\setcounter{totalnumber}{20}
\setcounter{dbltopnumber}{9}
+% Starred lists (\begin{itemize*}) for less space between items
+\usepackage{mdwlist}
+
%%% Local Variables:
%%% mode: latex
%%% TeX-master: "../applied-crypto-hardening"
\label{section:Scope}
In this guide, we restricted ourselves to:
-\begin{itemize}
+\begin{itemize*}
\item Internet-facing services
\item Commonly used services
\item Devices which are used in business environments (this specifically excludes XBoxes, Playstations and similar consumer devices)
\item OpenSSL
-\end{itemize}
+\end{itemize*}
We explicitly excluded:
-\begin{itemize}
+\begin{itemize*}
\item Specialized systems (such as medical devices, most embedded systems, etc.)
\item Wireless Access Points
\item Smart-cards/chip cards
% \item Advice on running a PKI or a CA
% \item Services which should be run only in an internal network and never face the Internet.
-\end{itemize}
+\end{itemize*}
%%% Local Variables:
The following is a list of services, software packages, hardware devices or protocols that we considered documenting but either did not manage to document yet or might be able to document later. We encourage input from the Internet community.
\begin{multicols}{3}
-\begin{itemize}
+\begin{itemize*}
\item whatsapp (might be problematic since a user/admin can't change anything)
\item Lync
\item Skype (might be problematic since a user/admin can't change anything)
\item SAML federated auth providers \footnote{e.g., all the REFEDS folks (\url{https://refeds.org/})), including InCommon (\url{http://www.incommon.org/federation/metadata.html}
\url{https://wiki.shibboleth.net/confluence/display/SHIB2/TrustManagement} }
\item Microsoft SQL Server
-\end{itemize}
+\end{itemize*}
\end{multicols}
%%% Local Variables:
\label{cha:links}
%% NOTE: this should re restructured...
-\begin{itemize}
+\begin{itemize*}
\item IANA official list of Transport Layer Security (TLS) Parameters: \url{https://www.iana.org/assignments/tls-parameters/tls-parameters.txt}
\item SSL cipher settings: \url{http://www.skytale.net/blog/archives/22-SSL-cipher-setting.html}
\item Elliptic curves and their implementation (04 Dec 2010): \url{https://www.imperialviolet.org/2010/12/04/ecc.html}
\item Wikipedia: Ciphertext Stealing \url{http://en.wikipedia.org/wiki/Ciphertext_stealing}
\item Wikipedia: Malleability (Cryptography) \url{http://en.wikipedia.org/wiki/Malleability_(cryptography)}
\item Ritter's Crypto Glossary and Dictionary of Technical Cryptography \url{http://www.ciphersbyritter.com/GLOSSARY.HTM}
-\end{itemize}
+\end{itemize*}
\subsubsection{References}
-\begin{itemize}
+\begin{itemize*}
\item Technical safety requirements by \emph{Deutsche Telekom AG} (German). Please read section 17.12 or pages 129 and following (Req 396 and Req 397) about SSL and ciphersuites \url{http://www.telekom.com/static/-/155996/7/technische-sicherheitsanforderungen-si}
-\end{itemize}
+\end{itemize*}
\subsubsection{Tested with Versions}
-\begin{itemize}
+\begin{itemize*}
\item Debian Wheezy and MySQL 5.5
-\end{itemize}
+\end{itemize*}
\subsubsection{Settings}
\subsubsection{References}
-\begin{itemize}
+\begin{itemize*}
\item MySQL Documentation on SSl Connections: \url{https://dev.mysql.com/doc/refman/5.5/en/ssl-connections.html}
-\end{itemize}
+\end{itemize*}
\subsubsection{How to test}
\subsubsection{References}
-\begin{itemize}
+\begin{itemize*}
\item IMB Db2 Documentation on \emph{Supported cipher suites} \url{http://pic.dhe.ibm.com/infocenter/db2luw/v9r7/index.jsp?topic=\%2Fcom.ibm.db2.luw.admin.sec.doc\%2Fdoc\%2Fc0053544.html}
-\end{itemize}
+\end{itemize*}
\subsubsection{Settings}
\subsection{PostgreSQL}
\subsubsection{Tested with Versions}
-\begin{itemize}
+\begin{itemize*}
\item Debian Wheezy and PostgreSQL 9.1
\item Linux Mint 14 nadia / Ubuntu 12.10 quantal with PostgreSQL 9.1+136 and OpenSSL 1.0.1c
-\end{itemize}
+\end{itemize*}
\subsubsection{References}
-\begin{itemize}
+\begin{itemize*}
\item It's recommended to read \url{http://www.postgresql.org/docs/9.1/interactive/runtime-config-connection.html\#RUNTIME-CONFIG-CONNECTION-SECURITY} (please edit the version with your preferred one).
\item PostgreSQL Documentation on \emph{Secure TCP/IP Connections with SSL}: \url{http://www.postgresql.org/docs/9.1/static/ssl-tcp.html}
\item PostgreSQL Documentation on \emph{host-based authentication}: \url{http://www.postgresql.org/docs/current/static/auth-pg-hba-conf.html}
-\end{itemize}
+\end{itemize*}
\subsubsection{Settings}
When using PGP, there are a couple of things to take care of:
-\begin{itemize}
+\begin{itemize*}
\item keylengths (see section \ref{section:keylengths})
\item randomness (see section \ref{section:RNGs})
\item preference of symmetric encryption algorithm (see section \ref{section:CipherSuites})
\item preference of hash function (see section \ref{section:CipherSuites})
-\end{itemize}
+\end{itemize*}
Properly dealing with key material, passphrases and the web-of-trust is outside of the scope of this document. The GnuPG website\footnote{\url{http://www.gnupg.org/}} has a good tutorial on PGP.
For servers, we mostly recommend to apply what's proposed by the \emph{Peter's manifesto}\footnote{\url{https://github.com/stpeter/manifesto}}.
In short:
-\begin{itemize}
+\begin{itemize*}
\item require the use of TLS for both client-to-server and server-to-server connections
\item prefer or require TLS cipher suites that enable forward secrecy
\item deploy certificates issued by well-known and widely-deployed certification authorities (CAs)
-\end{itemize}
+\end{itemize*}
The last point being out-of-scope for this section, we will only cover the first two points.
\subsection{ejabberd}
\subsubsection{Tested with Versions}
-\begin{itemize}
+\begin{itemize*}
\item Debian Wheezy 2.1.10-4+deb7u1
-\end{itemize}
+\end{itemize*}
\subsubsection{Settings}
ejabberd is one of the popular Jabber server. In order to be compliant
\subsubsection{How to test}
-\begin{itemize}
+\begin{itemize*}
\item \url{https://xmpp.net} is a practical website to test Jabber server configurations.
-\end{itemize}
+\end{itemize*}
%%----------------------------------------------------------------------
The OTR protocol works on top of the Jabber protocol\footnote{\url{https://otr.cypherpunks.ca/Protocol-v3-4.0.0.html}}.
It adds to popular chat clients (Adium, Pidgin...) the following properties for encrypted chats:
-\begin{itemize}
+\begin{itemize*}
\item Authentication
\item Integrity
\item Confidentiality
\item Forward secrecy
-\end{itemize}
+\end{itemize*}
It basically uses Diffie-Hellman, AES and SHA1. Communicating over an insecure instant messaging network, OTR can be used for end to end encryption.
SMTP usually makes use of opportunistic TLS. This means that an MTA will accept TLS connections when asked for it during handshake but will not require it. One should always support incoming opportunistic TLS and always try TLS handshake outgoing.
Furthermore a mailserver can operate in three modes:
-\begin{itemize}
+\begin{itemize*}
\item As MSA (Mail Submission Agent) your mailserver receives mail from your clients MUAs (Mail User Agent).
\item As receiving MTA (Mail Transmission Agent, MX)
\item As sending MTA (SMTP client)
-\end{itemize}
+\end{itemize*}
We recommend the following basic setup for all modes:
-\begin{itemize}
+\begin{itemize*}
\item correctly setup MX, A and PTR RRs without using CNAMEs at all.
\item enable encryption (opportunistic TLS)
\item do not use self signed certificates
-\end{itemize}
+\end{itemize*}
For SMTP client mode we additionally recommend:
-\begin{itemize}
+\begin{itemize*}
\item the hostname used as HELO must match the PTR RR
\item setup a client certificate (most server certificates are client certificates as well)
\item either the common name or at least an alternate subject name of your certificate must match the PTR RR
\item do not modify the cipher suite for client mode
-\end{itemize}
+\end{itemize*}
For MSA operation we recommend:
-\begin{itemize}
+\begin{itemize*}
\item listen on submission port 587
\item enforce SMTP AUTH even for local networks
\item do not allow SMTP AUTH on unencrypted connections
\item optionally use the recommended cipher suites if (and only if) all your connecting MUAs support them
-\end{itemize}
+\end{itemize*}
% Note that (with the exception of MSA mode), it might be better to allow any cipher suite -- since any encryption is better than no encryption when it comes to opportunistic TLS.
\subsubsection{Tested with Version}
-\begin{itemize}
+\begin{itemize*}
\item Dovecot 2.1.17, Debian Wheezy (without ``ssl\_prefer\_server\_ciphers'' setting)
\item Dovecot 2.2
\item 2.0.19apple1 on OS X Server 10.8.5 (without ``ssl\_prefer\_server\_ciphers'' setting)
-\end{itemize}
+\end{itemize*}
\subsubsection{Settings}
% Example: http://dovecot.org/list/dovecot/2013-October/092999.html
% in case you have the need for further justifications why you chose this and that setting or if the settings do not fit into the standard Variant A or Variant B schema, please document this here
\subsubsection{References}
-\begin{itemize}
+\begin{itemize*}
\item \url{http://wiki2.dovecot.org/SSL}
-\end{itemize}
+\end{itemize*}
% add any further references or best practice documents here
%% ----------------------------------------------------------------------
\subsection{cyrus-imapd}
\subsubsection{Tested with Versions}
-\begin{itemize}
+\begin{itemize*}
\item 2.4.17
-\end{itemize}
+\end{itemize*}
\subsubsection{Settings}
\paragraphDiamond{imapd.conf}
\subsection{Postfix}
\subsubsection{Tested with Versions}
-\begin{itemize}
+\begin{itemize*}
\item Postfix 2.9.6, Debian Wheezy
-\end{itemize}
+\end{itemize*}
\subsubsection{Settings}
\paragraphDiamond{GnuTLS}
GnuTLS is different in only some respects to OpenSSL:
-\begin{itemize}
+\begin{itemize*}
\item tls\_require\_ciphers needs a GnuTLS priority string instead of a cipher list. It is recommended to use the defaults by not defining this option. It highly depends on the version of GnuTLS used. Therefore it is not advisable to change the defaults.
\item There is no option like openssl\_options
-\end{itemize}
+\end{itemize*}
\paragraphDiamond{Exim string expansion}
Note that most of the options accept expansion strings. This way you can e.g. set cipher lists or STARTTLS advertisement conditionally. Please follow the link to the official Exim documentation to get more information.
For encrypted traffic there are four options:
-\begin{itemize}
+\begin{itemize*}
\item Block the connection because it cannot be scanned for threats.
\item Bypass the threat-mitigation and pass the encrypted session to the client, which results in a situation where malicious content is transferred directly to the client without visibility to the security system.
\item Intercept (i.e. terminate) the session at the proxy, scan there and re-encrypt the session towards the client (effectively MITM).
\item Deploy special Certificate Authorities to enable Deep Packet Inspection on the wire.
-\end{itemize}
+\end{itemize*}
While the latest solution might be the most "up to date", it arises a new front in the context of this paper, because the most secure part of a client's connection could only be within the corporate network, if the proxy-server handles the connection to the destination server in an insecure manner.
\subsubsection{Bluecoat}
%% https://kb.bluecoat.com/index?page=content&id=KB5549
\subsubsection{Tested with Versions}
-\begin{itemize}
+\begin{itemize*}
\item SGOS 6.5.x
-\end{itemize}
+\end{itemize*}
BlueCoat Proxy SG Appliances can be used as forward and reverse proxies. The reverse proxy feature is rather under-developed, and while it is possible and supported, there only seems to be limited use of this feature "in the wild" - nonetheless there are a few cipher suites to choose from, when enabling SSL features.
% See https://help.ubuntu.com/community/Pound
\subsubsection{Tested with Versions}
-\begin{itemize}
+\begin{itemize*}
\item Pound 2.6
-\end{itemize}
+\end{itemize*}
\begin{lstlisting}
# HTTP Listener, redirects to HTTPS
%%----------------------------------------------------------------------
\subsection{Cisco ASA}
\subsubsection{Tested with Versions}
-\begin{itemize}
+\begin{itemize*}
\item 9.1(3)
-\end{itemize}
+\end{itemize*}
\subsubsection{Settings}
Note: When the ASA is configured for SSH, by default both SSH versions 1 and 2 are allowed. In addition to that, only a group1 DH-key-exchange is used. This should be changed to allow only SSH version 2 and to use a key-exchange with group14. The generated RSA key should be 2048 bit (the actual supported maximum). A non-cryptographic best practice is to reconfigure the lines to only allow SSH-logins.
\subsubsection{References}
-\begin{itemize}
+\begin{itemize*}
\item \url{http://www.cisco.com/en/US/docs/security/asa/asa91/configuration/general/admin\_management.html }
-\end{itemize}
+\end{itemize*}
\subsubsection{How to test}
Connect a client with verbose logging enabled to the SSH server
%----------------------------------------------------------------------
\subsection{Cisco IOS}
\subsubsection{Tested with Versions}
-\begin{itemize}
+\begin{itemize*}
\item 15.0, 15.1, 15.2
-\end{itemize}
+\end{itemize*}
\subsubsection{Settings}
\subsubsection{References}
-\begin{itemize}
+\begin{itemize*}
\item \url{http://www.cisco.com/en/US/docs/ios/sec\_user\_services/configuration/guide/sec\_cfg\_secure\_shell.html}
-\end{itemize}
+\end{itemize*}
% add any further references or best practice documents here
\subsubsection{How to test}
\end{table}
\subsubsection{References}
-\begin{itemize}
+\begin{itemize*}
\item ``A Cryptographic Evaluation of IPsec'', Niels Ferguson and Bruce
Schneier: \url{https://www.schneier.com/paper-ipsec.pdf}
-\end{itemize}
+\end{itemize*}
%----------------------------------------------------------------------
\subsection{Check Point FireWall-1}
\subsubsection{Tested with Versions}
-\begin{itemize}
+\begin{itemize*}
\item R77 (should work with any currently supported version)
-\end{itemize}
+\end{itemize*}
\subsubsection{Settings}
Please see section \ref{section:IPSECgeneral} for guidance on
%\subsubsection{Limitations}
\subsubsection{References}
-\begin{itemize}
+\begin{itemize*}
\item Check Point \href{https://sc1.checkpoint.com/documents/R77/CP_R77_VPN_AdminGuide/html_frameset.htm}{VPN R77 Administration Guide} (may require a UserCenter account to access)
-\end{itemize}
+\end{itemize*}
%\subsubsection{How to test}
\subsection{OpenVPN}
\subsubsection{Tested with Versions}
-\begin{itemize}
+\begin{itemize*}
\item OpenVPN 2.3.2 from Debian ``wheezy-backports'' linked against openssl (libssl.so.1.0.0)
\item OpenVPN 2.2.1 from Debian Wheezy linked against openssl
(libssl.so.1.0.0)
\item OpenVPN 2.3.2 for Windows
-\end{itemize}
+\end{itemize*}
\subsubsection{Settings}
\subsubsection{References}
-\begin{itemize}
+\begin{itemize*}
\item OpenVPN Documentation: \emph{Security Overview} \url{http://openvpn.net/index.php/open-source/documentation/security-overview.html}
-\end{itemize}
+\end{itemize*}
%\subsubsection{How to test}
\subsubsection{Tested with Versions}
-\begin{itemize}
+\begin{itemize*}
\item 9.1(3) - X-series model
-\end{itemize}
+\end{itemize*}
\subsubsection{Settings}
\begin{lstlisting}
Legacy ASA models (e.g. 5505, 5510, 5520, 5540, 5550) do not offer the possibility to configure for SHA256/SHA384/SHA512 nor AES-GCM for IKEv2 proposals.
\subsubsection{References}
-\begin{itemize}
+\begin{itemize*}
\item \url{http://www.cisco.com/en/US/docs/security/asa/roadmap/asaroadmap.html}\\
\item \url{http://www.cisco.com/web/about/security/intelligence/nextgen_crypto.html}
-\end{itemize}
+\end{itemize*}
% add any further references or best practice documents here
synonyms~\footnote{https://www.mail-archive.com/openssl-dev@openssl.org/msg33405.html})
\subsubsection{Tested with Versions}
-\begin{itemize}
+\begin{itemize*}
\item Apache 2.2.22 linked against OpenSSL 1.0.1e, Debian Wheezy
\item Apache 2.4.6 linked against OpenSSL 1.0.1e, Debian Jessie
-\end{itemize}
+\end{itemize*}
\subsubsection{Settings}
Enabled modules \emph{SSL} and \emph{Headers} are required.
%\subsubsection{Justification for special settings (if needed)}
\subsubsection{References}
-\begin{itemize}
+\begin{itemize*}
\item Apache2 Docs on SSL and TLS: \url{https://httpd.apache.org/docs/2.4/ssl/}
-\end{itemize}
+\end{itemize*}
\subsubsection{How to test}
\todo{sebix: add/test ssl.ec-curve and ssl.dh-file; see \url{http://redmine.lighttpd.net/projects/1/wiki/Docsr\_SSL\#Diffie-Hellman-and-Elliptic-Curve-Diffie-Hellman-parameters}}
\subsubsection{Tested with Versions}
-\begin{itemize}
+\begin{itemize*}
\item lighttpd/1.4.31-4 with OpenSSL 1.0.1e on Debian Wheezy
\item lighttpd/1.4.33 with OpenSSL 0.9.8o on Debian Squeeze (note that TLSv1.2 does not work in openssl 0.9.8 thus not all ciphers actually work)
\item lighttpd/1.4.28-2 with OpenSSL 0.9.8o on Debian Squeeze (note that TLSv1.2 does not work in openssl 0.9.8 thus not all ciphers actually work)
-\end{itemize}
+\end{itemize*}
\subsubsection{Settings}
\subsubsection{References}
-\begin{itemize}
+\begin{itemize*}
\item HTTPS redirection: \url{http://redmine.lighttpd.net/projects/1/wiki/HowToRedirectHttpToHttps}
\item Lighttpd Docs SSL: \url{http://redmine.lighttpd.net/projects/lighttpd/wiki/Docs\_SSL}
\item Release 1.4.30 (How to mitigate BEAST attack) \url{http://redmine.lighttpd.net/projects/lighttpd/wiki/Release-1\_4\_30}
\item SSL Compression disabled by default: \url{http://redmine.lighttpd.net/issues/2445}
-\end{itemize}
+\end{itemize*}
\subsubsection{How to test}
\subsection{nginx}
\subsubsection{Tested with Version}
-\begin{itemize}
+\begin{itemize*}
\item 1.4.4 with OpenSSL 1.0.1e on OS X Server 10.8.5
\item 1.2.1-2.2+wheezy2 with OpenSSL 1.0.1e on Debian Wheezy
\item 1.4.4 with OpenSSL 1.0.1e on Debian Wheezy
\item 1.2.1-2.2~bpo60+2 with OpenSSL 0.9.8o on Debian Squeeze (note that TLSv1.2 does not work in openssl 0.9.8 thus not all ciphers actually work)
-\end{itemize}
+\end{itemize*}
\subsubsection{Settings}
\subsubsection{References}
-\begin{itemize}
+\begin{itemize*}
\item \url{http://nginx.org/en/docs/http/ngx_http_ssl_module.html}
\item \url{http://wiki.nginx.org/HttpSslModule}
-\end{itemize}
+\end{itemize*}
\subsubsection{How to test}
See appendix \ref{cha:tools}
\section{Scope}
\label{section:Scope}
\newline In this guide, we restricted ourselves to:
-\begin{itemize}
+\begin{itemize*}
\item Internet-facing services
\item Commonly used services
\item Devices which are used in business environments (this specifically excludes XBoxes, Playstations and similar consumer devices)
\item OpenSSL
-\end{itemize}
+\end{itemize*}
We explicitly excluded:
-\begin{itemize}
+\begin{itemize*}
\item Specialized systems (such as medical devices, most embedded systems, etc.)
\item Wireless Access Points
\item Smart-cards/chip cards
% \item Services which should be run only in an internal network and never face the Internet.
-\end{itemize}
+\end{itemize*}
%% * whatsapp --> man kann nichts machen, out of scope
%* Lync: == SIP von M$.
\label{cha:suggested-reading}
This section contains suggested reading material.
-\begin{itemize}
+\begin{itemize*}
\item Cryptography Engineering: Design Principles and Practical Applications, Ferguson, N. and Schneier, B. and Kohno, T. (ISBN-13: 978-0470474242)
\item Security Engineering: A Guide to Building Dependable Distributed Systems, Anderson, R.J. (ISBN-13: 978-0470068526)
\item Applied cryptography: protocols, algorithms, and source code in C, Schneier, B. (ISBN-13: 978-0471117094)
\item Guide to Elliptic Curve Cryptography, Hankerson, D. and Vanstone, S. and Menezes, A.J. (ISBN-13: 978-0387952734)
\item A Introduction To The Theory of Numbers, Godfrey Harold Hardy, E. M. Wrigh (ISBN-13: 978-0199219865)
\item Malicious Cryptography: Exposing Cryptovirology, Young A., Yung, M. (ISBN-13: 978-0764549755)
-\end{itemize}
+\end{itemize*}
%% should we include bibtex instead? can be downloaded from books.google.com
\subsubsection{Tested with Versions}
\todo{testing}
-\begin{itemize}
+\begin{itemize*}
\item Version 0.1, Distro Version
-\end{itemize}
+\end{itemize*}
\subsubsection{Settings}
\subsubsection{References}
\todo{add references}
-\begin{itemize}
+\begin{itemize*}
\item short description: \url{http://example.com/doc/ssl}
-\end{itemize}
+\end{itemize*}
% add any further references or best practice documents here
This typically occurs for embedded devices and virtual machines.
Embedded devices lack some entropy sources other devices have, e.g.:
-\begin{itemize}
+\begin{itemize*}
\item No persistent clock, so boot-time is not contributing to the
initial RNG state
\item No hard-disk: No entropy from hard-disk timing, no way to store
entropy between reboots
-\end{itemize}
+\end{itemize*}
Virtual machines emulate some hardware components so that the
generated entropy is over-estimated. The most critical component that
%%% NOTE: we do not need to list this all here, can move to an appendix
%At the time of this writing, SSL is defined in RFCs:
%
-%\begin{itemize}
+%\begin{itemize*}
%\item RFC2246 - TLS1.0
%\item RFC3268 - AES
%\item RFC4132 - Camelia
%\item RFC6367 - Camelia
%\item RFC6655 - AES\_CCM
%\item RFC7027 - Brainpool Curves
-%\end{itemize}
+%\end{itemize*}
%\subsubsection{Overview of SSL Server settings}
%
%Next we tested the cipher suites above on the following clients:
%
%%% NOTE: we need to test with more systems!!
-%\begin{itemize}
+%\begin{itemize*}
%\item Chrome 30.0.1599.101 Mac OS X 10.9
%\item Safari 7.0 Mac OS X 10.9
%\item Firefox 25.0 Mac OS X 10.9
%\item Internet Explorer 10 Windows 7
%\item Apple iOS 7.0.3
-%\end{itemize}
+%\end{itemize*}
%
%
%The result of testing the cipher suites with these clients gives us a preference order as shown in table \ref{table:prefOrderCipherSuites}.
We arrived at this set of cipher suites by selecting:
-\begin{itemize}
+\begin{itemize*}
\item TLS 1.2
\item Perfect forward secrecy / ephemeral Diffie Hellman
\item strong MACs (SHA-2) or
\item GCM as Authenticated Encryption scheme
-\end{itemize}
+\end{itemize*}
This results in the OpenSSL string:
We arrived at this set of cipher suites by selecting:
-\begin{itemize}
+\begin{itemize*}
\item TLS 1.2, TLS 1.1, TLS 1.0
\item allowing SHA-1 (see the comments on SHA-1 in section \ref{section:SHA})
-\end{itemize}
+\end{itemize*}
This results in the OpenSSL string:
Our recommended cipher strings are meant to be used via copy and paste and need to work
"out of the box".
-\begin{itemize}
+\begin{itemize*}
\item TLSv1.2 is preferred over TLSv1.0 (while still providing a useable cipher
string for TLSv1.0 servers).
\item AES256 and CAMELLIA256 count as very strong ciphers at the moment.
Note however that this cipher suite will not provide forward secrecy. It
is meant to provide the same client coverage (eg. support Microsoft crypto
libraries) on legacy setups.
-\end{itemize}
+\end{itemize*}
\paragraph{Summary}
-\begin{itemize}
+\begin{itemize*}
\item For asymmetric public-key cryptography we consider any key length below
3248 bits to be deprecated at the time of this writing (for long term
protection).
be inadequate for long term protection.
\item For symmetric algorithms we consider anything below 128 bits to be
inadequate for long term protection.
-\end{itemize}
+\end{itemize*}
\paragraphDiamond{Special remark on 3DES}
We want to note that 3DES theoretically has 168 bits of security, however based
\section{SSL \& TLS}
Server checks via the web
-\begin{itemize}
+\begin{itemize*}
\item \href{http://ssllabs.com}{ssllabs.com} offers a great way to check your webserver for misconfigurations. See \url{https://www.ssllabs.com/ssltest/}. Furthermore, ssllabs.com has a good best practices tutorial, which focuses on avoiding the most common mistakes in SSL.
\item SSL Server certificate installation issues \url{http://www.sslshopper.com/ssl-checker.html}
\item Check SPDY protocol support and basic TLS setup \url{http://spdycheck.org/}
\item TLS and SSH key check \url{https://factorable.net/keycheck.html}
\item \url{http://tls.secg.org} is a tool for testing interoperability of HTTPS implementations for ECC cipher suites.
\item \url{http://www.whynopadlock.com/} Testing for mixed SSL parts loaded via http that can totally lever your https.
-\end{itemize}
+\end{itemize*}
Browser checks
-\begin{itemize}
+\begin{itemize*}
\item Check your browser's SSL capabilities: \url{https://cc.dcsec.uni-hannover.de/} and \url{https://www.ssllabs.com/ssltest/viewMyClient.html}.
\item Check Browsers SSL/TLS support and vulnerability to attacks: \url{https://www.howsmyssl.com}
-\end{itemize}
+\end{itemize*}
Command line tools
-\begin{itemize}
+\begin{itemize*}
\item \url{http://sourceforge.net/projects/sslscan} connects to a given SSL service and shows the cipher suites that are offered.
\item \url{http://checktls.com} is a tool for testing arbitrary TLS services.
\item \url{http://www.bolet.org/TestSSLServer/} tests for BEAST and CRIME vulnerabilities.
\item \url{https://github.com/iSECPartners/sslyze} Fast and full-featured SSL scanner
\item \url{http://nmap.org/} nmap security scanner
\item \url{http://www.openssl.net} OpenSSL s\_client
-\end{itemize}
+\end{itemize*}
\section{Keylength}
-\begin{itemize}
+\begin{itemize*}
\item \url{http://www.keylength.com} comprehensive online resource for comparison of keylengths according to common recommendations and standards in cryptography.
-\end{itemize}
+\end{itemize*}
\section{RNGs}
%% NOTE: should we merge that with chapter 6.6??
-\begin{itemize}
+\begin{itemize*}
\item \href{http://www.fourmilab.ch/random/}{ENT} is a pseudo random number generator sequence tester.
\item \href{http://www.issihosts.com/haveged/}{HaveGE} is a tool which increases the Entropy of the Linux random number generator devices. It is based on the HAVEGE algorithm. \url{http://dl.acm.org/citation.cfm?id=945516}
\item \href{http://www.phy.duke.edu/~rgb/General/dieharder.php}{Dieharder} a random number generator testing tool.
\item \href{http://www.cacert.at/random/}{CAcert Random} another random number generator testing service.
-\end{itemize}
+\end{itemize*}
\section{Guides}
-\begin{itemize}
+\begin{itemize*}
\item See: \url{https://www.ssllabs.com/downloads/SSL_TLS_Deployment_Best_Practices_1.3.pdf}.
-\end{itemize}
+\end{itemize*}
git.bettercrypto.org / ach-master.git / commitdiff