RE: Using SSL accelerators in firewalls

["Ian Peters" <ian () ianpeters net>]

> From: firewall-wizards-admin () honor icsalabs com
> [mailto:firewall-wizards-admin () honor icsalabs com]On Behalf Of Paul
> Robertson
> Sent: 17 July 2002 14:47
>
> On Wed, 17 Jul 2002, Darren Reed wrote:
>
> > There would seem to be a growing trend in using SSL accelerators not
> > next to the web server but attached to a firewall so that it isn't
> > https traffic that passes through but http.
> >
> > To me this screams out "bad design" as the end-to-end encryption is
> > lost in the process and the security of transactions eroded.
>
> End-to-end encryption is both a good and a bad thing...
>
> > What do others think?  Is this becoming a "done thing" that is more
> > and more acceptable to corporates or is this just an isolated thing?
>
> It's definitely becomming a "done thing," sometimes for performance, and
> other times for "increased security"- that is being able to do
> NIDS on the
> decrypted data stream.
>
> I'm not sure that there's all that much delineation between the
> ammount of
> trust necessary to go to the border of a company and the ammount of trust
> of doing SSL directly to an IIS box.

As an aside, there is a method for NIDS to inspect SSL traffic, but it is
limited and relatively (in NIDS terms) processor expensive. Namely, _if_ the
SSL key exchange is being performed courtesy of RSA, and _if_ the NIDS is
given the private key of the servers public/private keypair, then the NIDS
can follow the transaction, tracking state, decode the premaster secret as
it goes past, and compute the master secret accordingly. This isn't (I
think) too hard to do in a passably okay manner, by basically hacking
ssldump. The decoded traffic can then be tested as would normal traffic, and
additionally tests could be made on the ssl handshaking etc. I'm working on
this for my own NIDS, and may also do it for snort (when time allows). The
performance hit is potentially huge though, due to the overhead in the
actual decryption, and the complexity of the connection tracking required (a
great deal more complex than simple TCP tracking, and look how long that
took to arrive!). It must also be considered whether a NIDS is trusted
enough for it to have a copy of the key material.

Out of interest - does anyone have any idea what proportion of SSL key
exchanges are basic RSA, and what are diffie-hellman?

Just a thought,

Ian
ian () ianpeters net


_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards