Secure
Sockets Layer (SSL) and
Transport
Layer Security (TLS) are
modern technologies to secure communication between different
systems.
Hyper
Text Transfer Protocol (HTTP) in versions 1.1 and older was
making encryption
optional but
HTTP
2.0 will require use of TLS.
A
commonly referred to as SSL server can be set using Apache HTTP
server in combination with mod_ssl
and the OpenSSL
toolkit.
Installation
. On Red/Hat systems : yum
install mod_ssl openssl
This will create the
mod_ssl
configuration
file at /etc/httpd/conf.d/ssl.conf
In
the Internet
Protocol Suite,
TLS and SSL encrypt
the communication in the application layer. In
OSI
TLS/SSL
is initialized at layer 5 (session)
and
works at layer 6 (presentation). The
session layer establish cipher settings with
an asymetric cipher and a shared key for that session then the
presentation layer encrypts with a symetric cipher that session key. TLS
is an Internet
Engineering Task Force
(IETF)
standard
protocol,
designed to prevent eavesdropping
and
tampering.
SSL/TLS Keys
and Certificates :
SSL/TLS
uses certificates to identify the connections. You can generate your
own certificate or get it from a Certification Authority. Authority
Certificates are often issued for a particular IP adress and domain
name, sometimes, in the case of VeriSign also with a running software
parameter to define the certificate properties so if you change IP or
name or modify your software configuration you will have to ask for
another certificate.
The
Public
Key Infrastructure access-list
is
stored in the PKI folder /etc/pki/
- especially for TLS in :
/etc/pki/tls/
/etc/pki/tls/private/
/etc/pki/tls/certs/
The
directory /etc/pki/ca-trust/extracted/openssl/ contains CA
certificate bundle files which are automatically created based on the
information found in the /usr/share/pki/ca-trust-source/ and
/etc/pki/ca-trust/source/
directories.
If
you wish to use an existing key and certificate, move the relevant
files to the /etc/pki/tls/private/
and/etc/pki/tls/certs/
directories
respectively.
:
~]# mv
key_file.key
/etc/pki/tls/private/
hostname
.key
~]# mv
certificate
.crt
/etc/pki/tls/certs/
hostname.crt
Then
add the following lines to
the /etc/httpd/conf.d/ssl.conf
configuration
file:
SSLCertificateFile /etc/pki/tls/certs/hostname
.crt
SSLCertificateKeyFile /etc/pki/tls/private/hostname
.key
Restart
the httpd
service
To
Generate your own certificates, run
the command : #
openssl genrsa -out ca.key 2048
root@localhost Documents# openssl genrsa -out ca.key 2048
Generating RSA private key, 2048 bit long
modulus
..........................................+++
............................+++
e is 65437 (0x01001)
Now
Copy all certifates and keys to /etc/pki/tls/ folders
[root@system
~]# cp ca.crt /etc/pki/tls/certs
[root@system
~]# cp ca.key /etc/pki/tls/private/ca.key
[root@system
~]# cp ca.csr /etc/pki/tls/private/ca.csr
Correct
SELinux Contexts : [root@system
~]# restorecon -RvF /etc/pki Now
Open SSL.conf file to configure the APACHE SSL and replace the
certificate / key paths : [root@opensourceeducation
~]# vi +/SSLCertificateFile /etc/httpd/conf.d/ssl.conf
ssl.conf
example
configuration file Linux RedHat / Fedora
Listen 443 https
SSLRandomSeed
startup file:/dev/urandom 512
<VirtualHost
_default_:443>
DocumentRoot
"/var/www/html"
ServerName
newgoogle.org:443
ErrorLog
logs/ssl_error_log
TransferLog
logs/ssl_access_log
LogLevel Debug
SSLEngine on
SSLProtocol +SSLv3
+TLSv1 +TLSv1.1 +TLSv1.2
SSLCipherSuite
HIGH:!aNULL:!MD5
SSLCertificateFile
/etc/pki/tls/certs/localhost.crt
SSLCertificateKeyFile
/etc/pki/tls/private/localhost.key
#SSLVerifyClient
require
#SSLVerifyDepth
10
|
SSL/TLS Algorithms
SSL
2.0 is out-passed, SSL 3.0 served as base for development of TLS 1.0,
1.1, 1.2. This
definition :
SSLProtocol
+SSLv3 +TLSv1 +TLSv1.1 +TLSv1.2
gives
accesses to a wide range of current protocols but recent
attacks modes like BEAST
attacks can
break SSL3.0/TLS1.0. Forward
Secrety seems to be te most secured protocol in use today.
The line :
SSLCipherSuite
HIGH:!aNULL:!MD5
defines
strong encryption only for the ciphering
While with the
following command you can specify specific
speed-optimized ciphers depending on your clients
SSLCipherSuite
RC4-SHA:AES128-SHA:HIGH:!aNULL:!MD5
SSLHonorCipherOrder on
SSL/TLS Attacks Types
SSL/TLS
Attacks Types Table :
Renegotiation
attack
|
Vulnerability
of the renegotiation procedure
plain
text injection of SSH sessions allowing an
attacker to splice their own requests into the beginning of the
conversation the client has with the web server. No
decryption from the communication. Different from
a typical man-in-the-middle attack.
|
Version
rollback attacks
|
Modifications
to the client
cipher suite to get a weaker certificate. Protocols,
like snap
start or False
Start
(used
in Google
Chrome) allowed
modification to
the cipher suite list sent by the client to the server. |
BEAST
attack
|
BEAST
(Browser
Exploit Against SSL/TLS)
using
a
Java
program CBC (cipher block Chaining) vulnerability in TLS1.0 fixed
in TLS1.1 |
CRIME
and BREACH attacks
|
CRIME
attack allow an attacker to recover the content of cookies when
HTTP
compression is used along with TLS to perform web session
hijacking.
BREACH
based
on the CRIME attack can extract login tokens, email addresses or
other sensitive information from TLS encrypted web traffic. CRIME
can be fixed by turning off HTTP compression or SPDY header. BREACH
exploits HTTP compression which cannot be turned really
off,
as many
WWW servers use it to improve their own performance. This
is a known limitation of TLS as it is susceptible to
chosen-plaintext
attack against
the application-layer data. |
Padding
attacks
|
Earlier
TLS versions were vulnerable against the padding
oracle attack
discovered in 2002. A novel variant, called the Lucky
Thirteen attack,
was published in 2013. As of February 2013, TLS implementors were
still working on developing fixes to protect against this form of
attack. |
RC4
attack
|
new
attacks disclosed in March 2013 allowed RC4 in TLS to be feasibly
completely broken. In 2011 the RC4 suite was actually recommended
as a work around for the BEAST
attack. |
Truncation
attack
|
A
TLS truncation attack blocks a victim's account logout requests so
that the user unknowingly remains logged into a web service. When
the request to sign out is sent, the attacker injects an
unencrypted TCP
FIN message (no more data from sender) to close the connection.
The server therefore doesn't receive the logout request and is
unaware of the abnormal termination.[126] |
Heartbleed
Bug
|
The
Heartbleed
bug was
a serious vulnerability in OpenSSL
affecting versions 1.0.1 to 1.0.1f. This weakness allows stealing
the information protected, under normal conditions, by the SSL/TLS
encryption used to secure the data payloads. |
SSL/TLS Useful Websites
http://httpd.apache.org/
http://www.modssl.org/
http://www.openssl.org/