TLS hardening

TL;DR

This paper discusses methods to enhance TLS security as of 2014, covering protocol components, vulnerabilities, and practical hardening techniques for web servers and other services.

Contribution

It provides a comprehensive overview of TLS vulnerabilities and practical hardening strategies applicable to various services, emphasizing real-world security improvements.

Findings

Identifies key TLS vulnerabilities like Heartbleed, BEAST, and BREACH.

Offers practical steps for TLS hardening on web servers.

Extends hardening techniques to other protocols and tools.

Abstract

This document presents TLS and how to make it secure enough as of 2014 Spring. Of course all the information given here will rot with time. Protocols known as secure will be cracked and will be replaced with better versions. Fortunately we will see that there are ways to assess the current security of your setup, but this explains why you may have to read further from this document to get the up to date knowledge on TLS security. We will first introduce the TLS protocol and its underlying components: X.509 certificates, ciphers, and protocol versions. Next we will have a look at TLS hardening for web servers, and how to plug various vulnerabilities: CRIME, BREACH, BEAST, session renegotiation, Heartbleed, and others. We will finally see how the know-how acquired on hardening web servers can be used for other protocols and tools such as Dovecot, Sendmail, SquirrelMail, RoundCube, and OpenVPN. We assume you already maintain services that use TLS, and have basic TCP/IP network knowledge. Some information will also be useful for the application developer.