Enye yezindawo eziphezulu ze-Alexa (umbuthano ophakathi), ivikelwe yi-HTTPS, enezizinda ezingaphansi (ezimpunga) nokuncika (ezimhlophe), phakathi kwazo kukhona ezisengozini (ezinomthunzi)
Namuhla, isithonjana sokuxhuma okuvikelekile kwe-HTTPS sesiphenduke isibaluli esijwayelekile nesidingekayo sanoma iyiphi iwebhusayithi ebucayi. Uma ezingekho, cishe zonke iziphequluli zakamuva zibonisa isexwayiso sokuthi futhi ungancomi ukudlulisela ulwazi oluyimfihlo kuyo.
Kodwa kuvela ukuthi ukuba khona "kokhiye" kubha yekheli akuqinisekisi ngaso sonke isikhathi ukuvikelwa. kusukela kusezingeni le-Alexa elibonisiwe: eziningi zazo zivezwa ezingozini ezibalulekile zephrothokholi ye-SSL/TLS, imvamisa ngokusebenzisa izizinda ezingaphansi noma ukuncika. Ngokusho kwababhali bocwaningo, ubunkimbinkimbi bezinhlelo zokusebenza zewebhu zanamuhla kwandisa kakhulu indawo yokuhlasela.
Imiphumela yocwaningo
Ucwaningo lwenziwe ngongoti baseCa' Foscari University of Venice (Italy) kanye neVienna Technical University. Bazokwethula umbiko onemininingwane ku-Simposium ye-40 ye-IEEE Yezokuphepha Nobumfihlo, ezobanjwa ngoMeyi 20−22, 2019 e-San Francisco.
Amasayithi aphezulu we-HTTPS angu-10 kuhlu lwe-Alexa kanye nababungazi abahlobene abangu-000 bahloliwe. Ukulungiswa kwe-cryptographic engcupheni kukhonjwe kubasingathi abangama-90, okungukuthi, cishe u-816% wengqikithi:
- 4818 abasengozini ye-MITM
- I-733 isengozini yokukhishwa kwemfihlo okugcwele kwe-TLS
- I-912 isengozini yokukhishwa kwemfihlo kwe-TLS ngokwengxenye
Amasayithi angu-898 avulekele ngokuphelele ukugetshengwa, okusho ukuthi, avumela umjovo wemibhalo yezinkampani zangaphandle, futhi amasayithi angu-977 alanda okuqukethwe emakhasini avikelwe ngendlela ebuthakathaka umhlaseli angaxhumana nawo.
Abacwaningi bagcizelela ukuthi phakathi kwezinsiza ze-898 "ezonakaliswa ngokuphelele" izitolo ze-intanethi, izinsizakalo zezezimali nezinye izingosi ezinkulu. Amasayithi angu-660 kwangu-898 alanda imibhalo yangaphandle kubabungazi abasengozini: lona umthombo omkhulu wengozi. Ngokusho kwababhali, inkimbinkimbi yezinhlelo zokusebenza zewebhu zanamuhla kwandisa kakhulu indawo yokuhlasela.
Ezinye izinkinga nazo zatholwa: I-10% yamafomu okugunyaza anezinkinga ngokudluliselwa okuvikelekile kolwazi, okusongela ukuvuza kwephasiwedi, amasayithi angama-412 avumela ukucatshangelwa kwamakhukhi kanye "nokudunwa kweseshini," futhi amasayithi angama-543 asengozini yokuhlaselwa ubuqotho bekhukhi (ngezizindana ezingaphansi ).
Inkinga ukuthi eminyakeni yamuva nje, izivumelwano ze-SSL/TLS nesofthiwe : POODLE (CVE-2014-3566), BEAST (CVE-2011-3389), CRIME (CVE-2012-4929), BREACH (CVE-2013-3587) kanye Heartbleed (CVE-2014-0160). Ukuze uvikeleke kuzo, inani lezilungiselelo liyadingeka kuseva naseceleni kweklayenti ukugwema ukusetshenziswa kwezinguqulo ezindala ezisengozini. Kodwa lena inqubo engeyona into encane, ngoba izilungiselelo ezinjalo zibandakanya ukukhetha kusethi ebanzi yama-ciphers namaphrothokholi, okunzima ukuyiqonda. Akuhlale kucacile ukuthi yimaphi ama-cipher suites nephrothokholi athathwa “njengokuvikeleke ngokwanele.”
Izilungiselelo ezinconyiwe
Akekho noyedwa ogunyazwe ngokusemthethweni nokwavunyelwana ngohlu lwezilungiselelo ezinconyiwe ze-HTTPS. Ngakho, inikeza izinketho ezimbalwa zokumisa, kuye ngezinga elidingekayo lokuvikela. Isibonelo, nazi izilungiselelo ezinconyiwe zeseva ye-nginx 1.14.0:
Imodi yesimanje
Amaklayenti amadala asekelwayo: I-Firefox 27, Chrome 30, IE 11 ivuliwe Windows 7, Edge, Opera 17, Safari 9, Android 5.0, kanye ne-Java 8
server {
listen 80 default_server;
listen [::]:80 default_server;
# Redirect all HTTP requests to HTTPS with a 301 Moved Permanently response.
return 301 https://$host$request_uri;
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
# certs sent to the client in SERVER HELLO are concatenated in ssl_certificate
ssl_certificate /path/to/signed_cert_plus_intermediates;
ssl_certificate_key /path/to/private_key;
ssl_session_timeout 1d;
ssl_session_cache shared:SSL:50m;
ssl_session_tickets off;
# modern configuration. tweak to your needs.
ssl_protocols TLSv1.2;
ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256';
ssl_prefer_server_ciphers on;
# HSTS (ngx_http_headers_module is required) (15768000 seconds = 6 months)
add_header Strict-Transport-Security max-age=15768000;
# OCSP Stapling ---
# fetch OCSP records from URL in ssl_certificate and cache them
ssl_stapling on;
ssl_stapling_verify on;
## verify chain of trust of OCSP response using Root CA and Intermediate certs
ssl_trusted_certificate /path/to/root_CA_cert_plus_intermediates;
resolver <IP DNS resolver>;
....
}Ukusekelwa okumaphakathi
Amaklayenti amadala asekelwayo: I-Firefox 1, Chrome 1, IE 7, Opera 5, Safari 1, Windows XP IE8, Android 2.3, Java 7
server {
listen 80 default_server;
listen [::]:80 default_server;
# Redirect all HTTP requests to HTTPS with a 301 Moved Permanently response.
return 301 https://$host$request_uri;
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
# certs sent to the client in SERVER HELLO are concatenated in ssl_certificate
ssl_certificate /path/to/signed_cert_plus_intermediates;
ssl_certificate_key /path/to/private_key;
ssl_session_timeout 1d;
ssl_session_cache shared:SSL:50m;
ssl_session_tickets off;
# Diffie-Hellman parameter for DHE ciphersuites, recommended 2048 bits
ssl_dhparam /path/to/dhparam.pem;
# intermediate configuration. tweak to your needs.
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers 'ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS';
ssl_prefer_server_ciphers on;
# HSTS (ngx_http_headers_module is required) (15768000 seconds = 6 months)
add_header Strict-Transport-Security max-age=15768000;
# OCSP Stapling ---
# fetch OCSP records from URL in ssl_certificate and cache them
ssl_stapling on;
ssl_stapling_verify on;
## verify chain of trust of OCSP response using Root CA and Intermediate certs
ssl_trusted_certificate /path/to/root_CA_cert_plus_intermediates;
resolver <IP DNS resolver>;
....
}Ukwesekwa okudala
Amaklayenti amadala asekelwayo: Windows XP IE6, Java 6
server {
listen 80 default_server;
listen [::]:80 default_server;
# Redirect all HTTP requests to HTTPS with a 301 Moved Permanently response.
return 301 https://$host$request_uri;
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
# certs sent to the client in SERVER HELLO are concatenated in ssl_certificate
ssl_certificate /path/to/signed_cert_plus_intermediates;
ssl_certificate_key /path/to/private_key;
ssl_session_timeout 1d;
ssl_session_cache shared:SSL:50m;
ssl_session_tickets off;
# Diffie-Hellman parameter for DHE ciphersuites, recommended 2048 bits
ssl_dhparam /path/to/dhparam.pem;
# old configuration. tweak to your needs.
ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers 'ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:ECDHE-RSA-DES-CBC3-SHA:ECDHE-ECDSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:DES-CBC3-SHA:HIGH:SEED:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!RSAPSK:!aDH:!aECDH:!EDH-DSS-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA:!SRP';
ssl_prefer_server_ciphers on;
# HSTS (ngx_http_headers_module is required) (15768000 seconds = 6 months)
add_header Strict-Transport-Security max-age=15768000;
# OCSP Stapling ---
# fetch OCSP records from URL in ssl_certificate and cache them
ssl_stapling on;
ssl_stapling_verify on;
## verify chain of trust of OCSP response using Root CA and Intermediate certs
ssl_trusted_certificate /path/to/root_CA_cert_plus_intermediates;
resolver <IP DNS resolver>;
....
}Kunconywa ukuthi uhlale usebenzisa i-cipher suite egcwele kanye nenguqulo yakamuva ye-OpenSSL. Isethi yama-cipher kuzilungiselelo zeseva ikhombisa ukubaluleka lapho azosetshenziswa khona, kuye ngezilungiselelo zeklayenti.
Ucwaningo lubonisa ukuthi ukufaka nje isitifiketi se-HTTPS akwanele. “Yize singawaphathi amakhukhi njengoba senza ngo-2005, futhi 'i-TLS ehloniphekile' isiyinsakavukela, kuvele ukuthi lezi zinto eziyisisekelo azanele ukuvikela inani elikhulu ngokumangalisayo lamasayithi aziwa kakhulu," ababhali bomsebenzi. Ukuze uvikele isiteshi ngendlela enokwethenjelwa phakathi kweseva neklayenti, udinga ukugada ngokucophelela ingqalasizinda yezizinda zakho ezingaphansi kanye nabasingathi bezinkampani zangaphandle lapho okuqukethwe kwesayithi kunikezwa khona. Kungase kube nengqondo uku-oda ukuhlolwa kwamabhuku enkampanini yangaphandle egxile ekuvikelekeni kolwazi.
Source: www.habr.com