SlideShare a Scribd company logo

HTTPS @Scale

Download as PPTX, PDF
Arvind Mani
Arvind Mani

HTTPS @Scale by Arvind Mani of LinkedIn discusses LinkedIn's efforts to migrate their site to default HTTPS, the challenges they faced around mixed content, site speed, scaling TLS, and session upgrades, and the security best practices they implemented. Key points include gradually rolling out default HTTPS from 2012-2014, measuring and fixing mixed content issues, optimizing TLS handshakes for performance, scaling TLS infrastructure with hardware and CDNs, securely upgrading HTTP sessions to HTTPS, and implementing security measures like HSTS, pinning, and perfect forward secrecy.

1 of 32
HTTPS @Scale Arvind Mani, LinkedIn
Bio ● Head, Data & Infrastructure Security @ LinkedIn ● Prior - Yahoo, PayPal, Symantec, McAfee
What is HTTPS? ● HTTPS is HTTP over a channel secured by TLS or SSL. ● TLS (predecessor SSL) are crypto protocols designed to authenticate peer in client to server communication and ensure confidentiality and integrity of data.
LinkedIn HTTPS Timeline Mar 2012 Opt-in HTTPS June 2013 team assembled (netops, security, CDNOps, traffic) to make site default HTTPS. Dec 2013 Launch default HTTPS in NL Jan - Jun 2014 Rollout default HTTPS to US, EU, most of APAC Dec 2014 - Default HTTPS except CN and ZA
HTTPS traffic
Challenges Mixed Content Site Speed Scaling TLS Session Upgrade Security
What is it? On a https page, resource origin is insecure. What are the consequences? MITM Mixed Active Content Blocking - script, frames Mixed Content
Measuring Mixed Content Content-Security-Policy-Report-Only Header default-src https:; img-src https: data:; report-uri https://www.linkedin.com/lite/contentsecurity Sample {"csp-report":{"blocked- uri":"http://www.lixanalytics.com/foo","document- uri":"https://www.linkedin.com/profile?trk=ww","original- policy":"default-src https:; img-src https: data:; report-uri https://www.linkedin.com/csp","referrer":"","violated- directive":"default-src https:"}}
CSP Gotchas ● Set on just HTTPS response ● Sample ● Exclude report requests from any page-view rate-limiting ● unsafe-eval and unsafe-inline ● May not report on NPAPI Plugins ● Must Scale ● No cookies even if report-uri is same domain
Fixing Mixed Content Ads 3rd, 4th, 5th party pixels must all be https, even in iframe! Source Code Scanner fix hardcoded external links in dust templates Dynamic Scanner fix logical bugs, links constructed by backend applications
Challenges Mixed Content Site Speed Scaling TLS Session Upgrade Security
HTTP vs HTTPS It all boils down to TLS Handshake latency!
TLS False Start ● Full handshake is 2 roundtrip ● Client validates “Finished” from server before sending Application Data ● With Client side False Start, client sends “Application Data” before validating Finished => just 1 roundtrip ● Is this secure?
TLS Session Ticket ● Pre-Master Secret ● What is in a ticket? ● Fallback is full handshake ● Is this secure? ● Tickets and PFS
Network Roundtrip ● Terminate TLS closer to user ● Where to build Points-of-Presence (PoP)? See LinkedIn presentation at Velocity 2015 ● Static content - CDN map
Online Certificate Status Protocol ● Claims of 30% slow down: o DNS o TCP o OCSP request/response for chain However: ● OCSP response cached by browser (even days), ocsp response served off CDN ● Chrome disables OCSP checks by default
OCSP Stapling Server caches OCSP response, sends in Certificate Status Request Pros ● Captive Portal ● Preserves browsing privacy ● Supported by nginx, traffic server, Apache, etc Cons ● OCSP stapling (solution) not supported by mobile ● Stapling increases TLS handshake message size.
Cert Chain Size, initCwnd, SAN
Scaling TLS TLS Termination hardware vs software CDN TLS capacity multi CDN strategy TLS Tuneup TLS record size, byte overhead, AES-NI
Challenges Mixed Content Site Speed Scaling TLS Session Upgrade Security
“No login” HTTP -> HTTPS Upgrade http? ajax? bot? ramp segment yes no no yes ● Set “migration underway” hint cookie with TTL 10 minutes (avoid repeatedly upgrading bot that refuses to be upgraded) ● 301 to HTTPS ● Kill old authentication cookie+session/mint new authentication cookie+session ● Set new authentication cookie secure => new cookie was never on wire in plaintext! ● Set TLS hint cookie that is NOT secure ● Implement reverse for rollback
Challenges Mixed Content Site Speed Scaling TLS Session Upgrade Security
SSL Stripping How it Works? Attacker MITM HTTP requests. 301 or rejecting HTTP requests does not help. Mitigation Host Strict Transport Security (HSTS) and preload
HSTS Strict-Transport-Security: max-age=31536000; includeSubDomains; preload Window of vulnerability! Rollback with max-age=0 Preload ● Submit site https://hstspreload.appspot.com/ to enter into hardcoded list ● Domain should not serve HTTP traffic ● includeSubDomains (www), preload flag, max age >= 18 weeks Handle preload with care - hard to rollback
Perfect Forward Secrecy ● ClientKeyExchange - with RSA “pre-master” secret encrypted with server public key ● DH vs DHE vs ECDHE ● Forward Secrecy with Session Resumption
TLS Configuration ● Disable weak/export ciphers ● Disable SSL 3.0, TLS 1.0?? ● Enable PFS ciphersuites ● Attacks on SSL/TLS - insecure renegotiation, BEAST, CRIME, FREAK, POODLE, logjam, heartbleed (OpenSSL implementation)
Pinning* What problem does Pinning solve? Rogue CA, some MITM, reduces trust requirements What do you Pin? server certificate, server public key, public key of cert in chain Public-Key-Pins-Report-Only: max-age=2592000; pin-sha256="E9CZ9INDbd+2eRQozYqqbQ2yXLVKB9+xcprMF+44U1g="; pin-sha256="LPJNul+wow4m6DsqxbninhsWHlwfp0JecwQzYpOLmCQ="; report-uri="https://other.example.net/pkp-report"
Pinning Made Easier ● Fiddler, Corporate MITM supported* ● Reports on Pin failures ● Backup Pin required ● Testing chrome://net-internals/#hsts
EdgeNetwork Security* ● HSM ● Secure Edge <-> Datacenter communication
References ● https://www.imperialviolet.org/2010/06/25/ov erclocking-ssl.html ● https://github.com/linkedin/adfullssl ● http://www.w3.org/TR/CSP/ (note Level 2) ● http://velocityconf.com/devops-web- performance- 2015/public/schedule/detail/42026 ● https://blog.mozilla.org/tanvi/2013/04/10/mix
References ● https://www.igvita.com/2013/10/24/optimizin g-tls-record-size-and-buffering-latency/ ● https://hstspreload.appspot.com/ ● http://vincent.bernat.im/en/blog/2011-ssl- perfect-forward-secrecy.html
We’re Hiring Contact amani@linkedin.com https://www.linkedin.com/in/arvindmani Projects ● Inter-service Authentication & Access Control ● Web Application Security Frameworks & Tools ● Anti-scraping/DoS infrastructure ● Crypto libraries & services

More Related Content

What's hot

ModSecurity 3.0 and NGINX: Getting Started - EMEA
ModSecurity 3.0 and NGINX: Getting Started - EMEAModSecurity 3.0 and NGINX: Getting Started - EMEA
ModSecurity 3.0 and NGINX: Getting Started - EMEA
NGINX, Inc.
 
NGINX for Application Delivery & Acceleration
NGINX for Application Delivery & AccelerationNGINX for Application Delivery & Acceleration
NGINX for Application Delivery & Acceleration
NGINX, Inc.
 
Securing your web infrastructure
Securing your web infrastructureSecuring your web infrastructure
Securing your web infrastructure
WP Engine
 
Webinar Slides: Become a MongoDB DBA (if you’re really a MySQL user)
Webinar Slides: Become a MongoDB DBA (if you’re really a MySQL user)Webinar Slides: Become a MongoDB DBA (if you’re really a MySQL user)
Webinar Slides: Become a MongoDB DBA (if you’re really a MySQL user)
Severalnines
 
Inside election night at The New York Times | Altitude NYC
Inside election night at The New York Times | Altitude NYCInside election night at The New York Times | Altitude NYC
Inside election night at The New York Times | Altitude NYC
Fastly
 
Running a Robust DNS Infrastructure with CloudFlare Virtual DNS
Running a Robust DNS Infrastructure with CloudFlare Virtual DNSRunning a Robust DNS Infrastructure with CloudFlare Virtual DNS
Running a Robust DNS Infrastructure with CloudFlare Virtual DNS
Cloudflare
 
Botconf ppt
Botconf pptBotconf ppt
Botconf ppt
Cloudflare
 
The WordPress Hosting experience - Bought cheaply and paid dearly? - Jan Löf...
The WordPress Hosting experience - Bought cheaply and paid dearly? - Jan Löf...The WordPress Hosting experience - Bought cheaply and paid dearly? - Jan Löf...
The WordPress Hosting experience - Bought cheaply and paid dearly? - Jan Löf...
Jan Löffler
 
Are we security yet
Are we security yetAre we security yet
Are we security yet
Cristian Vat
 
Webinar slides: Become a MongoDB DBA - What to Monitor (if you’re really a My...
Webinar slides: Become a MongoDB DBA - What to Monitor (if you’re really a My...Webinar slides: Become a MongoDB DBA - What to Monitor (if you’re really a My...
Webinar slides: Become a MongoDB DBA - What to Monitor (if you’re really a My...
Severalnines
 
DDoS Attacks in 2017: Beyond Packet Filtering
DDoS Attacks in 2017: Beyond Packet FilteringDDoS Attacks in 2017: Beyond Packet Filtering
DDoS Attacks in 2017: Beyond Packet Filtering
Qrator Labs
 
The 3 Models in the NGINX Microservices Reference Architecture
The 3 Models in the NGINX Microservices Reference ArchitectureThe 3 Models in the NGINX Microservices Reference Architecture
The 3 Models in the NGINX Microservices Reference Architecture
NGINX, Inc.
 
HTTPS and YOU
HTTPS and YOUHTTPS and YOU
HTTPS and YOU
Eric Lewis
 
What’s New in NGINX Plus R15?
What’s New in NGINX Plus R15?What’s New in NGINX Plus R15?
What’s New in NGINX Plus R15?
NGINX, Inc.
 
Top 10 Web Hacks 2013
Top 10 Web Hacks 2013Top 10 Web Hacks 2013
Top 10 Web Hacks 2013
Matt Johansen
 
Server architecture
Server architectureServer architecture
Server architecture
Masters Academy
 
Csp and http headers
Csp and http headersCsp and http headers
Csp and http headers
ColdFusionConference
 
DDoS Attacks - Scenery, Evolution and Mitigation
DDoS Attacks - Scenery, Evolution and MitigationDDoS Attacks - Scenery, Evolution and Mitigation
DDoS Attacks - Scenery, Evolution and Mitigation
Wilson Rogerio Lopes
 
MRA AMA Part 10: Kubernetes and the Microservices Reference Architecture
MRA AMA Part 10: Kubernetes and the Microservices Reference ArchitectureMRA AMA Part 10: Kubernetes and the Microservices Reference Architecture
MRA AMA Part 10: Kubernetes and the Microservices Reference Architecture
NGINX, Inc.
 
Building a better web
Building a better webBuilding a better web
Building a better web
Fastly
 

What's hot (20)

ModSecurity 3.0 and NGINX: Getting Started - EMEA
ModSecurity 3.0 and NGINX: Getting Started - EMEAModSecurity 3.0 and NGINX: Getting Started - EMEA
ModSecurity 3.0 and NGINX: Getting Started - EMEA
 
NGINX for Application Delivery & Acceleration
NGINX for Application Delivery & AccelerationNGINX for Application Delivery & Acceleration
NGINX for Application Delivery & Acceleration
 
Securing your web infrastructure
Securing your web infrastructureSecuring your web infrastructure
Securing your web infrastructure
 
Webinar Slides: Become a MongoDB DBA (if you’re really a MySQL user)
Webinar Slides: Become a MongoDB DBA (if you’re really a MySQL user)Webinar Slides: Become a MongoDB DBA (if you’re really a MySQL user)
Webinar Slides: Become a MongoDB DBA (if you’re really a MySQL user)
 
Inside election night at The New York Times | Altitude NYC
Inside election night at The New York Times | Altitude NYCInside election night at The New York Times | Altitude NYC
Inside election night at The New York Times | Altitude NYC
 
Running a Robust DNS Infrastructure with CloudFlare Virtual DNS
Running a Robust DNS Infrastructure with CloudFlare Virtual DNSRunning a Robust DNS Infrastructure with CloudFlare Virtual DNS
Running a Robust DNS Infrastructure with CloudFlare Virtual DNS
 
Botconf ppt
Botconf pptBotconf ppt
Botconf ppt
 
The WordPress Hosting experience - Bought cheaply and paid dearly? - Jan Löf...
The WordPress Hosting experience - Bought cheaply and paid dearly? - Jan Löf...The WordPress Hosting experience - Bought cheaply and paid dearly? - Jan Löf...
The WordPress Hosting experience - Bought cheaply and paid dearly? - Jan Löf...
 
Are we security yet
Are we security yetAre we security yet
Are we security yet
 
Webinar slides: Become a MongoDB DBA - What to Monitor (if you’re really a My...
Webinar slides: Become a MongoDB DBA - What to Monitor (if you’re really a My...Webinar slides: Become a MongoDB DBA - What to Monitor (if you’re really a My...
Webinar slides: Become a MongoDB DBA - What to Monitor (if you’re really a My...
 
DDoS Attacks in 2017: Beyond Packet Filtering
DDoS Attacks in 2017: Beyond Packet FilteringDDoS Attacks in 2017: Beyond Packet Filtering
DDoS Attacks in 2017: Beyond Packet Filtering
 
The 3 Models in the NGINX Microservices Reference Architecture
The 3 Models in the NGINX Microservices Reference ArchitectureThe 3 Models in the NGINX Microservices Reference Architecture
The 3 Models in the NGINX Microservices Reference Architecture
 
HTTPS and YOU
HTTPS and YOUHTTPS and YOU
HTTPS and YOU
 
What’s New in NGINX Plus R15?
What’s New in NGINX Plus R15?What’s New in NGINX Plus R15?
What’s New in NGINX Plus R15?
 
Top 10 Web Hacks 2013
Top 10 Web Hacks 2013Top 10 Web Hacks 2013
Top 10 Web Hacks 2013
 
Server architecture
Server architectureServer architecture
Server architecture
 
Csp and http headers
Csp and http headersCsp and http headers
Csp and http headers
 
DDoS Attacks - Scenery, Evolution and Mitigation
DDoS Attacks - Scenery, Evolution and MitigationDDoS Attacks - Scenery, Evolution and Mitigation
DDoS Attacks - Scenery, Evolution and Mitigation
 
MRA AMA Part 10: Kubernetes and the Microservices Reference Architecture
MRA AMA Part 10: Kubernetes and the Microservices Reference ArchitectureMRA AMA Part 10: Kubernetes and the Microservices Reference Architecture
MRA AMA Part 10: Kubernetes and the Microservices Reference Architecture
 
Building a better web
Building a better webBuilding a better web
Building a better web
 

Similar to HTTPS @Scale

TLS - 2016 Velocity Training
TLS - 2016 Velocity TrainingTLS - 2016 Velocity Training
TLS - 2016 Velocity Training
Patrick Meenan
 
Dynamic Content Acceleration: Lightning Fast Web Apps with Amazon CloudFront ...
Dynamic Content Acceleration: Lightning Fast Web Apps with Amazon CloudFront ...Dynamic Content Acceleration: Lightning Fast Web Apps with Amazon CloudFront ...
Dynamic Content Acceleration: Lightning Fast Web Apps with Amazon CloudFront ...
Amazon Web Services
 
Dynamic Content Acceleration: Amazon CloudFront and Amazon Route 53 (ARC309) ...
Dynamic Content Acceleration: Amazon CloudFront and Amazon Route 53 (ARC309) ...Dynamic Content Acceleration: Amazon CloudFront and Amazon Route 53 (ARC309) ...
Dynamic Content Acceleration: Amazon CloudFront and Amazon Route 53 (ARC309) ...
Amazon Web Services
 
Getting started with HTTPS | LumoSpark webinar
Getting started with HTTPS | LumoSpark webinar Getting started with HTTPS | LumoSpark webinar
Getting started with HTTPS | LumoSpark webinar
LumoSpark
 
Squid, SquidGuard, and Lightsquid on pfSense 2.3 & 2.4 - pfSense Hangout Janu...
Squid, SquidGuard, and Lightsquid on pfSense 2.3 & 2.4 - pfSense Hangout Janu...Squid, SquidGuard, and Lightsquid on pfSense 2.3 & 2.4 - pfSense Hangout Janu...
Squid, SquidGuard, and Lightsquid on pfSense 2.3 & 2.4 - pfSense Hangout Janu...
Netgate
 
Securing the client side web
Securing the client side webSecuring the client side web
Securing the client side web
SC5.io
 
Crypto workshop part 1 - Web and Crypto
Crypto workshop part 1 - Web and CryptoCrypto workshop part 1 - Web and Crypto
Crypto workshop part 1 - Web and Crypto
hannob
 
HTTP/2 and a Faster Web
HTTP/2 and a Faster WebHTTP/2 and a Faster Web
HTTP/2 and a Faster Web
C4Media
 
Linux HTTPS/TCP/IP Stack for the Fast and Secure Web
Linux HTTPS/TCP/IP Stack for the Fast and Secure WebLinux HTTPS/TCP/IP Stack for the Fast and Secure Web
Linux HTTPS/TCP/IP Stack for the Fast and Secure Web
All Things Open
 
Scalable Reliable Secure REST
Scalable Reliable Secure RESTScalable Reliable Secure REST
Scalable Reliable Secure REST
guestb2ed5f
 
20190516 web security-basic
20190516 web security-basic20190516 web security-basic
20190516 web security-basic
MksYi
 
Web performance mercadolibre - ECI 2013
Web performance mercadolibre - ECI 2013Web performance mercadolibre - ECI 2013
Web performance mercadolibre - ECI 2013
Santiago Aimetta
 
Maximizing SPDY and SSL Performance (June 2014)
Maximizing SPDY and SSL Performance (June 2014)Maximizing SPDY and SSL Performance (June 2014)
Maximizing SPDY and SSL Performance (June 2014)
Zoompf
 
HTTP
HTTPHTTP
HTTP
Daniel Kummer
 
NGINX: High Performance Load Balancing
NGINX: High Performance Load BalancingNGINX: High Performance Load Balancing
NGINX: High Performance Load Balancing
NGINX, Inc.
 
Http2 in practice
Http2 in practiceHttp2 in practice
Http2 in practice
Patrick Meenan
 
Secure Content Delivery Using Amazon CloudFront and AWS WAF
Secure Content Delivery Using Amazon CloudFront and AWS WAFSecure Content Delivery Using Amazon CloudFront and AWS WAF
Secure Content Delivery Using Amazon CloudFront and AWS WAF
Amazon Web Services
 
Linux confau 2019: Web Security 2019
Linux confau 2019: Web Security 2019Linux confau 2019: Web Security 2019
Linux confau 2019: Web Security 2019
James Bromberger
 
Web performance optimization - MercadoLibre
Web performance optimization - MercadoLibreWeb performance optimization - MercadoLibre
Web performance optimization - MercadoLibre
Pablo Moretti
 
Cleaning Up the Dirt of the Nineties - How New Protocols are Modernizing the Web
Cleaning Up the Dirt of the Nineties - How New Protocols are Modernizing the WebCleaning Up the Dirt of the Nineties - How New Protocols are Modernizing the Web
Cleaning Up the Dirt of the Nineties - How New Protocols are Modernizing the Web
Steffen Gebert
 

Similar to HTTPS @Scale (20)

TLS - 2016 Velocity Training
TLS - 2016 Velocity TrainingTLS - 2016 Velocity Training
TLS - 2016 Velocity Training
 
Dynamic Content Acceleration: Lightning Fast Web Apps with Amazon CloudFront ...
Dynamic Content Acceleration: Lightning Fast Web Apps with Amazon CloudFront ...Dynamic Content Acceleration: Lightning Fast Web Apps with Amazon CloudFront ...
Dynamic Content Acceleration: Lightning Fast Web Apps with Amazon CloudFront ...
 
Dynamic Content Acceleration: Amazon CloudFront and Amazon Route 53 (ARC309) ...
Dynamic Content Acceleration: Amazon CloudFront and Amazon Route 53 (ARC309) ...Dynamic Content Acceleration: Amazon CloudFront and Amazon Route 53 (ARC309) ...
Dynamic Content Acceleration: Amazon CloudFront and Amazon Route 53 (ARC309) ...
 
Getting started with HTTPS | LumoSpark webinar
Getting started with HTTPS | LumoSpark webinar Getting started with HTTPS | LumoSpark webinar
Getting started with HTTPS | LumoSpark webinar
 
Squid, SquidGuard, and Lightsquid on pfSense 2.3 & 2.4 - pfSense Hangout Janu...
Squid, SquidGuard, and Lightsquid on pfSense 2.3 & 2.4 - pfSense Hangout Janu...Squid, SquidGuard, and Lightsquid on pfSense 2.3 & 2.4 - pfSense Hangout Janu...
Squid, SquidGuard, and Lightsquid on pfSense 2.3 & 2.4 - pfSense Hangout Janu...
 
Securing the client side web
Securing the client side webSecuring the client side web
Securing the client side web
 
Crypto workshop part 1 - Web and Crypto
Crypto workshop part 1 - Web and CryptoCrypto workshop part 1 - Web and Crypto
Crypto workshop part 1 - Web and Crypto
 
HTTP/2 and a Faster Web
HTTP/2 and a Faster WebHTTP/2 and a Faster Web
HTTP/2 and a Faster Web
 
Linux HTTPS/TCP/IP Stack for the Fast and Secure Web
Linux HTTPS/TCP/IP Stack for the Fast and Secure WebLinux HTTPS/TCP/IP Stack for the Fast and Secure Web
Linux HTTPS/TCP/IP Stack for the Fast and Secure Web
 
Scalable Reliable Secure REST
Scalable Reliable Secure RESTScalable Reliable Secure REST
Scalable Reliable Secure REST
 
20190516 web security-basic
20190516 web security-basic20190516 web security-basic
20190516 web security-basic
 
Web performance mercadolibre - ECI 2013
Web performance mercadolibre - ECI 2013Web performance mercadolibre - ECI 2013
Web performance mercadolibre - ECI 2013
 
Maximizing SPDY and SSL Performance (June 2014)
Maximizing SPDY and SSL Performance (June 2014)Maximizing SPDY and SSL Performance (June 2014)
Maximizing SPDY and SSL Performance (June 2014)
 
HTTP
HTTPHTTP
HTTP
 
NGINX: High Performance Load Balancing
NGINX: High Performance Load BalancingNGINX: High Performance Load Balancing
NGINX: High Performance Load Balancing
 
Http2 in practice
Http2 in practiceHttp2 in practice
Http2 in practice
 
Secure Content Delivery Using Amazon CloudFront and AWS WAF
Secure Content Delivery Using Amazon CloudFront and AWS WAFSecure Content Delivery Using Amazon CloudFront and AWS WAF
Secure Content Delivery Using Amazon CloudFront and AWS WAF
 
Linux confau 2019: Web Security 2019
Linux confau 2019: Web Security 2019Linux confau 2019: Web Security 2019
Linux confau 2019: Web Security 2019
 
Web performance optimization - MercadoLibre
Web performance optimization - MercadoLibreWeb performance optimization - MercadoLibre
Web performance optimization - MercadoLibre
 
Cleaning Up the Dirt of the Nineties - How New Protocols are Modernizing the Web
Cleaning Up the Dirt of the Nineties - How New Protocols are Modernizing the WebCleaning Up the Dirt of the Nineties - How New Protocols are Modernizing the Web
Cleaning Up the Dirt of the Nineties - How New Protocols are Modernizing the Web
 

HTTPS @Scale

  • 2. Bio ● Head, Data & Infrastructure Security @ LinkedIn ● Prior - Yahoo, PayPal, Symantec, McAfee
  • 3. What is HTTPS? ● HTTPS is HTTP over a channel secured by TLS or SSL. ● TLS (predecessor SSL) are crypto protocols designed to authenticate peer in client to server communication and ensure confidentiality and integrity of data.
  • 4. LinkedIn HTTPS Timeline Mar 2012 Opt-in HTTPS June 2013 team assembled (netops, security, CDNOps, traffic) to make site default HTTPS. Dec 2013 Launch default HTTPS in NL Jan - Jun 2014 Rollout default HTTPS to US, EU, most of APAC Dec 2014 - Default HTTPS except CN and ZA
  • 6. Challenges Mixed Content Site Speed Scaling TLS Session Upgrade Security
  • 7. What is it? On a https page, resource origin is insecure. What are the consequences? MITM Mixed Active Content Blocking - script, frames Mixed Content
  • 8. Measuring Mixed Content Content-Security-Policy-Report-Only Header default-src https:; img-src https: data:; report-uri https://www.linkedin.com/lite/contentsecurity Sample {"csp-report":{"blocked- uri":"http://www.lixanalytics.com/foo","document- uri":"https://www.linkedin.com/profile?trk=ww","original- policy":"default-src https:; img-src https: data:; report-uri https://www.linkedin.com/csp","referrer":"","violated- directive":"default-src https:"}}
  • 9. CSP Gotchas ● Set on just HTTPS response ● Sample ● Exclude report requests from any page-view rate-limiting ● unsafe-eval and unsafe-inline ● May not report on NPAPI Plugins ● Must Scale ● No cookies even if report-uri is same domain
  • 10. Fixing Mixed Content Ads 3rd, 4th, 5th party pixels must all be https, even in iframe! Source Code Scanner fix hardcoded external links in dust templates Dynamic Scanner fix logical bugs, links constructed by backend applications
  • 11. Challenges Mixed Content Site Speed Scaling TLS Session Upgrade Security
  • 12. HTTP vs HTTPS It all boils down to TLS Handshake latency!
  • 13. TLS False Start ● Full handshake is 2 roundtrip ● Client validates “Finished” from server before sending Application Data ● With Client side False Start, client sends “Application Data” before validating Finished => just 1 roundtrip ● Is this secure?
  • 14. TLS Session Ticket ● Pre-Master Secret ● What is in a ticket? ● Fallback is full handshake ● Is this secure? ● Tickets and PFS
  • 15. Network Roundtrip ● Terminate TLS closer to user ● Where to build Points-of-Presence (PoP)? See LinkedIn presentation at Velocity 2015 ● Static content - CDN map
  • 16. Online Certificate Status Protocol ● Claims of 30% slow down: o DNS o TCP o OCSP request/response for chain However: ● OCSP response cached by browser (even days), ocsp response served off CDN ● Chrome disables OCSP checks by default
  • 17. OCSP Stapling Server caches OCSP response, sends in Certificate Status Request Pros ● Captive Portal ● Preserves browsing privacy ● Supported by nginx, traffic server, Apache, etc Cons ● OCSP stapling (solution) not supported by mobile ● Stapling increases TLS handshake message size.
  • 18. Cert Chain Size, initCwnd, SAN
  • 19. Scaling TLS TLS Termination hardware vs software CDN TLS capacity multi CDN strategy TLS Tuneup TLS record size, byte overhead, AES-NI
  • 20. Challenges Mixed Content Site Speed Scaling TLS Session Upgrade Security
  • 21. “No login” HTTP -> HTTPS Upgrade http? ajax? bot? ramp segment yes no no yes ● Set “migration underway” hint cookie with TTL 10 minutes (avoid repeatedly upgrading bot that refuses to be upgraded) ● 301 to HTTPS ● Kill old authentication cookie+session/mint new authentication cookie+session ● Set new authentication cookie secure => new cookie was never on wire in plaintext! ● Set TLS hint cookie that is NOT secure ● Implement reverse for rollback
  • 22. Challenges Mixed Content Site Speed Scaling TLS Session Upgrade Security
  • 23. SSL Stripping How it Works? Attacker MITM HTTP requests. 301 or rejecting HTTP requests does not help. Mitigation Host Strict Transport Security (HSTS) and preload
  • 24. HSTS Strict-Transport-Security: max-age=31536000; includeSubDomains; preload Window of vulnerability! Rollback with max-age=0 Preload ● Submit site https://hstspreload.appspot.com/ to enter into hardcoded list ● Domain should not serve HTTP traffic ● includeSubDomains (www), preload flag, max age >= 18 weeks Handle preload with care - hard to rollback
  • 25. Perfect Forward Secrecy ● ClientKeyExchange - with RSA “pre-master” secret encrypted with server public key ● DH vs DHE vs ECDHE ● Forward Secrecy with Session Resumption
  • 26. TLS Configuration ● Disable weak/export ciphers ● Disable SSL 3.0, TLS 1.0?? ● Enable PFS ciphersuites ● Attacks on SSL/TLS - insecure renegotiation, BEAST, CRIME, FREAK, POODLE, logjam, heartbleed (OpenSSL implementation)
  • 27. Pinning* What problem does Pinning solve? Rogue CA, some MITM, reduces trust requirements What do you Pin? server certificate, server public key, public key of cert in chain Public-Key-Pins-Report-Only: max-age=2592000; pin-sha256="E9CZ9INDbd+2eRQozYqqbQ2yXLVKB9+xcprMF+44U1g="; pin-sha256="LPJNul+wow4m6DsqxbninhsWHlwfp0JecwQzYpOLmCQ="; report-uri="https://other.example.net/pkp-report"
  • 28. Pinning Made Easier ● Fiddler, Corporate MITM supported* ● Reports on Pin failures ● Backup Pin required ● Testing chrome://net-internals/#hsts
  • 29. EdgeNetwork Security* ● HSM ● Secure Edge <-> Datacenter communication
  • 30. References ● https://www.imperialviolet.org/2010/06/25/ov erclocking-ssl.html ● https://github.com/linkedin/adfullssl ● http://www.w3.org/TR/CSP/ (note Level 2) ● http://velocityconf.com/devops-web- performance- 2015/public/schedule/detail/42026 ● https://blog.mozilla.org/tanvi/2013/04/10/mix
  • 32. We’re Hiring Contact amani@linkedin.com https://www.linkedin.com/in/arvindmani Projects ● Inter-service Authentication & Access Control ● Web Application Security Frameworks & Tools ● Anti-scraping/DoS infrastructure ● Crypto libraries & services

Editor's Notes

  1. new certs using old public key base64 encoded hash of SubjectPublicKeyInfo (SPKI), not just public key; typically use intermediate CA SPKI