In order to simplify our TLS implementation and as part of our support for strong encryption for everyone, we are pleased to announce availability of a new Open Source implementation of the TLS protocol: s2n. s2n is a library that has been designed to be small, fast, with simplicity as a priority. s2n avoids implementing rarely used options and extensions, and today is just more than 6,000 lines of code. As a result of this, we’ve found that it is easier to review s2n; we have already completed three external security evaluations and penetration tests on s2n, a practice we will be continuing.
Source: Introducing s2n, a New Open Source TLS Implementation – AWS Security Blog
If you are interested in using or contributing to s2n, the source code, documentation, commits and enhancements are all publically available under the terms of the Apache Software License 2.0 from the s2n GitHub repository.
We have published a technical report, Imperfect Forward Secrecy: How Diffie-Hellman Fails in Practice, which has specifics on these attacks, details on how we broke the most common 512-bit Diffie-Hellman group, and measurements of who is affected. We have also published several proof of concept demos and a Guide to Deploying Diffie-Hellman for TLS.
Source: Logjam: How Diffie-Hellman Fails in Practice
What should I do?
If you run a server…
If you have a web or mail server, you should disable support for export cipher suites and generate a unique 2048-bit Diffie-Hellman group. We have published a Guide to Deploying Diffie-Hellman for TLS with step-by-step instructions. If you use SSH, you should upgrade both your server and client installations to the most recent version of OpenSSH, which prefers Elliptic-Curve Diffie-Hellman Key Exchange.
HTTPS may introduce overhead in terms of infrastructure costs, communication latency, data usage, and energy consumption. Moreover, given the opaqueness of the encrypted communication, any in-network value added services requiring visibility into application layer content, such as caches and virus scanners, become ineffective.
Via The Cost of the “S” in HTTPS
TQP has been arguing for years that using Secure Sockets Layer (SSL) or Transport Layer Security (TLS) combined with the RC4 encryption cipher infringes its patent. The company’s former owner, renowned “patent troll” Erich Spangenberg, acknowledged during a trial last year that he has made more than $45 million in settlements on the TQP patent. TQP is one of dozens of patent groups that he owns.
via Intuit beats Web encryption patent that defeated Newegg at trial | Ars Technica.
From the tests that were preformed, it is evident that Nokia is performing Man In The Middle Attack for sensitive HTTPS traffic originated from their phone and hence they do have access to clear text information which could include user credentials to various sites such as social networking, banking, credit card information or anything that is sensitive in nature.
via Nokia’s MITM on HTTPS traffic from their phone « Treasure Hunt.
“The logical theory is that the transportation agency was using it to spy on its own employees,” said Chris Soghoian, a former Federal Trade Commission technology expert now working for the American Civil Liberties Union.
Validation authority alone isn’t enough to intercept traffic, the most likely goal of the project. The authenticator would also have to come in contact with the Web user.
via Turkish agency blamed by U.S. companies for intercepted Web pages | Reuters.
Imgur’s API exposes the entire Imgur infrastructure via a standardized programmatic interface. Using Imgur’s API, you can do just about anything you can do on imgur.com, while using your programming language of choice.
The Imgur API is a RESTful API based on HTTP requests and XML or JSON responses. If you’re familiar with the APIs of Twitter, Amazon’s S3, del.icio.us, or a host of other web services, you’ll feel right at home.
This version of the API, version 3, uses OAuth 2.0. This means that all requests will need to be encrypted and sent via SSL/TSL to https://. It also means that you need to register your application, even if you aren’t allowing users to login.
via The Imgur API – General Information.
According to Mandiant 83% of all backdoors used by APT attackers are outgoing sessions to TCP port 80 or 443. The reason for why APT, as well as other attackers, are using these two ports is primarily because most organizations allow outgoing connections on TCP 80 as well as 443. Many organizations try to counter this by using web-proxies, which can inspect the HTTP traffic and block any malicious behavior. But TCP 443 cannot be inspected in this way since SSL relies on end-to-end encryption.
via How to detect reverse_https backdoors – NETRESEC Blog.
Well, something that many people aren’t aware of is that the initial part of an SSL session isn’t encrypted. In fact, there are some pieces of relevant information being transmitted in clear text, especially the X.509 certificate that is sent from the SSL server.
The technique exploits web sessions protected by the Secure Sockets Layer and Transport Layer Security protocols when they use one of two data-compression schemes designed to reduce network congestion or the time it takes for webpages to load. Short for Compression Ratio Info-leak Made Easy, CRIME works only when both the browser and server support TLS compression or SPDY, an open networking protocol used by both Google and Twitter. Microsoft’s Internet Explorer, Google’s Chrome and Mozilla’s Firefox browsers are all believed to be immune to the attack, but at time of writing smartphone browsers and a myriad of other applications that rely on TLS are believed to remain vulnerable.
via Crack in Internet’s foundation of trust allows HTTPS session hijacking | Ars Technica.
A side effect of compression, security experts have long known, is that it leaks clues about the encrypted contents. That means it provides a “side channel” to adversaries who have the ability to monitor the data. A research paper published in 2002 by John Kelsey looks eerily similar to CRIME, but only in retrospect.
SSL certificates that most web browsers can accept without grief are sold by a relatively small number of companies. That’s because the major web browsers are shipped with a certain set of “root certificate authorities” that they trust… and if your certificate isn’t signed by one of those authorities, or by a certificate “chained” from one of them, then you’re out of luck— the web browser will display a scary warning to the user or, in some cases, refuse to work with your site at all.
The cost of SSL certificates varies quite a bit, from as little as $20 to as much as $1,000 or more. Why such a big difference? There are three main reasons:
via WWW FAQs: Which SSL certificate should I buy?.
2. Some certificates are directly signed by a trusted root certificate, while others are “chained” from another “intermediate” certificate. This isn’t really a problem, as long as the company selling you the chained certificate really does own the root certificate. But some webmasters get confused by intermediate certificates, fail to install them correctly, and mistakenly think they have purchased a bad certificate. So chained certificates are usually less expensive to allow for this inconvenience, even though there is no real technical disadvantage.