[asterisk-bugs] [JIRA] (ASTERISK-23905) Enable Forward Secrecy (PFS) in TLS
Rusty Newton (JIRA)
noreply at issues.asterisk.org
Wed Jun 18 08:51:57 CDT 2014
[ https://issues.asterisk.org/jira/browse/ASTERISK-23905?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=219611#comment-219611 ]
Rusty Newton commented on ASTERISK-23905:
-----------------------------------------
[~traud] For the next step, please follow the [Code Review process|https://wiki.asterisk.org/wiki/display/AST/Code+Review], review against the coding guidelines and put the patch on reviewboard for others to review and test. Remember to link the reviewboard URL here once you have done so.
Thanks Alexander!
> Enable Forward Secrecy (PFS) in TLS
> -----------------------------------
>
> Key: ASTERISK-23905
> URL: https://issues.asterisk.org/jira/browse/ASTERISK-23905
> Project: Asterisk
> Issue Type: Improvement
> Security Level: None
> Components: Channels/chan_sip/TCP-TLS
> Affects Versions: SVN
> Reporter: Alexander Traud
> Severity: Minor
> Attachments: tlsPFS_for_HEAD.patch, tlsPFS.patch
>
>
> Already works for Asterisk as the client. Enables Forward Secrecy in TLS ([PFS|http://en.wikipedia.org/wiki/Forward_secrecy]) for Asterisk as the server. Inspired by source code of [stunnel|http://anonscm.debian.org/gitweb/?p=collab-maint/stunnel.git;a=blob;f=src/ctx.c] and Apache HTTP Server Project ([httpd|https://github.com/apache/httpd/blob/trunk/modules/ssl/ssl_util_ssl.c]). Similar patch [made|http://trac.pjsip.org/repos/ticket/1765] it into PJSIP. Thank you to Marcello Ceschia and all the others for the pre-review (you know who you are)!
> *Usage*
> Ephemeral ECDH (ECDHE) is enabled by default.
> To disable it, do not specify a ECDHE cipher suite in sip.conf, for example: {{tlscipher=AES128-SHA:DES-CBC3-SHA}}
> Ephemeral DH (DHE) is disabled by default.
> To enable it, add DH parameters into the private key file (sip.conf tlsprivatekey), for example the default [dh2048.pem|http://www.opensource.apple.com/source/OpenSSL098/OpenSSL098-35.1/src/apps/dh2048.pem?txt].
> Because clients expect the server to prefer PFS, and because OpenSSL sorts its cipher suites by bit strength, see
> {{openssl ciphers -v [DEFAULT|http://www.openssl.org/docs/apps/ciphers.html]}}
> consider re-ordering your cipher suites in sip.conf, for example:
> {{tlscipher=AES128+kEECDH:AES128+kEDH:3DES+kEDH:AES128-SHA:DES-CBC3-SHA:-ADH:-AECDH}}
> to use PFS when offered by the client. Clients which do not offer PFS fall-back to AES-128 (or even 3DES as recommend by [RFC|http://tools.ietf.org/html/rfc3261#section-26.2.1]).
> *Drawback*
> If Java based clients connect to your Asterisk server, go for [1024bit|http://www.opensource.apple.com/source/OpenSSL098/OpenSSL098-35.1/src/apps/dh1024.pem?txt] parameters. For more details and other alternatives, [see …|http://blog.ivanristic.com/2014/03/ssl-tls-improvements-in-java-8.html]
> *Speed*
> With a mobile phone from 2006 (Nokia E61), DHE/3DES, and 2048bit parameters, I got a speed penalty of 0.5 seconds per connection setup. Thank you OpenSSL!
--
This message was sent by Atlassian JIRA
(v6.2#6252)
More information about the asterisk-bugs
mailing list