Maximizing Performance with SPDY & SSL. Billy

(1)

Maximizing Performance

with SPDY & SSL

Billy Hoffman

(2)

(3)

(4)

(5)

Cast of Characters

•  TCP •  HTTP •  SSL

•  X.509 Certificate

•  Cryptography (asymmetric & symmetric) •  SPDY

(6)

(7)

HTTP/SPDY/SSL Sandwich

•  SPDY encapsulates HTTP requests

–  Single Multiplexed stream

(8)

Today’s Focus

•  Setting the Stage for SPDY

–  Can speak SSL with a server

–  Can create a valid SSL connection

–  Client and Server agree to use SPDY

•  Optimizing SPDY

–  Optimizing SSL

–  Optimizing SPDY

–  Avoiding optimizations that hurt SPDY

(9)

SETTING THE STAGE FOR

SPDY

(10)

SSL Connectivity

•  Hostname resolves •  IP is reachable

•  Web server is listening on SSL port •  Web server understands SSL

•  Web server knows which site you want

(11)

(12)

Creating a Valid SSL connection

•  Agreement on

crypto algorithms •  X.509 certificate is

(13)

(14)

(15)

(16)

X.509 Cert: Is it Trusted?

•  Do I trust the issuer?

–  If not, was it signed by someone I trust?

•  Has it been revoked?

–  CRL lists

(17)

Agreeing to Use SPDY

•  Client tells server it supports SPDY •  Server tells client it supports SPDY •  Client sends SPDY over SSL

(18)

SSL Handshake

Microsoft Technet: Host TLS/SSL Works

(19)

Announcing SPDY support in the

SSL Handshake

Microsoft Technet: Host TLS/SSL Works http://bit.ly/16Zx0en + Ext: 13172/ALPN + NPN/ALPN + Ext:13172/ ALPN

(20)

(21)

(22)

Review: Speaking SPDY

•  Client resolves and connects to SSL port •  Client announces SPDY support inside

ClientHello

•  Server announces SPDY support in ServerHello

•  Client validates X.509 cert, finalized SSL connection

(23)

(24)

The SSL Tarpits

•  SSL handshake requires 2 round trips •  Certificates can be large

•  Certificates need to be validated •  Keys can be too large

(25)

The SSL Handshake is Costly!

(26)

Resume SSL Session

•  Avoid regenerating keys •  Avoid unneeded trips

•  2 methods

(27)

•  Both sides keep state/cache •  Reuse based on id

•  Widely supported

http://bit.ly/16Zx0en

sessionid: 3a8a…

Big cache of all ids given

out, and associated keys/ciphers

(28)

•  Client stores “Magic Ticket” •  RFC 5077, optional

•  No IIS support

Microsoft Technet: Host TLS/SSL Works http://bit.ly/16Zx0en Encrypted summary of keys/ciphers, signed by server Verifies summary is valid, uses values

Session Tickets

(29)

(30)

False Start: Not Gone

•  “The Failure of False Start” •  Chrome still does it!

–  Desktop and mobile

•  Any server that supports NPN! (with forward secure)

–  Any server with SPDY support…

(31)

(32)

(33)

OCSP Stapling

•  Good in theory, bad in practice

(34)

Oversized Asymmetric Keys

•  1024 is fine

•  2048 for banks •  Anything more is

(35)

Cipher Order/Choice Matters

•  RC4 is the best •  Unless on a

machine with AES-NI

–  Intel i7, Xeons,

some AMD

–  Not most virtual

machines!!!

•  First match wins

(36)

Is SSL really helping you?

•  SSL doesn’t “secure” your website

–  Prevents eavesdropping, tampering

–  Not XSS, CSRF, SQL Injection,

Unpatched/out-of-date software, RCE, LFI, etc.

•  Consider: NULL-MD5, NULL-SHA •  SSL with no encryption

(37)

“Does this really matter?”

•  Seriously?

•  1024 more bytes in key?

•  2 more kilobytes in the X.509 cert? •  Accidently using AES-256?

(38)

(39)

SPDY Optimization

•  SPDY only works over SSL

•  Ensure that all your traffic if over SSL •  HTTP 301 direct for http: to https:

–  Add a cache-control header!

•  HTTP Strict Transport Security (HSTS)

–  Like the browser’s cache, but for protocol

access. Make (semi) far future

–  Wide support (>90% of SPDY capable

(40)

Avoid These Optimizations

•  Domain Sharding

–  Hack to request multiplexing, not needed

–  Hurts SPDY by spreading requests out

•  JavaScript CDNs

–  These are a horrible blight on the web!

– 

http://statichtml.com/2011/google-ajax-libraries-caching.html

–  https://github.com/h5bp/html5-boilerplate/

(41)

(42)

(43)

(44)

(45)

SSL/SPDY Optimization Check List

•  Website responds over SSL/443

•  Website has NPN extension (even without SPDY for False Start)

•  X.509 certificate is valid •  X.509 chain is short

•  SSL Asymmetric keys are <= 2048

•  Cipher is RC4 (or AES-128 if supports dedicated instructions)

(46)

SSL/SPDY Optimization Check List

•  SSL session resumption is enabled (both identifiers and tickets)

•  No SSL compression

•  Website is using latest version of SPDY •  HTTP permanently (301) redirects to

HTTPS (including cache header)

•  HTTPS sends HTTP Strict Transport Security header

(47)

Great Resources

•  Ivan Ristic (blog.ivanristic.com)

•  Adam Langley (www.imperialviolet.org) •  Mark Nottingham (www.mnot.net/blog/) •  Qualys SSL Labs (ssllabs.com)

(48)

Free Performance Assessment

(49)