The SSL and TLS protocols are critical to online security and performance. This session discusses how the SSL and TLS protocols work and how they are integrated with many AWS services such as Amazon CloudFront, Elastic Load Balancing, and Amazon S3. Learn how technologies such as Perfect Forward Secrecy and HSTS can be used to protect end-user data, and why browsers and servers are now removing support for version 3 of the SSL protocol, SHA-1 signatures and some encryption algorithms such as RC4. By the end of the session you'll be able to understand each of these technologies and how to adapt to the changing security landscape.

1. November 12, 2014 | Las Vegas, NV
Colm MacCárthaigh, Amazon Web Services

2. Secrecy Tamper proofAuthentication

3. 1991 1994 1996 1999 2006 2008 2015

4. Bleichenbacher
1998
Vaudenay
2002
Pizza
2008
Reneg
2009
BEAST
2011 Alert
2012
CRIME
2012
POODLE
2014
2012
RSA-1024
2013
RC42004
MD5
SSLv2
1995
SHA1
2011
2013
Lucky13
2014
3SHAKE

5. 1991 1994 1996 1999 2006 2008 2015

6. 1991 1994 1996 1999 2006 2008 2015
Legacy
Clients

8. Public/Private
key
encryption
Shared key
encryption
Signatures
Hashes/Check
sums

9. colmmacc% ls -la /usr/bin/gcc
-rwxr-xr-x 1 root wheel 14160 Sep 26 19:06 /usr/bin/gcc
colmmacc% cat /usr/bin/gcc | shasum -a 256
24858b1cfa6ca73fd07ba4d5ea9df0e8f123930fbecff1541b13ca9522a34837
Hashes/Checksums

10. colmmacc% openssl speed rsa escdsa aes-128-cbc
67k/sec 133k/sec
747k/sec

11. Public/Private
key
encryption
Signatures
Hashes/Check
sums

12. Internet Protocol
Transmission Control Protocol
TLS
Application Protocol (HTTP, SMTP, SQL … )

13. 2Use public/private
keys to authenticate
and to establish a
shared secret
3Use the shared
secret to encrypt
and decrypt data
1Say hello and agree
on the algorithms to
use

14. Server
Hello
Server
Cert
Server
Key
Client
Key
Client
Finished
Server
Finished
App
Data
App
Data
Client
Hello

15. Client
Hello
Server
Hello
Server
Cert
Server
Key
Client
Key
Client
Finished
Server
Finished
App
Data
App
Data
2 31

16. Client
Hello
Server
Hello
Server
Cert
Server
Key
Client
Key
Client
Finished
Server
Finished
App
Data
App
Data
1 3

17. Client
Hello
Server
Hello
Server
Cert
Server
Key
Client
Key
Client
Finished
Server
Finished
App
Data
App
Data

18. Client protocol version, client time, 28 bytes of randomly generated data,
Client choice of Cipher Suites (in order of preference)
Server Name Indicator field
Cached Session ID / Cached Session Ticket
Client
Hello
Server
Hello
Server
Cert
Server
Key
Client
Key
Client
Finished
Server
Finished
App
Data
App
Data

19. 2 3

20. Public/
Private
Algorithm
Perfect
Forward
Secrecy
Shared
Secret
Algorithm
Record
Auth
Algorithm

21. Protocol version to use, server time, 28 bytes of randomly generated data,
The Cipher Suite to use
Session ID / Session Ticket
Client
Hello
Server
Hello
Server
Cert
Server
Key
Client
Key
Client
Finished
Server
Finished
App
Data
App
Data

22. Client
Hello
Server
Hello
Server
Cert
Server
Key
Client
Key
Client
Finished
Server
Finished
App
Data
App
Data

23. # Generate a 2048-bit RSA private key
openssl genrsa –out privkey.pem 2048
# Generate a certificate signing request
openssl req -new -key privkey.pem -out cert.csr
Client
Hello
Server
Hello
Server
Cert
Server
Key
Client
Key
Client
Finished
Server
Finished
App
Data
App
Data

24. # Generate an Elliptic Curve key
openssl ecparam –out privkey.pem –name prime256v1 –genkey
# Generate a certificate signing request
openssl req -new -key privkey.pem -out cert.csr
Client
Hello
Server
Hello
Server
Cert
Server
Key
Client
Key
Client
Finished
Server
Finished
App
Data
App
Data

25. 2012
RSA-10242004
MD5
SHA1
2011

26. Client
Hello
Server
Hello
Server
Cert
Server
Key
Client
Key
Client
Finished
Server
Finished
App
Data
App
Data
Nov 2014 Jan 2015 Jan 2015
31
Dec 2015

27. Client
Hello
Server
Hello
Server
Cert
Server
Key
Client
Key
Client
Finished
Server
Finished
App
Data
App
Data

28. O C S P
Client
Hello
Server
Hello
Server
Cert
Server
Key
Client
Key
Client
Finished
Server
Finished
App
Data
App
Data

29. Used for Perfect Forward Secrecy
A Diffie-Hellman public parameter is generated and sent to the client
Client
Hello
Server
Hello
Server
Cert
Server
Key
Client
Key
Client
Finished
Server
Finished
App
Data
App
Data

30. Perfect forward secrecy version:
Client sends another Diffie-Hellman parameter, encrypted using the server’s
public key
Legacy version:
Client sends a secret, encrypted using the server’s public key
Client
Hello
Server
Hello
Server
Cert
Server
Key
Client
Key
Client
Finished
Server
Finished
App
Data
App
Data

31. We’re finished and ready to send encrypted data.
There’s also a “Change cipher suite” message to initiate encryption.
Client
Hello
Server
Hello
Server
Cert
Server
Key
Client
Key
Client
Finished
Server
Finished
App
Data
App
Data

32. GET / HTTP/1.1
Host: aws.amazon.com
Accept-Encoding: gzip,deflate,sdch
Accept-Language: en-US,en;q=0.8
Client
Hello
Server
Hello
Server
Cert
Server
Key
Client
Key
Client
Finished
Server
Finished
App
Data
App
Data

33. Reneg
2009
2014
3SHAKE
Pizza
2008

34. Public/
Private
Algorithm
Perfect
Forward
Secrecy
Shared
Secret
Algorithm
Record
Auth
Algorithm

35. Message
Type
Protocol
Version
Record
Length
Encrypted
Message
Type
Protocol
Version
Record
Length
Encrypted Encrypted Encrypted

36. Message
Type
Protocol
Version
Record
Length
Encrypted
Message
Type
Protocol
Version
Record
Length
Encrypted Encrypted Encrypted
Message
Type
Protocol
Version
Record
Length
HMACData
Message
Type
Protocol
Version
Record
Length
HMACData
P
A
D

37. Bleichenbacher
1998
Vaudenay
2002
BEAST
2011
POODLE
2014
2013
RC42004
MD5
SHA1
2011
2013
Lucky13

38. Message
Type
Protocol
Version
Record
Length
Message
Type
Protocol
Version
Record
Length
Message
Type
Protocol
Version
Record
Length
HMACData
Message
Type
Protocol
Version
Record
Length
Encrypted
Initialization
Vector
Encrypted Encrypted
TAG
Data
P
A
D
Nonce

39. POODLE
2014

40. Message
Type
Protocol
Version
Record
Length
Encrypted Encrypted Encrypted
Message
Type
Protocol
Version
Record
Length
HMACData PAD

41. Message
Type
Protocol
Version
Record
Length
Encrypted Encrypted
Message
Type
Protocol
Version
Record
Length
HMACData PAD
Encrypted

42. Message
Type
Protocol
Version
Record
Length
Encrypted Encrypted Encrypted
Message
Type
Protocol
Version
Record
Length
HMAC PAD

43. BEAST
2011
POODLE
2014
Pizza
2008
CRIME
2012

44. GET / HTTP/1.1rnCookie:1 12

45. GET /a HTTP/1.1rnCookie: 1 21

46. ECDHE
DHE
No Perfect
Forward
Secrecy
AES-128
AES-256
3DES
RC4
ECDSA
RSA
GCM
SHA128
SHA256
SHA1
MD5

47. ECDHE AES-128ECDSA GCM

48. ECDHE AES-128ECDSA
SHA128

49. ECDHE AES-128ECDSA
SHA256

50. ECDHE AES-128ECDSA
SHA1

51. ECDHE AES-128ECDSA
MD5

52. ECDHE
AES-256
ECDSA GCM

53. No Perfect
Forward
Secrecy
RC4
RSA
SHA1

54. 11
NOV
12
NOV

58. H S T S
Strict-Transport-Security: mag-age=15768000, includeSubdomains

59. http://mozilla.github.io/server-side-tls/ssl-config-generator/

63. http://aws.amazon.com/security
SDD423 – Elastic Load Balancing Deep Dive
PFC303 – Milliseconds Matter

64. http://bit.ly/awsevals