HitB2011AMS: A Real-Life Study of What Really Breaks SSL

Breaking the ice a cc nc nd by image from MarcelGermain's Flickr stream
By Ivan Ristić

Slides on the HitB Materials page.

Ivan researches SSL for Qualys. SSL was designed as a protocol add-on by Netscape to secure http, but can be used to secure other protocols as well.

The main challenges today are:
  1. Fragility of the trust ecosystem
  2. Incorrect or weak configuration
  3. Slow adoption of modern statndar
  4. Lack of support for virtual SSL hosting
  5. Mismatch between HTTP and SSL

There are three main attacks against SSL:
  • Passive MitM
  • Session Hijacking
  • Active MitM
  • Session bypass (ssl strip)
  • Renegotiation attack
  • Rogue certificates
  • User attackers (who reads warnings)

Ivan’s has a lot of data based on the a surveys conducted by his employer Qualys SSL Labs, EFF’s SSL Observatory. In total 1.2million sites with valid certificates where investigated.

Ivan showed a slide that indicates that of the sites visited only 0.6% of the sites had a fully correct SSL configuration, nearly 50% of the sites did not offer SSL at all.

In Qualys' most In the most recent SSL Survey only 32% of the sites offering SSL where configured correctly.

So now for the bad stuff:
  • 48% of the sites offering SSL still offer SSLv2 which is know to be cryptographically insecure, it is a good thing that most browsers reject it
  • Most sites do not offer any support for TLSv1.1 and TLSv1.2
  • 62% of the sites still use weaks ciphers
  • The TLS renegotiation vulnerability discovered in 2009 still effects nearly 35% the sites

But it is not just about how SSL is configures, but also about how it is used:
  • Nearly 80% of the sites offering SSL do not redirect their users to the secure sites by default.
  • HTTP Strict Transport Security is only used by 80 out of the the nearly 250,000 sites tested by Qualys.
  • The adoption of EV certificates is also low
  • Of the tested sites on 9 used all three above techniques.
  • A lot of sites mark their cookies as HttpOnly or Secure, but even less that use both techniques
  • 22% of the tested sites use some form of mixed content, if you exclude the sites that only use it for images this number only drops slightly to nearly 19%
  • 68% of the login forms where not served over HTTPS and 54% submitted data to an http site

So what can we concluse:
  • Systematic issues are hotly debated
  • However SSL is often broken  by bad deployment and implementation issues
  • It is possible to achieve reasonable security, but most sites choose not to do it
  • Among the popular sites only a handful have decent SSL deployments

SSL is a success because it bought a relative security to the general public.

Ivan Ristić is a respected security expert and author, known especially for his contribution to the web application firewall field and the development of ModSecurity, an open source web application firewall. He is also the author of Apache Security, a comprehensive security guide for the Apache web server, and ModSecurity Handbook. He founded SSL Labs, a research effort focused on the analysis of the real-life usage of SSL and the related technologies. A frequent speaker at computer security conferences, Ivan is a member of the Open Web Application Security Project (OWASP), and an officer of the Web Application Security Consortium (WASC).


Not Published

0/1000 characters
Go Top