
✓ SSL v3 (﴾1996)﴿. Old and almost secure. It
NOT SECURE NOW.
✓ TLS 1.0 (﴾1999)﴿. Fine protocol
✓ TLS 1.1 (﴾2006)﴿. No known practical attacks.
✓ TLS 1.2 (﴾2008)﴿. The most secure until now
✓ TLS 1.3 is being developed
https://www.trustworthyinternet.org/ssl-‐pulse/

16. Protocol In A Glance

17. Cipher Suite
DHE-‐RSA-‐AES256-‐SHA

18. Terms
✓CSR, Certificates, EV-‐Cert and CA.
✓Private key.
✓Block ciphers vs Stream ciphers
✓PFS (﴾Letter E)﴿: Perfect Forward Secrecy
✓Curves and Curves: Elliptic Curve
✓X509, PEM, PKCS#12 and conversion.
✓OpenSSL

19. Checklist
1. Updated the latest version (﴾OS, software)﴿
2. Get an 2048-‐bit certificates from CA. Better if it supports SHA256
3. Know your legacy.
4. Configure TLS on your system.
5. Verify TLS configuration with your own hands.

20. Explanation
2. Get an 2048-‐bit certificates from CA. Better if it supports SHA256
✓ 1024 bit is weak and can be broken easily.[1]
[1]https://isc.sans.edu/diary/Confusion+over+SSL+and+1024+bit+keys/18775
✓ SHA192 is on the way to be deprecated[2]
[2]https://konklone.com/post/why-‐google-‐is-‐hurrying-‐the-‐web-‐to-‐kill-‐sha-‐1
✓ 4096 is consuming CPU too much
3. Know your legacy
✓ Supported protocol version.
✓ Supported cipher suites.
✓ Your compliance.

21. Explanation
4. Configure TLS on your system.
✓ Avoiding insecure ciphers: RC4, DES, 3DES, MD5, SHA1,…
✓ Turn off SSLv3 support
✓ Turn off compression
✓ AES-‐128 is good enough (﴾both secure and faster)﴿.
✓ Enable PFS if supported.
✓ Switch to using Poly1350, Salsa-‐20 and EC
✓ Reference
https://wiki.mozilla.org/Security/Server_Side_TLS#Recommended_Ciphersuite
https://bettercrypto.org/static/applied-‐crypto-‐hardening.pdf

22. Explanation
ssl_protocols
SSLv3
TLSv1
TLSv1.1
TLSv1.2;
ssl_ciphers
EECDH+AES128:RSA+AES128:EECDH+AES256:RSA
+AES256:EECDH+3DES:RSA+3DES:EECDH+RC4:RSA+RC4:!MD5;
ssl_prefer_server_ciphers
on;
CloudFlare config: https://github.com/cloudflare/sslconfig/blob/master/conf

23. Explanation
ssl_protocols
SSLv3
TLSv1
TLSv1.1
TLSv1.2;
ssl_ciphers
EECDH+AES128:RSA+AES128:EECDH+AES256:RSA
+AES256:EECDH+3DES:RSA+3DES:EECDH+RC4:RSA+RC4:!MD5;
ssl_prefer_server_ciphers
on;
CloudFlare config: https://github.com/cloudflare/sslconfig/blob/master/conf

24. 24

25. Explanation: A+
ssl_certificate
/etc/nginx/ssl/server.crt;
ssl_certificate_key
/etc/nginx/ssl/server.key;
ssl_trusted_certificate
/etc/nginx/ssl/AddTrustExternalCARoot.crt;
ssl_dhparam
/etc/nginx/ssl/dhparam.pem;
#
Session
Resumption
ssl_session_timeout
20m;
ssl_prefer_server_ciphers
on;
ssl_session_cache
shared:SSL:20m;
#
Enable
OCSP
stapling
(req.
nginx
v
1.3.7+)
ssl_stapling
on;
ssl_stapling_verify
on;
ssl_protocols
TLSv1.2
TLSv1.1
TLSv1;
ssl_ciphers
ECDHE-­‐RSA-­‐AES256-­‐GCM-­‐SHA384:ECDHE-­‐RSA-­‐AES128-­‐SHA256:ECDHE-­‐RSA-­‐AES128-­‐SHA:DHE-­‐RSA-­‐
AES128-­‐SHA:RC4-­‐SHA;
…
add_header
Strict-­‐Transport-­‐Security
"max-­‐age=31536000;
includeSubdomains";
https://gist.github.com/kennwhite/25183c3f05266ee0ad7f

26. Explanation
5. Verify TLS configuration with your own hands.
✓ Openssl s_client
✓ Cipherscan and some browser tools
✓ https://www.howsmyssl.com/
✓ https://cc.dcsec.uni-‐hannover.de/
✓ iSec Partner SSLyze
✓ SSLLabs (﴾https://www.ssllabs.com/)﴿
✓ Make your hands dirty

27. If I have enough time…
DEMO TIME
27

28. Reference
[1] HTTPS Everywhere, Ilya Grigorik
https://docs.google.com/presentation/d/15H8Sj-‐Zol1tcum0CSylhmXns5r7cvNFtzYrcwAzkTjM/
present#slide=id.g12f3ee71d_10
[2] SSL Pulse Project
https://www.trustworthyinternet.org/ssl-‐pulse/
[3] How is my SSQL now
https://www.howsmyssl.com/
[4] The Art and Science of SSL Configuration, Nick Galbreath
https://speakerdeck.com/ngalbreath/the-‐art-‐and-‐science-‐of-‐ssl-‐configuration
[5] Bulletproof TLS and SSL, Ivan Ristic, ISBN: 978-‐1907117046
!
Special Thanks to authors of photos about Da Nang and Hoi An (on Flickr):
pierre_thach, nemesis1903 28

29. 29
Q&A