The Heartbleed bug was a security vulnerability in the open-source OpenSSL cryptography library, which is widely used to implement the Internet’s Transport Layer Security (TLS) protocol.CVE-2014-0160 is the official reference to this vulnerability. CVE (Common Vulnerabilities and Exposures) is the standard for information security vulnerability names.
A fixed version of OpenSSL was released on April 7, 2014, at the same time as Heartbleed was publicly disclosed.
- OpenSSL 1.0.1 through 1.0.1f (inclusive) ARE vulnerable
- OpenSSL 0.9.8 branch is NOT vulnerable
The following protocol versions are listed in descending order of implementation preference: TLS 1.2 / TLS 1.1 / TLS 1.0 / SSL 3.0. TLS versions 1.2 and 1.1 became available with OpenSSL version 1.0.1.
The ordering of a cipher suite is important because it decides which algorithms are going to be selected in priority. The configured ciphers prioritise algorithms that provide perfect forward secrecy.
- ECDHE+AESGCM ciphers are selected first, these are TLS 1.2 ciphers.
- PFS ciphersuites are preferred, with ECDHE first, then DHE.
- AES 128 is preferred to AES 256, because it provides good security and performance.
- AES is preferred to RC4 which is still present for backward compatibility.
The concept of forward secrecy is that client and server negotiate a key that is destroyed at the end of the session. Forward secrecy is seen as an important security feature.
By applying forward secrecy, a different set of cryptographic protocols replace the session key exchange process with one that never sends the secret session key across the network, even in an encrypted form.
HTTP Strict Transport Security (HSTS)
HTTP Strict Transport Security or HSTS is a new security feature in browsers that enables you to tell the browser to always use SSL when accessing the site.
The HSTS Policy is communicated by the server to the user agent via a HTTP response header field sent by the server during a HTTPS response named “Strict-Transport-Security”. HSTS Policy specifies a period of time during which the user agent shall access the server using only a secure connection.
SSL Security Summary
The OpenSSL update and cipher suite reconfiguration has resulted in an improvement to security in terms of certificate, protocol support, key exchange and ciper strength. A typical secure client connection has the following properties:
- The connection is encrypted with 128-bit encryption.
- The connection uses TLS 1.2.
- The connection is encrypted and authenticated using AES_128_GCM and uses ECDHE_RSA as the key exchange mechanism.