SSL BEST PRACTICES OVERVIEW

SSL BEST PRACTICES OVERVIEW

© 2015 Entrust Datacard Corporation. All rights reserved.

77.9% of sites are HTTP

5.2% have an incomplete chain

19.2% support weak/insecure

cipher suites

42.3% support SSL 3.0

https://www.trustworthyinternet.org/ssl-pulse/

83.1% vulnerable to BEAST attack

5.5% vulnerable to CRIME attack

36.7% do not support Forward Secrecy

THESE PROBLEMS ARE PERVASIVE

77.9% 5.2% 19.2% 42.3%

83.1% 5.5% 36.7%

YOU ARE RESPONSIBLE!

SSL/TLS Protocol

Defense Evolving Standards

Ex. POODLE

Responsibility IETF

Protocol Implementation

Defense Bug free deployment

Ex. Heartbleed

Responsibility Server Browser vendors

CA Implementation

Defense Evolving CA Rqmts

Ex. DigiNotar

Responsibility CA Browser Forum,

Browsers and CA’s

SERVER

IMPLEMENTATION

Responsibility=

YOU

© 2015 Entrust Datacard Corporation. All rights reserved.

•Private Key Protection

•Key Size

•Signing Algorithm

•Self-signed Certificates

Private Keys

© Entrust, Inc. All rights reserved.

Private Key Public Key

Best Practice: Keysize

• 2048 bit RSA Keys

• Elliptic Curve P-256 or P-384

• > 2048 bit keys are not necessary

• Used to compute secure session

• If compromised, session could be compromised or identity can be forged

Best Practice: Private Key Protection

• Password protect private keys

• Restrict access to private keys

• Mark keys as non exportable

• Create new keys when renewing/replacing certificates

• Revoke compromised keys

• Consider storing high value keys on hardware

• 1 Key per device, avoid private key duplication

Certificate Signing Algorithms

Best Practice: Signing Algorithms

• Use SHA-2 for all new certificates

• Replace SHA-1 certificates with SHA-2

• SHA-1 is a secure hashing algorithm that puts a unique identity in the

signature for a certificate that “cannot be duplicated” for another certificate

• SHA-1 is showing weakness and is being replaced with SHA-2

• Chrome V41 will deprecate usage of SHA-1 on certs expiring 2016 and beyond

• SHA-1 will be fully deprecated in 2017

© 2015 Entrust Datacard Corporation. All rights reserved.

•Secure Protocols

•Secure Cipher Suites

•Valid Certificate Chains

•Renegotiation

•TLS Compression

•Session Resumption

Certificate Chains

Root

End Entity Issuing CA

• All Public Certificate Authorities are required to issue certificates from a subordinate CA, leaving the root offline

• The chain certificate is not embedded in client devices

• The server must present the certificate chain to the client

• Certificate Chains are commonly misconfigured, resulting in a certificate not trusted dialogue for end users

Best Practices: Certificate Chains

• Follow your vendors device specific chain installation instructions

• Use SSL Checkers to verify that the complete chain is presented by your server – do not rely on browser testing!

Protocols

© Entrust, Inc. All rights reserved.

• Protocol for secure session is negotiated between what the server and client support

• Accepted protocols can be controlled at the server level SSL/TLS Protocol List:

• SSL v2 - Insecure

• SSL v3 - Insecure when used with HTTP, should be avoided

• TLS 1.0 – Largely insecure, should be avoided

• TLS 1.1 - Secure

• TLS 1.2 - Secure Best Practices: Protocols

• TLS 1.2 should be the main protocol used

• Enable TLS 1.0 and 1.1 for maximum client support, using other configuration to

mitigate potential vulnerabilities

Cipher Suites

Caesar Cipher

One of the oldest ciphers ever used

• In SSL/TLS, Ciphers Suites are used to define how secure communication and encryption takes places

• Collection of encryption algorithms – if one is found to be weak, switch to another

• Ciphers configured at the server level – client must support ciphers enabled by server Best Practices: Cipher Suites

• Only use suites that support authentication, encryption of 128 bits or higher

• Avoid suites with weak ciphers (40 & 56 bits)

• Avoid CBC encryption mode

• RC4 is considered weak and it should be disabled – consider interoperability impact first as this is widely used by clients

• Use Validation Tools such as SSL Labs to check to see if your server is accepting insecure ciphers.

© 2015 Entrust Datacard Corporation. All rights reserved.

•Mixed Content

•Third party Trust

•Secure Cookies

•Cross-site Scripting (XSS)

•Malware

•Perfect Forward Secrecy

•OCSP Stapling

•HTTP Strict Transport Security (HSTS)

HTTP Strict Transport Security (HSTS)

9/29/2015

© Entrust, Inc. All rights reserved. 14

Best Practices: HSTS

• Enable HSTS for all secure web pages, as an extension of SSL Always-ON

• According to Ivan Ristic, this it the single most important improvement you can make for the TLS security of your websites

• Extension of Always-On SSL concept

• Can be used for websites that only allow HTTPS

• Convey to HSTS supported browsers that your site is only available via HTTPS, by sending HSTS value header

• Supporting browsers automatically change HTTP queries to HTTPS

• Browsers that do not support HSTS header will simply ignore

• Used to mitigate sslstrip vulnerability

• In the case of MTM, HSTS does not allow the user to override the invalid certificate error

•Certificate Transparency

•Certificate Reputation

•HTTP Public Key Pinning (HPKP)

•Certification Authority Authorization (CAA)

© 2015 Entrust Datacard Corporation. All rights reserved.

•Multi-SAN Certificates

•Extended Validation (EV)

•Elliptic Curve

Cryptography (ECC)

•Private Trust

Certificate Validation Models

Best Practices:

Certificates

• Use EV for high traffic or value websites

• OV should be used for public sites when EV is not required

• DV should only be used when Identity is not required (internal use or for non browser based applications)

Advanced Certificate Types

9/29/2015

© Entrust, Inc. All rights reserved. 18

Multi-SAN Certificates

• Single Certificate that support multiple URLs or public IP Addresses

• Use on Load Balancers and Firewalls

ECC Certificates

• 256 bit EC private key offers better security and performance than RSA 2048 bit keys

• Limited client side support

Wildcard Certificates

• Dynamically support unlimited number of sub domains (*.abc.com)

• Domain coverage is wide, making the certificate and private key high value

• Use on Load Balancer and Firewalls for environments that are constantly

changing

Private Trust SSL Certificates

• Used internally, not publicly trusted

• On premise PKI or hosted PKI service

• Are required November 2015 for certificate issued to Non-Fully Qualified Domain Names

•SSL on all Websites

•Mitigates HTTP attacks

•Increases Security

•Provides User Privacy

•Deploy HSTS

© 2015 Entrust Datacard Corporation. All rights reserved.

•Security Partner

•Certificate Management

•Certificate Discovery

•Variety of Certificates

•Certificate/Website Scan

•Responsive CRL/OCSP

Choosing a Certificate Authority

Support

Certificate Management Tools

Services Offered (CRL/OCSP,Cert Types, ECC) Root Embedding

Certificate Policies

Security Posture, History, and Compliance

Tools and Resources

9/29/2015

© Entrust, Inc. All rights reserved. 22

Certificate Management

• SSL Labs Server Test

• SSL Chain Checkers

• Open SSL

• Certificate Discovery

• Certificate

Management Tool

• Malware Scanner

• Bulletproof SSL

SSL/TLS SERVER TEST

© 2015 Entrust Datacard Corporation. All rights reserved.

BULLETPROOF SSL AND TLS

• Written by SSL Expert, Ivan Ristic

• Most comprehensive guide to SSL Best Practices on the market

• Recommended reading for any IT Security professional dealing with SSL and certificates

• Available at Feisty Duck or on Amazon

• Included free of charge with Entrust Cloud SSL Enterprise

Thank you!

Questions?