State of the SSL/ TLS Industry Where Are We Today / Future Trends & Changes by Jay Schiavo

State of the SSL/ TLS Industry Where Are We Today / Future Trends & Changes By Jay Schiavo

• SSL/TLS History • State of the Industry Today • Technologies to Consider • Questions?

1998 2005 2012 2016

• VeriSign, Entrust, • VeriSign (acquired • Symantec (acquired • Symantec (acquired Thawte, GlobalSign Thawte), Entrust, Thawte and Thawte and GeoTrust, Comodo, GeoTrust), Entrust, GeoTrust), Entrust, • OV SSL GoDaddy Comodo, GoDaddy, Comodo, GoDaddy, Digicert, GlobalSign Digicert, GlobalSign, • E-Commerce • OV SSL, DV SSL Let’s Encrypt, AWS • EV SSL, OV SSL, DV • No governance • E-Commerce and SSL, Multi-Domain • EV SSL, OV SSL, DV protecting sensitive SSL, Cert Mgmt SSL, Multi-Domain data SSL, Cert Mgmt, • E-Commerce and Other Services • CA/Browser Forum protecting sensitive data, Logins, • Encryption Webmail everywhere

• EV & SSL Baseline • Browsers enforcing Reqs proper SSL issuance and deployment

Endured three certificate-based migrations

1. MD2 and MD5 to SHA-1 2. Small RSA keys to 2048-bit keys or larger 3. SHA-1 to SHA-256

• Additionally: – Encryption levels have changed from 40 bit to 128 bit to 256 bit – SSL protocol to TLS protocol (current version is 1.2) • SSL 2.0 and 3.0 no longer supported in modern browsers • TLS 1.0 and 1.1 are showing some cracks • TLS 1.2 is most secure protocol • TLS 1.3 has not yet been released

• What’s next – ECC, RSA 3072, CT for all TLS/SSL

• Multiple attacks in the news related to SSL/TLS since 2014 – and they keep getting better!

– Heartbleed – POODLE – BERserk – Logjam – SuperFish – SMACK – DROWN – SWEET32 Birthday Attack

• Visit Feisty Duck for more information – https://www.feistyduck.com/ssl-tls-and-pki-history/

9.5% 55.1% 4.0%

55.1% of sites have 9.5% support inadequate security 4.0% use SHA-1 weak/insecure cipher suites

6.8% 2.5% 21.4%

6.8% vulnerable to 2.5% vulnerable to 21.4% support DROWN attack CRIME attack SSL 3.0

https://www.trustworthyinternet.org/ssl-pulse/

© Entrust Datacard Corporation. All rights reserved. 8 TOOLS TO HELP Entrust SSL Best Practices: • SSL Server Test • https://www.entrust.com/lp/ssl- best-practices/ – Certificate, protocol, key exchange and cipher strength (https://entrust.ssllabs.com/)

• Scan your site at https://observatory.mozilla.org/ Bulletproof SSL • Based on Web security guidelines they and TLS: created at Implementation https://wiki.mozilla.org/Security/Guidelines/ Web_Security issues, attacks, mitigations

• SHA-1 has been outlawed for new issuance as of Jan 1, 2016 and SHOULD expire by Jan 1, 2017 (2+ months)

• Its not unusual for even large / well funded companies to have SHA-1 certificates to go unnoticed until the certificate expires. Once expired, some SHA-1 certificate can not be replaced with SHA-2 because the systems running them are either old or proprietary.

• Please contact us if you have any questions or issues.

• Entrust has both detection tools and a set of solutions to address with this transition.

• CT is a family of logs for SSL certificates • Google requires all CAs to publish EV certificates to CT logs • Un-logged certificates will not get the EV indication in Chrome

• Some CAs are being forced to publish ALL certificates to CT as of June 1, 2016 due to inappropriate certificate issuance

• CT Issues: – Many organization sites are behind the firewall, so not available for inspection – Many site names are ”internal” and have descriptive names such as “US_AP.domain.com” or “research1.domain.com” – Certificates published to CT, can provide a hacker with network topology including server names describing of the server’s function – So CT could be used as a Reconnaissance tool • Can also make customer list public

• Chrome 53 has been updated to show security as follows:

Bad SSL (badssl.com)

No SSL

DV/OV SSL

EV SSL

• January 2017, Chrome adding in “non secure” for certain HTTP sites • Chrome will expand “non secure” to all HTTP sites • Customers need to prepare by moving to HTTPS

For CC & Passwords Future (not too far), for all HTTP sites

Google is tacitly saying, EVERYTHING MUST BE ENCRYPTED

HSTS OCSP Stapling

• HTTP Strict Transport Security • Alt to CRLs to check cert • Security policy where a Web server revocation directly from server tells a browser to only connect to • The web server caches the the site over HTTPs response from the CA that issued • Protects users even when clicking the certificate on HTTP • Eliminates out-of-band validation • Mitigates HTTP MitM attack that • Decreases browser latency as exploit insecure redirects OCSP response is in TLS • Implemented by including the handshake “Strict-Transport-Security” entry in the HTTP response header • Windows, Apache and Nginx support • Server provides header information to be stored by browser for a period – IIS supports by default of time • https://casecurity.org/2014/06/18/ • Header can apply to subdomains ocsp-must-staple/ • Supported by all major browsers

HTTP Public Key Pinning

• Prevents fraudsters from using mis-issued TLS certs • To enable you return the Public-Key-Pins HTTP header when your site is accessed over HTTPS • Server provides header with public key information to be stored by browser for a period of time • If public key is missing on server then there will be a connection error • https://news.netcraft.com/archives/2016/03/22/secure-websites-shun- http-public-key-pinning.html

• Primary objective is to provide identity and assure authorization to issue a certificate

• Secondary objective goal is to help mitigate phishing attacks

• Highly purchased by banking and retail sites

• Over 158,000 active EV certificates

• Provide higher levels of identification, authentication and technology leadership

• Browsers provide key trust indications – Green lock icon – Green “GO” coloring – Organization name in status bar

1. Security Benefits – Security to all websites/pages – Mitigate known vulnerabilities: SSLstrip and Firesheep – Browser user privacy – Support HSTS

2. Site Performance Benefits – HTTPS makes load times faster – Support HTTP/2 • higher performance and less latency 3. Marketing Benefits – Search engine optimization (SEO) • https://scotthelme.co.uk/stil – Better Referrer Data l-think-you-dont-need- https/ 4. Browsers and other SW vendors nudging you in that direction • https://casecurity.org/2016/ – Higher trust indication 09/30/always-on-ssl/ • Lock icon • Not secure message – iOS and Android upping the ante pushing mobile apps towards encryption

1. TLS/SSL technology, requirements, and threats continue to evolve and change 2. Browsers are pushing all sites to move to HTTPs 3. Browsers will shame sites that do not implement TLS/SSL certificates correctly 4. Implement HSTS, OCSP Stapling, Key Pinning, EV SSL and Always-On SSL to improve the security and performance of your sites 5. There are tools out there to help and reliable CA vendors and their partners will be there as well