{"id":38,"date":"2014-01-13T01:36:20","date_gmt":"2014-01-12T23:36:20","guid":{"rendered":"http:\/\/www.frelsisbaratta.is\/blog\/?p=38"},"modified":"2016-04-18T17:18:25","modified_gmt":"2016-04-18T15:18:25","slug":"secure-your-ssl-with-pfs","status":"publish","type":"post","link":"https:\/\/www.frelsisbaratta.is\/blog\/?p=38","title":{"rendered":"Secure your SSL with PFS"},"content":{"rendered":"<p>Use SSL they tell you, than your service is secure they tell you.<\/p>\n<p>That&#8217;s wrong.<\/p>\n<p>Mostly.<\/p>\n<p>Use <em>secure\u00a0<\/em>SSL, <em>than<\/em> your service is secure.<\/p>\n<p>Today&#8217;s mostly used SSL is broken. The reason is, RC4 is <a href=\"http:\/\/www.isg.rhul.ac.uk\/tls\/\">broken<\/a>\u00a0and that is mostly used by SSL active websites. Check your SSL used website about SSL Ciphers (in FF click on the secure bar logo) &#8211; you will see for example: RSA_RC4_128_SHA<\/p>\n<p>That means the server uses RSA with RC4 and SHA 128. And that is broken.<\/p>\n<p>But it is getting worse. The NSA is currently building the biggest <a href=\"http:\/\/www.wired.com\/threatlevel\/2012\/03\/ff_nsadatacenter\/\">spy center<\/a> in the US to save any data they get. Why? It may be true that you can&#8217;t break the current secure ciphers now, but what about later?<\/p>\n<p>So what we need is a system which will remain secure in the future. PFS (Perfect-Forward-Secrecy) fulfills this requirement.<\/p>\n<p><span style=\"text-decoration: underline;\">How does it work?<\/span><\/p>\n<p>When two peers want to establish a TLS tunnel with PFS, after performing the server (or the mutual) authentication, they agree on an ephemeral session key.<\/p>\n<p>The session keys are then used to encrypt the rest of the conversation (session). They are deleted afterwards. The goal of the key exchange phase is to enable the two parties to negotiate the keys securely; in other words, to prevent anyone else from learning these keys.<\/p>\n<p><span style=\"text-decoration: underline;\">How do we enable it?<\/span><\/p>\n<p>First: Use a long SSL Cert Key. We recommend to use\u00a0RSA 4096 bits.<\/p>\n<p>Also you realy should look foward to get TLS 1.2 active on your server (should be already supported by every unix on latest version)<\/p>\n<p><em>Activate PFS<\/em><\/p>\n<p>You will need\u00a0Apache 2.3+ , earlier versions are not supporting PFS.<\/p>\n<p>Replace (or add if applicable) the following configuration directives in your SSL module configuration file (most likely to be found in \/etc\/apache2\/mods-enabled\/ssl.conf).<\/p>\n<blockquote><p><del>SSLProtocol +TLSv1.2 +TLSv1.1 +TLSv1<\/del><br \/>\n<del> SSLCompression off<\/del><br \/>\n<del> SSLHonorCipherOrder on<\/del><br \/>\n<del> SSLCipherSuite ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-RC4-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:RC4-SHA:AES256-GCM-SHA384:AES256-SHA256:CAMELLIA256-SHA:ECDHE-RSA-AES128-SHA:AES128-GCM-SHA256:AES128-SHA256:AES128-SHA:CAMELLIA128-SHA<\/del><\/p>\n<p>It is realy time to kill RC4, SSLv2 and SSLv3 for good reasons so use:<\/p>\n<p>SSLProtocol +TLSv1.2 +TLSv1.1 +TLSv1 -SSLv2 -SSLv3<br \/>\nSSLCompression off<br \/>\nSSLHonorCipherOrder on<br \/>\nSSLCipherSuite ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA<\/p><\/blockquote>\n<p>Update your Dovecot mailserver:<\/p>\n<blockquote><p>ssl_cipher_list=ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA<br \/>\nssl_prefer_server_ciphers = yes (Dovecot 2.2.6 or greater)<\/p><\/blockquote>\n<p>&nbsp;<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Use SSL they tell you, than your service is secure they tell you. That&#8217;s wrong. Mostly. Use secure\u00a0SSL, than your service is secure. Today&#8217;s mostly used SSL is broken. The reason is, RC4 is broken\u00a0and that is mostly used by SSL active websites. Check your SSL used website about SSL Ciphers (in FF click on [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[],"class_list":["post-38","post","type-post","status-publish","format-standard","hentry","category-security-and-cryptography"],"_links":{"self":[{"href":"https:\/\/www.frelsisbaratta.is\/blog\/index.php?rest_route=\/wp\/v2\/posts\/38","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.frelsisbaratta.is\/blog\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.frelsisbaratta.is\/blog\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.frelsisbaratta.is\/blog\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.frelsisbaratta.is\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=38"}],"version-history":[{"count":13,"href":"https:\/\/www.frelsisbaratta.is\/blog\/index.php?rest_route=\/wp\/v2\/posts\/38\/revisions"}],"predecessor-version":[{"id":98,"href":"https:\/\/www.frelsisbaratta.is\/blog\/index.php?rest_route=\/wp\/v2\/posts\/38\/revisions\/98"}],"wp:attachment":[{"href":"https:\/\/www.frelsisbaratta.is\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=38"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.frelsisbaratta.is\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=38"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.frelsisbaratta.is\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=38"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}