Vipul Gupta's Weblog

Next-Generation Security for the Apache Web Server

Wednesday Jun 17, 2009

Elliptic Curve Cryptography (ECC) is a next-generation public-key cryptographic technology that is more resource efficient than RSA (learn why) and was recently endorsed by the NSA for protecting sensitive US Government Information (see The Case for ECC and Suite B).

Sun Labs has played a major role in promoting wide-spread industry adoption of this technology by:

  1. Leading the standardization of ECC within SSL/TLS, the dominant security protocol used on the Internet (see RFC 4492 and its earlier versions).
  2. Contributing ECC technology to OpenSSL (version 0.9.8 and later) and NSS/Mozilla (version 3.8 and later) -- two cryptographic libraries that power the world's most popular open source web server (Apache) and browser (Firefox), respectively.
  3. Initiating and leading a cross-vendor ECC Interoperability Forum (with participants from Apache, Certicom, Microsoft, Mozilla, OpenSSL, Red Hat, RSA, Sun and Verisign) to ensure seamless interoperability between ECC-enabled offerings from different companies.

ECC has been part of Firefox since October 2006 when version 2.0 was released but isn't yet included in the default build of the Apache web server (see Bug 40132). I recently updated the patch and corresponding instructions to create an ECC-enabled version of Apache 2.2.11 with OpenSSL 1.0.0-beta2. If you happen to try out the patch, I'd love to get your feedback.

In case you are wondering "why should I care?", think of this as another step in reducing the computational cost of security so service providers like Amazon, Facebook, Google and Yahoo can turn on HTTPS by default for all user interactions (not just the login phase), thereby boosting privacy on the Internet.

[7] Comments
Like this post?
Bookmark and Share
Posted at 03:01AM Jun 17, 2009 by vipul in Sun
Tags:
Comments:

Really ofcourse ECC is the lightweight alternative to RSA, but let me know how an ECC will be implemented in SunSpot using Java, can anyone provide/show me a simple algorithm of ECC implemented in Java using sqwake JVM, thanks

Posted by SANA UL HAQ on June 22, 2009 at 08:00 PM PDT #

Also let's not forget that Sun's own Web Server 7 has had ECC support (thanks to Vipul's work with NSS) since early 2007, so no need to wait for Apache to catch up:

http://blogs.sun.com/jyrivirkki/entry/sun_ecc_and_web_server

Posted by Jyri Virkki on June 22, 2009 at 11:31 PM PDT #

For those of us who participated in Rob Harley's exercises to crack ECDL ( http://cristal.inria.fr/~harley/ecdl/ ), some reference to that might help with putting the current standard in context. I'm struggling to find any reference by just following your links.

Posted by niq on June 22, 2009 at 11:41 PM PDT #

@Sana: ECC is already part of the Sun SPOT SDK (see lib/crypto_common.jar and lib/SSL_device.jar under the SDK installation directory). You can learn more about how ECC is used on Sun SPOTs via several slides and videos posted at http://research.sun.com/people/mybio.php?c=509. For example, the video linked under "Selected Presentations" from the Sun Labs Open House and the set of slides titled "Secure Adhoc Communication". The latest SPOT SDK also has a few built-in demos on using ECC (look under Demos/CryptoDemos).

cheers,

vipul

Posted by Vipul Gupta on December 08, 2009 at 11:24 AM PST #

Hi Vipul Gupta,

I read your article about Apache with ECC certificates :

i used the same apache 2.2.11 and openssl-1.0.0-beta2 and applied exactly the same steps.

i used local lan ip 10.10.10.64....my hostname is also 10.10.10.64... i am using OpenSUSE 11.1

my httpd-ssl.conf is

<VirtualHost 10.10.10.64:443>
ServerName 10.10.10.64
SSLEngine on
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv1:+EXP:+eNULL
SSLCertificateFile "/etc/certs/cert.pem"
SSLCertificateKeyFile "/etc/certs/key.pem"
SSLCACertificateFile "/etc/certs/cacert.pem"
<VirtualHost>

but the error in FireFox is "sec_error_inadequate_cert_type"

Certificates are ok , when i use them in OpenLDAP server then they work.

if i replace these ECC certificates by RSA certificates then it also works.

Kindly tell me the issue.

Best Regards
Mary Peterson
University of Essex

Posted by Mary Peterson on December 10, 2009 at 02:39 AM PST #

@Mary: According to
http://www.mozilla.org/projects/security/pki/nss/ref/ssl/sslerr.html

SEC_ERROR_INADEQUATE_CERT_TYPE
-8101 Certificate type not approved for application.

Most likely, your certificate has one or more extensions that specifically
disallow its use for SSL server authentication or for key encryption. Can
you send me the certificate chain you are using and also the cipher suite
you are trying to negotiate. Not all ECC certs are suitable for all ECC
cipher suites.

I hope this helps,

vipul

Posted by 204.153.12.52 on December 10, 2009 at 11:27 AM PST #

The patch mentioned in this post has now been integrated into the Apache trunk. More information at:

http://blogs.sun.com/vipul/entry/an_update_next_generation_security

vipul

Posted by 204.153.12.52 on December 10, 2009 at 11:29 AM PST #

Post a Comment:
  • HTML Syntax: NOT allowed