We’ve been hearing a lot of things about HTTPS during the past months, and the Heartbleed “bug” has its responsibility in that phenomenon.
There was a time when HTTPS was dedicated to highly sensitive transactions, like banking transactions.
Now HTTPS is considered mandatory as soon as a user is authenticated on a website, in order to protect his web session and connection credentials.
What is HTTPS?
HTTPS is nothing more than HTTP, the Internet protocol used to exchange data between a server and a client (web browser) on which we add a security layer.
HTTP is not a secured protocol: it has been designed in a pure functional objective without taking any security constraint into consideration.
So we add a security layer to HTTP. To be more accurate, we encapsulate HTTP into a secured connection.
HTTPS allows us to fulfill three objectives:
- Authentication: the client knows that the server he’s talking to is indeed the one he thinks he’s taking to
- Privacy: Data cannot be read by anyone on the network, since it is encrypted
- Integrity: With HTTPS, data cannot be modified during its transport by a third party (man-in-middle attack)
Certificate Authorities
Certificate authorities are companies delivering SSL certificates. These organizations are known by web browsers, who accept certificates delivered by these authorities.
A certificate can be generated by anyone, but if not delivered by a known authority, browsers display security alerts.
Certificate authority examples: Thawte, Go Daddy, Global Sig, DigiCert…
SSL Handshake
The SSL handshake is the process in which the web server and the browser discuss and agree on the protocol to be used (SSL or TLS in a specific version), on the cypher suite to be used and lastly on the session key to be used on communications once the handshake is finished.
Without delving into the details, the handshake goes through the following steps:
- The browser and the server agree on the protocol to be used (SSL X, TLS X)
- The browser verifies the authenticity of the server (certificate authority)
- The browser creates a session key and encrypts it with the public key of the server
- The server decrypts the previous message with its private key
- The browser and the server communicate using the session key they just agreed on. The handshake is finished.
Cipher suites
Different levels of encryption exist within HTTPS.
As mentioned earlier, HTTPS is HTTP encapsulated into a secure protocol, SSL or TLS.
These two security protocols exist in different versions, some of them being considered weak. SSL V2 is obsolete, and SSL V3 as well, since the “POODLE” vulnerability.
To be used : TLS v1.0, v1.1, v1.2
Moreover, SSL and TLS use different encryption algorithms. These algorithms are used during the communications and the one that will be used depends on what both the server and the browser accept.
Over time, some of these algorithms become weak and must be deactivated:
We can for instance mention all ciphers with a key size below 128 bits and RC4 algorithms.
It is therefore necessary to keep systems up-to-date and specifically the HTTPS configuration of a web server.
Cipher suite example
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
Meaning of this cipher string
ECDHE : key exchange algorithm
ECDSA : authentication
AES_128_CBC : bulk cipher used for message encryption
SHA : MAC algorithm
Installing HTTPS on a web server
Configuring HTTPS on a web server is relatively simple, and well documented, for the different types of servers.
The main steps of the setup are:
- ordering an SSL certificate to a certificate authority (if you want the certificate to be accepted by web browser outside a private organization)
- installing the certificate in the web server (files to be copied to the server)
- configuring the web server
The configuration of the server may include:
- IP address-port / domain name binding to the certificate
- configuration of activated protocoles (TLS/SSL)
- configuration of algorithms and ciphers key sizes (cipher suites)
You will find below the links to documentations detailing how to install SSL on the three major web servers :
Apache: https://wiki.apache.org/httpd/SSL
IIS: http://www.iis.net/learn/manage/configuring-security/how-to-set-up-ssl-on-iis
Nginx: http://nginx.org/en/docs/http/configuring_https_servers.html
Mozilla recently published a webpage where you can generate a safe HTTPS configuration:
Mozilla SSL configuration generator
Keeping HTTPS update-to-date
HTTPS configuration is not a one time event. Once installed you have to keep its configuration up-to-date.
As we’ve seen it quite recently with the Heartbleed bug affecting some versions of the openSSL library, system updates can help avoiding some breaches directly related to the usage of HTTPS.
Moreover, it is necessary to stay informed about the security of the different protocols and cipher suites. the objective here is to deactivate some of them if considered weak at some point.
Last be not least, also quite obvious but often forgotten: a certificate expires. Once the certificate has expired web browsers will display very dissuasive security alerts, encouraging users to leave the website.