We think you have liked this presentation. If you wish to download it, please recommend it to your friends in any social system. Share buttons are a little bit lower. Thank you!
Presentation is loading. Please wait.
Published byStefan Haskett
Modified about 1 year ago
SSL/TLS Trends, Practices, and Futures Brian A. McHenry, Security
© F5 Networks, Inc. 2 1.Global SSL Encryption Trends and Drivers 2.A Few “Best” Practices 3.Solutions 4.What’s Next? Agenda
© F5 Networks, Inc. 3 Worldwide spending on information security will reach $71.1 billion in 2014 Worldwide spending on information security will reach $71.1 billion in 2014 Data loss prevention segment recording the fastest growth at 18.9 percent Data loss prevention segment recording the fastest growth at 18.9 percent, By 2015, roughly 10% of overall IT security enterprise product capabilities will be delivered in the cloud By 2015, roughly 10% of overall IT security enterprise product capabilities will be delivered in the cloud Regulatory pressure will increase in Western Europe and Asia/Pacific from 2014 Regulatory pressure will increase in Western Europe and Asia/Pacific from 2014 Gartner Says Worldwide Information Security Spending Will Grow Almost 8 Percent in 2014
© F5 Networks, Inc. 4 IoE E-CommercePrivacyMobility SnowdenSnowdenSnowdenSnowden Trajectory and Growth of Encryption Customer Trends: PFS/ECC Demanded PFS/ECC Demanded SSL Labs Application Scoring SSL Labs Application Scoring Emerging Standards: TLS 1.3, HTTP 2.0/SPDY TLS 1.3, HTTP 2.0/SPDY RSA -> ECC RSA -> ECC Thought Leaders and Influence: Google: SHA2, SPDY, Search Ranking by Encryption Google: SHA2, SPDY, Search Ranking by Encryption Microsoft: PFS Mandated Microsoft: PFS Mandated MARKET AMPLIFIERS SSL growing ~30% annually. Entering the Fifth wave of transition (IoE) Source: Netcraft Millions of Certificates (CA) Years
© F5 Networks, Inc. 5 Timeline of SSL Vulnerabilities & Attacks February 2010 September 2011 February 2013 March 2013 … April 2014 RC4 Attacks Weakness in CBC cipher making plaintext guessing possible BEAST & CRIME Client-side or MITB attacks leveraging a chosen-plaintext flaw in TLS 1.0 and TLS compression flaws RFC 5746 TLS extension for secure renegotiation quickly mainstreamed Lucky 13 Another timing attack. August 2009 Insecure renegotiation vulnerability exposes all SSL stacks to DoS attack TIME A refinement and variation of CRIME Heartbleed The end of the Internet as we know it!
© F5 Networks, Inc. 6 SSL Intelligence and Visibility (Full Proxy) Enterprise key & Certificate Management Advance HSM Support: High Performing HSM options High Performing HSM options Virtualized low-bandwidth options Virtualized low-bandwidth options Market Leading HSM Vendor Support Market Leading HSM Vendor Support Flexible & Scalable Encryption: Optimized SSL in Hardware and Software Optimized SSL in Hardware and Software Cipher Diversity (RSA, ECC, DSA) Cipher Diversity (RSA, ECC, DSA) SSL Visibility: Proxy SSL & Forward Proxy SSL Visibility: Proxy SSL & Forward Proxy SSL Traffic Intelligence: SSL Traffic Intelligence: HSTS, HTTP 2.0/SPDY, OCSP Stapling, TLS Server Session Ticket HSTS, HTTP 2.0/SPDY, OCSP Stapling, TLS Server Session Ticket Fully Automated Key and Certificate Management: For all BIG-IP platforms For all BIG-IP platforms For all vendor platforms For all vendor platforms 3 rd Party Integration for best- in-class key encryption: Venafi, Symantec/ VeriSign 3 rd Party Integration for best- in-class key encryption: Venafi, Symantec/ VeriSign PKI Supported Environments PKI Supported Environments The Three Pillars of Effective SSL/TLS Encryption Hardware Security Modules
© F5 Networks, Inc. 7 Data Protection: Microsoft and Google Expands Encryption
© F5 Networks, Inc. 8 Not all curves are considered equal Different Authorities: US NIST (US National Institute of Standards) with (recently superseded in 2009 by the new186-3)NIST US ANSI (American National Standard Institute) with X9.62ANSIX9.62 US NSA (National Security Agency) Suite-B Cryptography for TOP SECRET information exchangeNSASuite-B CryptographyTOP SECRET International SACG (Standards for efficient cryptography group) with Recommended Elliptic Curve Domain ParametersSACGRecommended Elliptic Curve Domain Parameters German ECC Brainpool withECC Brainpool with their Strict Security RequirementsECC BrainpoolStrict Security Requirements ECC Interoperability Forum composed by Certicom, Microsoft, Redhat, Sun, NSA ECC Interoperability Forum If You Thought Encryption was confusing… ECC, PFS and Curves
© F5 Networks, Inc. 9 Not all curves are considered equal Different Names: Secp246r1, Prime256v1, NIST P-256 Different Kinds of Curves: ECC over Prime Field (Elliptic Curve) ECC over Binary Field (Koblitz Curve) Other Curves: Curve25519 (Google) Mumford (Microsoft) Brainpool If You Thought Encryption was confusing… ECC, PFS and Curves
Some SSL Best Practices
© F5 Networks, Inc. 11 Google has begun adjusting page rank based on SSL implementations Google has begun adjusting page rank based on SSL implementations F5 customers have third-party/B2B requirements for strong encryption F5 customers have third-party/B2B requirements for strong encryption SSL Labs’ Pulse tool has made testing easy SSL Labs’ Pulse tool has made testing easy Users and businesses are choosing services based on Pulse grades Users and businesses are choosing services based on Pulse grades SSL: Not Just for Security
© F5 Networks, Inc. 12 Require Secure Renegotiation Require Secure Renegotiation Disable SSLv2 and SSLv3 Use an explicit, strong cipher string, such as: Disable SSLv2 and SSLv3 Use an explicit, strong cipher string, such as: !SSLv3:!TLSv1:!EXPORT:!DH:!MD5:!RC4:RSA+AES:RSA+3DES:ECDHE+AES:ECDHE+ !SSLv3:!TLSv1:!EXPORT:!DH:!MD5:!RC4:RSA+AES:RSA+3DES:ECDHE+AES:ECDHE+ Prefer Perfect Forward Secrecy (PFS) Prefer Perfect Forward Secrecy (PFS) Done via prioritizing Ephemeral (DHE, ECDHE) ciphers in the string above Done via prioritizing Ephemeral (DHE, ECDHE) ciphers in the string above Enable HTTP Strict Transport Security (HSTS) Enable HTTP Strict Transport Security (HSTS) RFC 6797 RFC 6797 Achieving A+ Grades on SSLLabs.com
© F5 Networks, Inc. 13 HSTS is enabled by the “Strict-Transport-Security” HTTP header e.g.: Strict-Transport-Security: max-age= ; includeSubDomains; preload When received, browsers will: Automatically convert HTTP references to HTTPS references Disallow certificate exemptions (self-signed, etc.) Cache HSTS information and reuse stored values for new sessions More detail: HTTP Strict Transport Security AVAILABLE IN 12.0
© F5 Networks, Inc. 14
© F5 Networks, Inc. 16 HTTP/2 ratified this month. RFC due soon RFC due soon ALPN integrates application protocol negotiation into the TLS handshake ALPN integrates application protocol negotiation into the TLS handshake TLS encrypted by default TLS encrypted by default TLS 1.3 RFC expected in April 2016 Remove renegotiation Remove renegotiation AEAD ciphers only AEAD ciphers only TLS 1.3 and HTTP/2 Update
© F5 Networks, Inc. 17 A Quick Primer on Certificate Revocation If a SSL certificate is stolen or compromised, sites need a way to revoke the certificate so it will no longer be trusted. Revocation is handled by either CRL or OCSP. CRL: Certificate Revocation List The browser retrieves the list of all revoked certificates from the CA. The browser then parses the whole list looking for the certificate in question. OCSP: Online Certificate Status Protocol The browser sends the certificate to the CA for validation. The CA responds that the certificate is good, revoked, or unknown. OCSP is more efficient than CRL, but there’s room for improvement! New Feature: OCSP Stapling
© F5 Networks, Inc. 18 OCSP and CRL checks add significant overhead: OCSP and CRL checks add significant overhead: DNS (1334ms) DNS (1334ms) TCP handshake (240ms) TCP handshake (240ms) SSL handshake (376ms) SSL handshake (376ms) Follow certificate chain (1011ms) Follow certificate chain (1011ms) DNS to CA (300ms) DNS to CA (300ms) TCP to CA (407ms) TCP to CA (407ms) OCSP to CA #1 (598ms) OCSP to CA #1 (598ms) TCP to CA #2 (317ms) TCP to CA #2 (317ms) OCSP to CA #2 (444ms) OCSP to CA #2 (444ms) Finish SSL handshake (1270ms) Finish SSL handshake (1270ms) Add up the time for each step and you'll see that over 30% of the SSL overhead comes from checking whether the certificate has been revoked. Add up the time for each step and you'll see that over 30% of the SSL overhead comes from checking whether the certificate has been revoked. These checks are serial and block downloads. These checks are serial and block downloads. OCSP & CRL Checks Hurt Performance This portion is revocation check overhead.
© F5 Networks, Inc. 19 OCSP Stapling allows the server to attach CA signed information regarding the certificates validity. Processing with OCSP enabled: DNS (1334ms) DNS (1334ms) TCP handshake (240ms) TCP handshake (240ms) SSL handshake (376ms) SSL handshake (376ms) Follow certificate chain (1011ms) Follow certificate chain (1011ms) Process OCSP Data (10ms) Process OCSP Data (10ms) Finish SSL handshake (1270ms) Finish SSL handshake (1270ms) OCSP Stapling also eliminates communication with a third party during certificate validation. This may be considered better security since it prevents information leakage. OCSP Stapling to the Rescue
Chapter 10 Implementing Electronic Commerce Security Gary Schneider, 2003.
1 IETF Security Tutorial Radia Perlman Intel Labs July 2010
What happened to IPv5? and other oft asked IPv6 questions The Internet Society, IPv6 and You Susan Estrada.
Windows 2008 Active Directory Configuration – Week 3 of 6 Microsoft Test: Mark McCoy MCSE, CNE, CISSP.
ViPNt ViPNet Product Presentation Infotecs GmbH 2008.
Version 4.1 CCNA Discovery 2– Chapter 7. Contents 7.1: ISP Services : TCP / IP Protocols 7.2: 7.3: DNS 7.3: 7.4: Application Layer Protocols 7.4.
Working with the Internet 2 Information Technology Working with the Internet This presentation will explore: Internet workings & uses facilities.
Network Security Protecting An Organizations Network.
Ravi Rao Senior Program Manager Microsoft Corporation WSV303.
Technology that changes everything. About this Powerpoint Show The prime objective of this PPT is to introduce GP partners to the scope and depth of Trinitys.
How to secure an information security environment January 15, 2014 Lance P. Hawk CFE, CGEIT, CISA, CISM, CRISC
1 A Cloud Reference Framework … for discussion only … Please send comments and suggestions to Bhumip Khasnabish Friday,
Enabling Secure Internet Access with ISA Server. Enabling Secure Access to Internet Resources What Is Secure Access to Internet Resources? –Users can.
Bank of America Merchant Services ASTRA Meeting Shirley Davis, Relationship Manager JD Wilks, Technical Relationship Manager Melinda Speer, Strategic Account.
Scalability and efficiency: Introducing a new mechanism to the internet must not jeopardize its efficiency. Enhancing IP for mobility must not generate.
XML Signature 2.0. Timelines 2002 – XML Signature – XML Signature 1.0, 2 nd edition –Adds support for Canonicalization 2009 end – XML Signature.
Digital Object Architcture An open approach to Information Management on the Net Bibliotheca Alexandrina Dr. Robert E. Kahn Corporation for National Research.
Sofía Silva Berenguer lacnic.net Paramaribo - Surinam Internet Exchange Points Workshop.
Chapter  Internet And Other Technologies Created By Manish Mathur.
An Introduction to Distributed Security Concepts and Public Key Infrastructure (PKI) Mary Thompson.
Introduction Purpose of Session: - Provide Overview Web Application Security Threats and Defense Using the Open Web Application Security Project (OWASP)
M-COMMERCE Md. Rashedul Hasan. The Wireless Revolution We are seeing a widespread convergence in wireless technology and the services it offers. If content.
Joey Snow Technical Evangelist Microsoft Corporation Session Code: WSV207.
ERP and E-Business- An Overview Based on the book Enterprise Resource Planning Solutions and Management by Flona Fui-Hoon Nah, Idea Group Publishing 2001.
Call Recording Made Easy Presented by Barbara Courneya National Director of Contact Center Technology Avaya Certified Contact Center Expert ,
© 2016 SlidePlayer.com Inc. All rights reserved.