Sharing

2013年9月16日 星期一

Scan SSL Cipher Suite

SSL Cipher Suite

TLS protocol 1.0 RFC
http://www.ietf.org/rfc/rfc2246.txt
TLS protocol 1.1 RFC
http://www.ietf.org/rfc/rfc4346.txt
TLS protocol 1.2 RFC
http://www.ietf.org/rfc/rfc5246.txt
Elliptic Curve Cryptography (ECC) Cipher Suites
http://www.ietf.org/rfc/rfc4492.txt
統整
http://www.iana.org/assignments/tls-parameters/tls-parameters.xml

Server Side SSL Cipher Suite


這個網站可以幫忙 scan 你的 server 的提供的 SSL 安全等級, 以及支援的 SSL Cipher Suite
https://www.ssllabs.com/ssltest/index.html


在 Linux 上也有個 sslscan 的工具
$ apt-get install sslscan
$ sslscan --no-failed www.google.com
                   _
           ___ ___| |___  ___ __ _ _ __
          / __/ __| / __|/ __/ _` | '_ \
          \__ \__ \ \__ \ (_| (_| | | | |
          |___/___/_|___/\___\__,_|_| |_|

                  Version 1.8.2
             http://www.titania.co.uk
        Copyright Ian Ventura-Whiting 2009

Testing SSL server www.google.com on port 443

  Supported Server Cipher(s):
    Accepted  SSLv3  256 bits  ECDHE-RSA-AES256-SHA
    Accepted  SSLv3  256 bits  AES256-SHA
    Accepted  SSLv3  168 bits  ECDHE-RSA-DES-CBC3-SHA
    Accepted  SSLv3  168 bits  DES-CBC3-SHA
    Accepted  SSLv3  128 bits  ECDHE-RSA-AES128-SHA
    Accepted  SSLv3  128 bits  AES128-SHA
    Accepted  SSLv3  128 bits  ECDHE-RSA-RC4-SHA
    Accepted  SSLv3  128 bits  RC4-SHA
    Accepted  SSLv3  128 bits  RC4-MD5
    Accepted  TLSv1  256 bits  ECDHE-RSA-AES256-SHA
    Accepted  TLSv1  256 bits  AES256-SHA
    Accepted  TLSv1  168 bits  ECDHE-RSA-DES-CBC3-SHA
    Accepted  TLSv1  168 bits  DES-CBC3-SHA
    Accepted  TLSv1  128 bits  ECDHE-RSA-AES128-SHA
    Accepted  TLSv1  128 bits  AES128-SHA
    Accepted  TLSv1  128 bits  ECDHE-RSA-RC4-SHA
    Accepted  TLSv1  128 bits  RC4-SHA
    Accepted  TLSv1  128 bits  RC4-MD5

  Prefered Server Cipher(s):
    SSLv3  128 bits  ECDHE-RSA-RC4-SHA
    TLSv1  128 bits  ECDHE-RSA-RC4-SHA

  SSL Certificate:
    Version: 2
    Serial Number: 5892482494032825274
    Signature Algorithm: sha1WithRSAEncryption
    Issuer: /C=US/O=Google Inc/CN=Google Internet Authority G2
    Not valid before: Aug 29 12:35:17 2013 GMT
    Not valid after: Aug 29 12:35:17 2014 GMT
    Subject: /C=US/ST=California/L=Mountain View/O=Google Inc/CN=www.google.com
    Public Key Algorithm: rsaEncryption
    RSA Public Key: (2048 bit)
      Public-Key: (2048 bit)
      Modulus:
          00:8e:b7:62:be:81:a1:02:43:0b:5d:93:66:41:c3:
          69:c7:b1:8f:af:3f:cf:90:88:c3:fa:b6:1f:b7:dd:
          eb:c5:f4:11:e5:81:9f:01:66:3c:eb:c7:4c:16:b8:
          ab:2e:4f:00:1d:58:53:e0:48:55:0f:ef:5f:a9:2b:
          e0:e5:23:d1:52:f0:2b:3a:b7:19:92:f5:42:74:4b:
          7d:60:eb:95:f8:7c:68:c6:c4:66:ec:37:d8:1e:dd:
          0f:01:df:30:6e:c2:25:00:57:36:5e:2c:a5:fd:01:
          54:65:89:60:e8:ab:98:b6:4b:d6:44:0f:8f:f9:27:
          53:5f:51:d9:01:50:7b:aa:2d:0f:da:0d:8d:2a:d8:
          22:c8:a2:e8:77:16:db:fa:f7:0c:42:dd:af:77:3f:
          71:af:d2:92:c5:00:48:41:93:81:1e:61:0f:a8:6b:
          04:96:25:b4:70:2a:da:e6:4a:0d:23:fd:5c:72:0e:
          68:a6:1d:59:e4:78:31:07:c5:8a:9f:75:fd:9a:93:
          8b:70:ba:00:c5:47:c4:fa:2f:8a:14:bd:7b:c7:b4:
          3a:f2:45:d8:1d:6e:38:fd:27:81:15:8f:4c:96:aa:
          45:f8:7c:d6:f2:c0:d9:fc:17:b9:75:3d:14:66:71:
          8e:cf:d4:0b:cb:bf:e3:08:71:5d:88:fa:e5:53:3d:
          41:9f
      Exponent: 65537 (0x10001)
    X509v3 Extensions:
      X509v3 Extended Key Usage: 
        TLS Web Server Authentication, TLS Web Client Authentication
      X509v3 Subject Alternative Name: 
        DNS:www.google.com
      Authority Information Access: 
        CA Issuers - URI:http://pki.google.com/GIAG2.crt
        OCSP - URI:http://clients1.google.com/ocsp
      X509v3 Subject Key Identifier: 
        6B:36:89:3B:32:31:63:1B:D7:13:7E:07:BA:4B:3F:E9:27:E9:58:76
      X509v3 Basic Constraints: critical
        CA:FALSE
      X509v3 Authority Key Identifier: 
        keyid:4A:DD:06:16:1B:BC:F6:68:B5:76:F5:81:B6:BB:62:1A:BA:5A:81:2F

      X509v3 Certificate Policies: 
        Policy: 1.3.6.1.4.1.11129.2.5.1

      X509v3 CRL Distribution Points: 

        Full Name:
          URI:http://pki.google.com/GIAG2.crl

  Verify Certificate:
    unable to get local issuer certificate


Client Side SSL Cipher Suite

如果想知道 Client 端支援的情況, 可以參考
https://groups.google.com/a/chromium.org/forum/#!topic/chromium-reviews/Mvp-tGW2RaI


To test, I've been using Certicom's SECG ECC test server -  http://tls.secg.org/

The exact steps are:
1) Navigate to http://tls.secg.org/
2) Click "Connect Now"
3) Choose secp256p1 (the default)
4) Click Continue (link for 1 - 4: http://tls.secg.org/?action=go&ciphersuite=0&curve=23 )
5) Click "here" to continue ( link: https://tls.secg.org:40023/connect.php )
6) Observe under cipher suites, a list of cipher suites. Some numeric, some
string form. String forms are listed at http://www.iana.org/assignments/tls-parameters/tls-parameters.xml . Without any command line flags, see that TLS_RSA_WITH_RC4_128_MD5 (0x0004) and TLS_RSA_WITH_RC4_128_SHA (0x0005) appear in the list
7) Relaunch chrome with chrome --cipher-suite-blacklist="0x0004,0x0005"
8) Repeat steps 1-5.
9) Observe that neither TLS_RSA_WITH_RC4_128_MD5 or  TLS_RSA_WITH_RC4_128_SHA are listed.


選 "Connect Now"


選擇要測試的 Cipher Suite



最後的 report 也有列出所有 Client 端開放的 Cipher Suite, 可以看看有沒有安全性太低的項目




Browser Config


RC4 越來越不安全, 如果想要加強安全性, 可以主動要求 Browser 不要使用 RC4

TLS_RSA_WITH_RC4_128_MD5 = { 0x00, 0x04 }
TLS_RSA_WITH_RC4_128_SHA = { 0x00, 0x05 }
TLS_ECDH_ECDSA_WITH_RC4_128_SHA = { 0xC0, 0x02 }
TLS_ECDHE_ECDSA_WITH_RC4_128_SHA = { 0xC0, 0x07 }
TLS_ECDH_RSA_WITH_RC4_128_SHA = { 0xC0, 0x0C }
TLS_ECDHE_RSA_WITH_RC4_128_SHA = { 0xC0, 0x11 }
TLS_ECDH_anon_WITH_RC4_128_SHA = { 0xC0, 0x16 }

參考這篇來設定 Browser
http://luxsci.com/blog/256-bit-aes-encryption-for-ssl-and-tls-maximal-security.html

Google Chrome 試了好幾次, 按照他的方式去做, 但都沒有作用, 我覺得可能是 Google Chrome 把這個功能拿掉了, Firefox 則是有 UI , 要關掉很容易, 用 https://www.google.com.tw 來測試

關掉前是用 RC4



進入 about:config, 把所有的 rc4 都設成 false


再重新連線, 加密就變成 AES 了


希望 Google Chrome 早一點把這個功能做好, 因為現在大部份的時間我都使用它來上網, 最後使用 IE 的人, 也要參考連結去打開 SSL Cipher Suite Order

  1. Open your group policy editor by entering gpedit.msc at a command prompt.
  2. Choose Computer Configuration | Administrative Templates | Network | SSL Configuration Settings.
  3. There’s only one item here: SSL Cipher Suite Order. Open it.
  4. Select Enabled.



沒有留言: