« Ruby on Rails Security Podcast (German) | Main | XSS and CSRF Vulnerabilities in the in_place_editing plugin »
Sunday
Mar152009

SSL and Rails

About SSL
Secure Socket Layer (SSL), or its successor Transport Layer Security (TLS), gives us assurance of two things: Firstly when a client connects to a web server, the client can be sure that it is talking to the right server by checking the certificate the server sends it. Secondly, SSL assures you of the confidentiality of the data, as the client and the server exchange encrypted messages that cannot be understood by anybody else. Before messages can be encrypted, the client and the server need to shake hands and exchange a secret key for this session, the so-called session key. This is how the SSL handshake works (using RSA):

  1. Server sends certificate: When the client requests for a SSL page, the server sends a certificate that it has obtained from a trusted certificate authority.
  2. Client generates session key: This certificate contains the public key of the server. After satisfying itself that the certificate is correct and the server is a genuine one, the client generates one random number, the session key.
  3. Encrypt the session key and send it: This key is encrypted using the public key of the server and the private key of the client. Then it will be sent across.
  4. Server decrypts it: The server decrypts the message with its private key. Now both sides have a session key known only to the two of them, because only the server and the client have access to their private keys needed for decryption and encryption of the session key. All communication to and fro will now be encrypted and decrypted with the session key.

SSL Ciphers and Protocol
This is a simple SSL handshake, because only the client makes sure talking to the right server, but not the other way round. Today's browsers normally perform only a simple SSL handshake. In the first phase of the handshake the server and the client also exchange the highest TLS protocol version and a list of suggested cipher and compression suites. In most browsers SSL version 2 is disabled by default as it is insecure. But you can also disable SSL version 2 and several cipher suites on the server side. In order to find out about what ciphers with high strength (128 or more bits) your server machine supports, type in:

$ openssl ciphers -ssl3 -v 'HIGH:!ADH:@STRENGTH'

This will display a list of ciphers ordered by its strength and without anonymous DH (!ADH) which is very basic. Make sure to specify the SSL ciphers your webserver is going to use in its configuration to at least the "HIGH:!ADH" level. Many web servers try to be as compatible as possible by default and accept 40, 56 and 80 bit DES keys, but they are very weak. This configuration works in all modern browsers. It is highly recommended denying weak ciphers by only accepting 3DES and AES SSL cipher suites of at least 128 bits and above. Here is an example SSL configuration for nginx - Apache configuration should be similar.

ssl on;
ssl_certificate /etc/nginx/certs/example.com.crt;
ssl_certificate_key /etc/nginx/certs/example.com.key;
keepalive_timeout 70; #reduces the cpu load
ssl_protocols SSLv3; # only use SSL version 3
ssl_ciphers HIGH:!ADH;
ssl_prefer_server_ciphers on; # don't trust the client
# caches 1 MB of SSL sessions in memory, faster than OpenSSL's cache:
ssl_session_cache shared:SSL:1m;
# cache the SSL sessions for 5 minutes, just as long as today's browsers
ssl_session_timeout 5m;

Replay attacks
Hackers might also try to repeat recorded requests. In order to fend of these replay attacks, the SSL handshake protocol uses random numbers and sequence numbers. If someone repeats old sequence numbers, the server will reset the connection.

Cryptographic attacks
The attacks against SSL include cryptographic attacks. Brute Force Attacks on the cryptography aim at breaking the cryptography in use. It is feasible to break a 40-bit key by brute force attacks, but it takes a fairly large number of computers. Therefore keys should be at least 128-bits long, though 256-bits are standard now. You also want to use AES encryption, as it is the successor of 3DES. When generating a public and private key for the certification authority, you can choose to enter a pass phrase with at least 8 characters. This pass phrase is like a password and you will need to type it in to start the web server using the SSL key. You can leave the pass phrase out if you want, but this is less secure. One reason to leave it out would be that automatic restarts of the web server will work then.

Man-in-the-middle attack
A man-in-the-middle (MITM) attack is only successful when the attacker can impersonate the client and the server and when he has access to the network of the client (like an insecure wireless LAN). The man-in-the-middle behaves like the server for the client and sends the clients' requests to the original server. It also behaves like the client to the server. The MITM uses his self-generated certificate to authenticate against the user. Therefore today's browsers include a list of mutual trusted certification authorities and throw an error when certificate is self-signed. There are also many cases where the client's browser issued a warning that the certificate is not valid, but in real life most users ignore this message and just accept it. This protection might only be circumvented if a certification authority cooperated with the attacker or if the attacker managed to create his own certificates signed by a certification authority known to the victim's browser. The latter means breaking a cryptographic hash function, such as MD5, which is already theoretically possible. SSH (Secure Shell) provides a method to check the fingerprint of the server's certificate after the first login. This fingerprint will be verified on each next login and it will throw an error if it changes. MITM attacks are quite unlikey, but not totally unfeasible.

Software versions
It is very important to always run the latest versions of OpenSSL and nginx or Apache. Recently there was a vulnerabilty in OpenSSL which rendered several SSL certificates insecure.

SSL and Rails

Rails provides the request.ssl? method to find out whether it is HTTP or HTTPS. In order to make this method work correctly, you have to include the following line in your web server configuration file in the HTTPS part:

proxy_set_header X-FORWARDED_PROTO https;

This is how it works in nginx, and it should be similar in Apache. More details are here. The problem is, that a malicious user could pretend that this request is HTTPS by intercepting a request and sending a "X-FORWARDED_PROTO: https" header field over HTTP. Whether this may do any harm to your application depends on your application. But you don't want the users to pretend, don't you? Note that this works with a stand-alone Mongrel, but I couldn't manage it when a front-end web server (nginx, Apache) is there. Nevertheless, it might be possible.

Countermeasures and Conclusion

  1. Securely configure you web server as described above
  2. Do use proxy_set_header X-FORWARDED_PROTO https; in the HTTPS part of the configuration
  3. Do use proxy_set_header X-FORWARDED_PROTO http; in the HTTP part of the configuration, just to be sure

PrintView Printer Friendly Version

EmailEmail Article to Friend

References (38)

References allow you to track sources for this article, as well as articles that were written in response to this article.
  • Response
    Response: diapers for men
    Ruby on Rails Security Project - Journal - SSL and Rails
  • Response
    Ruby on Rails Security Project - Journal - SSL and Rails
  • Response
    SSL and Rails had used in the above malayalam movies industry. All latest films are directed via such mono rails. So great achievement in malayalam cinema industry.
  • Response
    How can I add a hit counter to my blogger blog?
  • Response
    When Someone googles something that relates to one of my wordpress blogs how can I get it to appear on the first page of their serach results?? Thanks!.
  • Response
    Looking for a good website to post samples of creative writing for others to read, review and comment on. Any ideas?.
  • Response
    What is a blogging site that allows you to sync with facebook for comments?
  • Response
    Response: health care reform
    i know you write in it but what else?. what are some good websites to start a blog and what topics should i do?.
  • Response
    Firefox / internet does not work but internet connection is excellent?
  • Response
    I want to start a review blog. My friend and I would be reviewing books, games, toys etc..
  • Response
    Response: seovolución
    I want to start my own blog: are there such thing as blogs that are totally "open", and anybody can view it? I keep coming to the kind where you have to add other "friends" to use the site. . Links appreciated. Thanks!.
  • Response
    Response: seovolución
    How do I go about copyrighting content of my website?
  • Response
    Response: accurist watches
    Ruby on Rails Security Project - Journal - SSL and Rails
  • Response
    If you like reading a blog, what kind of interesting things that make you like that blog? Give me your favorite blog links too..
  • Response
    Response: pizza hut coupons
    Wordpress is up and running on my host -- but it completely mismatches my site's existing theme/CSS. How hard would it be to modify/write a new theme to make it fit in? Is there an easier way to do this?.
  • Response
    Response: Ken Anderson nhs
    Ruby on Rails Security Project - Journal - SSL and Rails
  • Response
    go here for top quality dog arthritis supplements available
  • Response
    see here for best canine arthritis medicine around
  • Response
    Response: que significa seo
    click here for top quality seo madrid around
  • Response
    Response: arthritis in dogs
    The best cat arthritis available
  • Response
    click here for best search engine friendly work anywhere
  • Response
    What is online blogging and how do people make money out of it?
  • Response
    go here for top quality posicionamiento buscadores anywhere
  • Response
    Response: Ken Anderson ubs
    Ruby on Rails Security Project - Journal - SSL and Rails
  • Response
    I want to start a blog where I can talk to people and have them respond to my blogs. Not myspace or facebook. I tried blogger but the only blogs I could find were about global warming and guns. I want some where that I can open an account and say ...
  • Response
    Response: Ken Anderson ubs
    Ruby on Rails Security Project - Journal - SSL and Rails
  • Response
    Response: pay day loans
    How would I go about creating a new blog that could become successful in less than a year. I have a lot of ideas of different things I could include, so I don't know that content would be an issue. What are good ways to promote a new blog and is ...
  • Response
    Response: Michael Manis
    What is the best free software to automatically backup wordpress database and files?
  • Response
    Ruby on Rails Security Project - Journal - SSL and Rails
  • Response
    Response: Niagara therapy
    Ruby on Rails Security Project - Journal - SSL and Rails
  • Response
    Response: D D Photographics
    Ruby on Rails Security Project - Journal - SSL and Rails
  • Response
    Ruby on Rails Security Project - Journal - SSL and Rails
  • Response
    Response: dentist tempe
    Ruby on Rails Security Project - Journal - SSL and Rails
  • Response
    Response: linkbuilding tips
    Ruby on Rails Security Project - Journal - SSL and Rails
  • Response
    Response: dog walkers Sydney
    Ruby on Rails Security Project - Journal - SSL and Rails
  • Response
    Response: Matthew Sample
    Ruby on Rails Security Project - Journal - SSL and Rails
  • Response
    Response: Gom Rotterdam
    Ruby on Rails Security Project - Journal - SSL and Rails
  • Response
    Ruby on Rails Security Project - Journal - SSL and Rails

Reader Comments

There are no comments for this journal entry. To create a new comment, use the form below.

PostPost a New Comment

Enter your information below to add a new comment.

My response is on my own website »
Author Email (optional):
Author URL (optional):
Post:
 
Some HTML allowed: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <code> <em> <i> <strike> <strong>