Learn you some `:ssl` for much security

Posted 2019-04-09 12:43:35.136065

Here’s the slide deck for my presentation at ElixirConf EU 2019 today.

I created a gist with all the code snippets, for easy copying and pasting into an iex session. I encourage you to try things out yourself!

P.S. Apologies to Fred for abusing the title of his awesome book…

Hex package registry vulnerability

Posted 2019-01-29 14:13:52.780049

Recently I came across a vulnerability in the Hex package manager that would let a malicious or compromised mirror host modified versions of popular packages without detection by the client.

The issue, which affected both the Hex plugin for Mix and the Hex client built into Rebar3, has since been fixed. I hope everyone upgraded to Hex v0.19.0 and Rebar3 v3.8.0 by now.

In this post I will explain the background, the vulnerability, the potential impact and the fix.

OCSP stapling for Erlang/OTP

Posted 2018-07-11 18:42:50.698413

The last few days I’ve been working on a small patch for Erlang/OTP 21 that adds support for server-side OCSP stapling to the ssl application. It will take more work to get it into good enough shape for a PR, but for now I wanted to try it in the real world to see if I’m on the right track.

This post will show how OCSP stapling might work with Erlang TLS servers in general, and Phoenix in particular, if and when such a feature might be merged into a future OTP release. Feel free to follow along with the patched OTP linked to below, just don’t use it in production, please!

Staples?

OCSP stands for Online Certificate Status Protocol, a more modern approach to certificate revocation than unwieldy Certificate Revocation Lists (CRLs). Now some would argue that all certificate revocation is broken, and that neither CRLs nor OCSP are effective against man-in-the-middle attack with a compromised and revoked certificate, but let’s put that aside for now.

While more modern and efficient in some ways, OCSP has its own issues. A common criticism is the fact that it leaks personal information (browsing behaviour) to the issuing CA, through the OCSP status requests sent by the browsers. OCSP Stapling mitigates this concern: instead of the browser sending a status query from the user’s IP address, the server requests the OCSP response from the CA and sends it in-band as part of the TLS handshake.

Besides the privacy benefits, OCSP stapling also allows the server to cache the response and reuse it for all incoming connections. This eliminates the round-trip to to the OCSP server, reducing the load on the CA’s infrastructure and reducing the overall TLS session establishment latency.

Let’s have a look at the patch, and see what it would take to enable OCSP stapling in a Phoenix application.

Older posts

• PSA: retiring TLS test domains (Posted 2018-07-11 07:30:04.473948)
• Dual cert RSA/ECDSA server with Erlang/OTP 21 (Posted 2018-07-03 18:55:58.000000)
• Erlang/OTP 21 (Posted 2018-06-23 08:36:19.000000)
• Erlang/OTP 20.3 (Posted 2018-03-14 19:00:53.000000)
• CipherSuites package updated (Posted 2018-03-12 20:16:18.000000)
• Practical security for Elixir/Phoenix (Posted 2018-01-05 08:35:18.000000)
• Security training at ElixirConf EU 2018 (Posted 2017-11-02 20:48:35.000000)
• Unauthorized Erlang? (Posted 2017-04-15 08:26:16.000000)
• Hostname verification with Erlang/OTP 19.3 (Posted 2017-03-17 06:35:40.000000)
• Plug vulnerabilities: impact assessment (Posted 2017-03-01 13:16:28.000000)
• Catching up (Posted 2017-02-27 09:28:27.000000)
• The great HTTPS client shoot-out (Posted 2016-11-05 08:03:50.000000)
• "aRSA+ECDH+AES:@STRENGTH" FTW (Posted 2016-07-05 17:30:20.000000)
• Thou shalt not trust thy neighbour's password (Posted 2016-06-24 19:20:05.000000)
• Who wants cookies? (Posted 2016-06-13 19:35:52.000000)
• Erlang/OTP 19.0 (Posted 2016-06-06 19:02:02.000000)
• ElixirConf.EU talk: video (Posted 2016-06-01 18:52:50.000000)