Erlang/OTP 19.0

Posted 2016-06-06 19:02:02.000000

Release 19.0 of Erlang/OTP is supposed to be available later this month, and Elixir v1.2.6 has just been released with support for the new Erlang/OTP version. So now is a good time to have a look at the release notes of Erlang/OTP 19.0-rc2 and find out what has changed.

DES cipher suites disabled by default

My main criticism of the default cipher suites enabled in previous Erlang/OTP releases was the fact that DES ciphers were still included, despite the fact that an effective key size of 56 bits has been considered too weak for quite some time now. The change in 19.0 means a significant jump in the security of a Phoenix HTTPS server out of the box, with no negative impact on client compatibility.

ssl module rewrite

The TLS state machine inside the ssl module has been rewritten using the new gen_statem behaviour. For now this mostly just improves the readability of the code for the maintainers, with no externally visible changes. However, the exciting news is that the OTP team has indicated that this change will make it easier to add support for DTLS in an upcoming release. Fingers crossed…

Stronger default Diffie-Hellman parameters

This is a small improvement over previous releases, though I would still recommend you generate your own DH parameters using the following OpenSSL command:

openssl dhparam -out priv/cert/dhparams.pem 2048

You can then reference this file in your Phoenix endpoint configuration (or other TLS server configuration) alongside your certificates and private key:

config :app, App.Endpoint,
  https: [port: 4001,
    keyfile: "priv/cert/privkey.pem",
    certfile: "priv/cert/cert.pem",
    cacertfile: "priv/cert/chain.pem",
    dhfile: "priv/cert/dhparams.pem",
    secure_renegotiate: true,
    honor_cipher_order: true,
    # ...

Update: Hmm, that isn’t really fair, is it. It is a major improvement over previous releases, especially considering that the strength of the key exchange of a DHE_RSA_* cipher suite is basically constrained by the smallest key in use. In other words, you could argue that a 2048 RSA certificate is just a waste of bandwidth and CPU cycles during the TLS handshake when combined with 1024-bit DH parameters.

TLS distribution

When using Erlang distribution in an untrusted or even hostile environment, make sure you replace the default TCP distribution module with the TLS version, inet_tls_dist. Erlang/OTP 19.0 improves support for certificate-based mutual authentication of nodes, through the addition of the following ssl configuration parameters: verify_fun, crl_check, and crl_cache.

OpenSSL EVP API support

While Erlang/OTP uses its own SSL/TLS protocol implementation, it does build on OpenSSL for cryptographic operations. Prior to release 19.0, the crypto module used an older API to interface with OpenSSL, which had limited support for hardware acceleration features such as Intel’s AES-NI. The use of the new EVP API should allow Erlang applications to finally take advantage of the capabilities of modern processors, or even specialised networking hardware if available.