Geek Answers Handbook

SSL Client Certificate Verification Optimization

We currently have a group of web services that provide interfaces for various types and roles of clients.

Background:

  • Authentication is performed using SSL client certificate verification. This is done in the web service code (not the HTTP server). We do not want to use a less secure scheme. This message does not mean authorization, but only authentication.
  • Web services speak both SOAP and REST (JSON), and I'm definitely not interested in starting a discussion of the benefits of any of them.
  • All operations opened through web services are inactive.

My problem is that checking the client certificate for each request is very difficult and easily dominates the processor time on the application server. I have already tried to separate the parts of authentication and applications on different physical servers to reduce the load, but this does not improve the sending speed as a whole - the request still takes a constant time for authentication, regardless of where it is done.

I would like to try to limit the number of authentications by creating an HTTP cookie (with an associated session on the server side) after successful verification of the client certificate, which, when provided by the client, will skip the verification of the client certificate (although still talking via SSL). I would also like to limit the time of sessions and make the processes as transparent as possible from the point of view of the client.

My questions:

  • How safe is it? (and how can we optimize security and pragmatism?)
  • Are there any free implementations of this scheme? (I know the SiteMinder product from CA)
  • Given the above, should I continue to authenticate in the application or go to the server?
+4
source share
1 answer

generates an HTTP cookie (with an associated server session) after a successful client verification certificate, which provided the client invokes the client certificate verification should be skipped

How safe is it? (and how can we optimize security and pragmatism?)

This is not entirely safe in theory, because the server can no longer prove to itself that there is no person in the middle.

When the client was a client certificate, the server can trust it cryptographically. The client and server must be encrypted and the data (well, the session key) based on the client key. Without a client-side certificate, the server can only hope that the client did a good job of verifying the server certificate (as perceived by the client) and thereby excluded the possibility of Mr. Mitma.

A pre-built Windows client trusts over 200 root CA certificates. In the absence of a client-side certificate, the server completes the extension check.

Here's a good entry on what to look for in packet capture to ensure that the client certificate provides protection against MitM: http://www.carbonwind.net/ISA/ACaseofMITM/ACaseofMITMpart3.htm

An explanation of this type of MitM. http://www.networkworld.com/community/node/31124

This method is actually used by some firewall device units for deep control over SSL.

MitM was used to sound like a large release of Mission Impossible, which took up a lot of space. In fact, although there is no threatening DNS resolver or router anywhere on this path. There are many small Linksys and Netgear mailboxes in the world, and perhaps two or three of them do not have the latest security updates.

In practice, this seems good enough for large financial institution sites, although recent evidence suggests that their risk assessment strategies are somewhat less ideal.

Are there any free implementations of this scheme? (I know the SiteMinder product from CA)

Just a cookie on the client side, right? This is similar to the standard part of every web application platform.

Given the above, should I continue to authenticate in the application or go to the server?

Hardware crypto accumulators (either an SSL proxy server or an accelerator card) can significantly speed up this process.

Perhaps the help of certificate verification on the HTTP server will help. You can still do duplication in crypto math.

See if you will benefit from a cheaper algorithm or a smaller key size on client certificates.

After checking the client certificate, you can try to cache its hash file (or even all of this) for a short time. This can save you the trouble of repeating signature checks on the entire trust chain on every hit.

How often do your customers complete transactions? If the ones that make up the bulk of your transactions often click on you, you can convince them to combine multiple transactions into a single SSL negotiation and authentication. Take a look at setting the HTTP Keep-Alive header. They can do this to some extent. Perhaps your application checks the client certificate on each HTTP request / response or only once at the beginning of each session?

Anyway, these are some ideas, good luck!

+4
source

More articles:


All Articles