[yast-devel] Re: [studio-devel] ephemeral keying for apache2
Am Mittwoch 31 März 2010 13:21:56 schrieb Peter Bowen:
On Wed, 2010-03-31 at 10:51 +0200, Thomas Biege wrote:
during the secure development workshop last week in Prague the question came up how to configure ephemeral keying using apache2/mod_ssl.
Thomas,
Unfortunately I was not in Prague, so I don't have the background on this. Can you please explain a little about what ephemeral keying is and why one wants it?
Thanks, Peter
It influences the ssl handshake and creates something that is called
'perfect forward secrecy' (PFS).
The perfect forward secrecy means that an adversary can capture the
encrypted traffic and when she gains access to your private key is not
able do decrypt the already sent data as well as data from future
transmissions. (But she can of course spoof the identity of the SSL-
enabled server with the key.)
This sounds a bit weired but it works simply by generating an ephemeral
key for encryption (using Diffie-Hellman key exchange (kex)) and verifying
the authenticity of the keys by using the RSA/DSA key in the certificate.
Because the ephemeral key is only used once per session and it is never
transmitted over the wire (DH kex) the sessions confidentiality is assured
even if the key used for signing (RSA/DSA) is known.
In the case of DSA SSL certificates it is also mandatory to support ephemeral
keying because DSA can only be used for signing and not for encryption.
HTH
Thomas
--
Thomas Biege
participants (1)
-
Thomas Biege