Difference between revisions of "Certificates for your website through Let's Encrypt"

Let's encrypt is a free certificate authority, and is run by a non-profit called Internet Security Research Group (501c3)

ISRG was created by EFF, Mozilla and The Uni of Michigan

• Why is https is important?
• Why is it annoying?
• What is a certificate and a certificate authority?
• How to get one?

What is https?

A certificate does not protect from hacking

Analogy is that if you get a tetanus shot you can still get the flu. Whole the tetanus shot is important it isn't a panacea.

This is the same for internet security

https is focused on preventing eavesdropping and protecting the integrity of the communication, eg when someone downloads something from your site they can be sure that what they download is what your site offers.

Question: How can someone actually eavesdrop?

Answer: People can attack your connections, and if the attacker is on the path between user and webserver the connection is vulnerable. So if someone hacks the wifi router, they can redirect your connections to a different site.

Question: There used to be verification of who a certificate is given to, this is not part of the Let's Encrypt Certificate Authority. In general there is less verification now.

Answer: Originally the certificate authority was supposed to confirm your identity as an organization. This got eroded from originally checking government documentation, but later the norm was "domain verification", i.e. checking that you are the actual owner of the website. Some certificates still check peoples identity, which is now called EV, Extended Verification. Let's Encrypt only does Domain Verification. EV is expensive because the cert authority basically has to call the organization to confirm identity.

Downsides of EV:

• It can't be automated and therefore it's expensive (and possibly not effective)
• If you don't have a legal organization EV doesn't really work.

Let's encrypt does everything automatically, but thus only does Domain Verification (DV), which means it scales well and marginal costs are low. Also it is good for informal websites, anonymous websites etc.

What is Let's Encrypt (LE)?

• Automated, cheap certification
• Cannot tell whether a site is a phishing site. Can only verify that the certificate owner also controls the domain.

What LE certificates do

The certificate authority checks that the certificate owner also controls the domain, and that the encryption key is OK for communications with the domain.

An attacker executing a phishing attack would need to trick the user into using the wrong encryption key, and the certificate authority says that the encryption key is the correct key for the certificate owner.

LE does not verify anything about what the site does or who they are.

The certificate contains a public key which is used to exchange a secret session key which is then used to encrypt communications.

Each browser contains a root CA list, which is a list of certificate authorities that the browser trusts to hand out certificates. Browsers try to have the same criteria for root CA lists, but technically each browser has different lists, but the hope is that the lists are the same.

Question: How many certificate authorities are there?

Answer: There are around 600 cert authorities, but that does not include designated authorities, but it isn't completely cler when something is a certificate authority. There are many certificate authorities meaning that any of these 600+ authorities can issue a certificate for any domain, that could then be used for an attack.

Question: How to protect from an ISP

Answer: HPKP allows a site to say that they will use a specific encryption key, such that the browser remembers this encryotioon key, but that has negative effects, insofar as if you lose your key you cannot change to a new one.

Questions: What is the effect of AJAX sites (reactjs etc) where more code is in the browser

Answer: https should protect the user regardless of whether the code is on the browser or not, since it still encrypts traffic from the browser to the server.

LE is the largest cert authority in the world, but mostly has issued certs to smaller sites (compared to large sites like facebook and google etc).

Alternatives to OpenSSL: Google BoringSSL. OpenSSL is a old and complicated codebase that doesn't get verified very often.

LE certs only have 3 month validity and also does not offer wildcard certs, eg *.donainname.tld

The limitations of https

• If someone can take over your domain name or servers temporarily they can get a cert for the domain that they could use later for a an attack.
• It cannot protect from hacking, but it will protect you from people snooping your password via a wifi router.
  • Firesheep was/is a tool that is a sniffer that is very simple to use to take ver peoples social media accounts. The tool snifs the network traffic via the wifi access point and steals peoples authentication cookies for popular social network tools. Firesheep helped force the social media networks to enable https
• There are still attacks that allow someone who controls the local network to redirect your browser request to a different website than the intended site. If you don't type https in front of your domain name in the browser this attack can redirect you before the intended site redirects you to the ssl version of their site.
  • HSTS protects from these attacks.

Conclusion is that one technology can protect you from specific attacks, but new subtle attacks often show up.

How does LE work?

Certbot is an EFF tool that takes care of a lot of this for you in automated ways. It can download and install the certificate directly into your webserver configuration To get a cert on your site you need:

1. If you have root access You need software that talks to the cert authority and proves you own the domain and downloads the cert and installs it.
2. If you have a hosting provider they could integrate lets encrypt, and from then on it is very simple.
3. Browser-based clients exist that are similar to the experience of traditional CA's, where you can order a cert and then install it manually.

There are also many other server-side tools that provide different levels of automation. Certbot trys to edit the webserver config, which some users love, but others are annoyed by. Automatically editing a configuration can have reliability issues of the config editing breaks. Ther are less automatic tools for those users who do not want the tool to edit configs.

https://certbot.eff.org/

Let's encrypt certificates are only valid for 3 months, and if you use certbot then you can easily renew automatically. If you use the browser-absed client you have to perform some manual steps every 3 months.

The 3 months limitation is because LE cannot easily verify that a domain has been transferred and therefore the cert should be revoked. In lieu of revocation, short validity reduces the impact of this problem. The limitation also makes it more important for users to automate renewals so that they don't "forget" to renew.

Question: Does LE revoke?

Answer: LE should revoke if they know that there has been a private key compromise, or that a cert has been misissued they can revoke.

How is LE funded?

Mostly by large companies who generally want the Internet to be better.

There's also a crowd funding campaign now.

Protecting from attacks for web developers

OWASP is a website that lists vulnerabilities that could hot websites and that web developers should be aware of.

Capture the Flag contests are competitions that happen around the world with the intent to hack various systems as a competition.

• Winning teams are often eastern European teams
• Teams of grad students from us universities are also strong