Demystifying SSL: Putting the S in HTTPS

Author:Jeff Propes
Date:June 21, 2014

Follow along with me at http://self2014.grimoi.re/demystifying_ssl_part1/

Overview

What Is SSL Really?

Walkthrough of an SSL transaction

Understanding Certificates

Operating the OpenSSL binary

Requesting, Creating, and Installing an SSL Certificate

Definitions

SSL - A protocol that provides a secure communications channel for data transfer

TLS - A sister protocol that has superceded SSL and does away with some unhealthy assumptions and patterns

HTTP - The protocol used to deliver most web content to end users

HTTPS - Wrap SSL around HTTP so that web content is delivered securely

OpenSSL - An open source library that implements the SSL protocol and provides other cryptographic services

Overview of SSL

From RFC 6101:

The primary goal of the SSL protocol is to provide privacy and reliability between two communicating applications.

What Most People Think SSL Is

Most of the human focus on SSL is on certificates and the public-key cryptography section

Domain names

Private keys

Is my address bar green? Is there a lock symbol?

In truth, this is only a small (but crucial) part of what SSL does

What SSL Really Is

The certificate and keypair parts of SSL are solely to establish two things:

The initial confidentiality for the SSL handshake uses public-key cryptography

Public-key cryptography

images/keypair_example.png

Walkthrough of an SSL transaction

Authenticity step

  1. Client contacts server with a hello and a random number X that it generates
  2. Server responds with a hello and its own random number Y.
  3. Server presents a SSL certificate containing who and what it is
  4. Client decides if it trusts the server's certificate

Walkthrough of an SSL transaction (cont.)

Key exchange step

  1. Client generates another large random number called the Pre Master Secret
  2. Client encrypts the PMS with the server's public key, then sends it the server
  3. Server decrypts it with the server's private key.
  4. Both client and server use the numbers X, Y, and PMS to calculate a shared Master Secret Key (MSK)
  5. SSL Handshake ends, and all future communications use the new MSK and an agreed-upon cipher

Using an encrypted SSL Channel

Now that the handshake is complete, we have authenticity and confidentially accounted for

All messages sent across the SSL channel are broken up into packets of no more than 16KB

A message authentication code (MAC) is calculated based upon the contents of the packet payload and the MSK before it is encrypted

Using an encrypted SSL Channel

The MAC provides integrity and reliability for the system

Since both client and server are using the same algorithm and the same MSK, each end can decrypt the message and calculate the MAC

Disagreements indicate a fault or tampering in transmission and that the data should be resent

Understanding Certificates

An SSL certificate is a dense pile of binary data in the X.509 format

SSL Certificate File Formats

In general, stick with PEM as it is simplest to work with

Different Types of Certificates

Standard

Wildcard

Subject Alternate Name

Extended Validation

Trust

The SSL Certificate is built on a trust model

Each certificate is issued by a parent certificate who signs it with their private key

If you trust the judgement of the parent certificate's owner, then you can trust this certificate as well

Self-signed certificate

Root, Intermediate, and End User Certificates

Certificate chains are usually assembled into three-part chains

End User certificate - used to prove the identity of sites or assets

Intermediate certificate - used to sign the end user certificates

Root certificate - protected like Fort Knox

Operating the OpenSSL binary

OpenSSL comes with a tool for creating and managing certificates (among other things)

The tool is named, appropriately, openssl

openssl <command> <options>

E.g. openssl x509 -noout -text -in mycert.crt

OpenSSL Commands

req - creates and manages certificate requests

genrsa - creates and manages key files

x509 - shows information about X.509 certificates

ca - Act as a certificate authority to sign another certificate

OpenSSL Common Options

-in or -out - direct files in an out of the command.

-new - Designates that this command is creating a new X which is appropriate for the command

-key - Use the key stored in the specified file for the invocation of this command

For any command, you can use --help to get a full listing of all options relevant for that command

Requesting, Creating, and Installing an SSL Certificate

We are now going to use the our new-found knowledge and tools to craft a new SSL certificate

We will be creating a Key file, Certificate Signing Requests, and finally get a SSL certificate back from our SSL vendor

Naming convention: all files named after the domain you'll be crafting

e.g. self2014.grimoi.re.key, self2014.grimoi.re.csr, and self2014.grimoi.re.crt

Generating a New Private Key

openssl genrsa -out self2014.localhost.key

Encrypted vs unencrypted

Add the -des3 option if you want to encrypt the key file

For automated operation on a web site, we need an unencrypted key file

Generating the Certificate Signing Request

openssl req -new -key self2014.localhost.key -out self2014.localhost.csr

Identifying information about the person or business creating this SSL certificate

Signed by the private key in the key file

The only truly important field is the Common Name field, which MUST match your domain name

In general, it's best to fill in all relevant fields, even if your SSL vendor ignores them

Getting the CSR Signed

Here is where the Certificate Authority steps in

CSR is sent off to the CA, which will run something like this: openssl ca -in self2014.localhost.csr -out self2014.localhost.crt

Your SSL vendor will return the freshly-signed certificate to you

May also be one or more intermediate certificates

Stick around for part 2 to learn how to craft your own CA

Installing your SSL Certificate

Mechanism is different for each web server

Demonstration on Nginx

Craft an SSL bundle by catting your SSL cert and any intermediates together

listen 443 ssl; ssl_certificate /path/to/ssl/bundle.crt; ssl_certificate_file /path/to/ssl/key;

Green lock symbol!

Fin

Thanks for coming!

This presentation can be found permanently at http://self2014.grimoi.re/demystifying_ssl_part1/

More information can be had by reading the following: