Daniel Munteanu
Technical Product Manager
Blog

Be the Superman of Your Network Without Crypto Taking You Down

July 5, 2017 by Daniel Munteanu

We all know that encryption is here to stay. Network environments have been rapidly moving towards increased levels of encrypted traffic: Sandvine’s Global Internet Phenomenon Report predicts that encrypted traffic will surpass 80% this year on some mobile provider networks. Getting prepared for the encrypted world is without a doubt a must, as emphasized by my colleague in a previous blog post here. But is there anything else waiting (around the corner) after that? Once we dimension these environments for this huge amounts of encrypted traffic is there anything else threatening them?

Well, there is. Details often overlooked are the encryption algorithms in use and how they evolve. Like Superman and kryptonite, a certain change of these parameters might trigger chaos and crypto might take the network-responsible Superman down unless properly protected.

One example of such an imposed change was the switch from using SHA-1 certificates to more secure signature hashing like the SHA2 family (i.e., SHA224, SHA256, SHA384, SHA512). I am sure that most of you already did this transition because, in early 2017, many web browsers (like Chrome and Firefox) dropped support of SHA-1 certificates. Actually, first announcements about the intention of deprecating SHA-1 started much earlier and although some were thinking that this security measure was a bit too impassioned, it turned out that it came right in time to offer a safer web experience. Why? Simply because no later than February 23, 2017, it turned out that a group of researchers from CWI Institute in Amsterdam and a team from Google announced the first practical technique for generating a collision. Check it out here: https://shattered.io/.

The good news is that, per the latest Qualys SSL Pulse survey report, virtually everybody moved away from the infamous SHA-1:

1

Actually, Certification Authorities (operating under the CA/Browser Forum regulations) are not providing SHA-1 certificates anymore.

SHA-1 is History Now. So What?

Next, let`s take as an example another security technique that is moving towards 100% adoption: perfect forward secrecy (primarily enabled by DHE and ECDHE ciphers). In a nutshell, perfect forward secrecy is a mechanism that offers increased protection against attempts to break the session keys (used to encrypt the actual data traffic) even if the server`s private key is compromised. It does so by not using the private key in the process of deriving the session keys (instead, it is using ephemeral Diffie Hellman).

While the transition to DHE and ECDHE ciphers is still ongoing, it is important that stakeholders responsible for network and traffic performance thoroughly understand the impact of this transition before making the switch. Eliminating doubts about the outcome of such changes can only be achieved through hard-proof data gathered after realistic, production-like testing.

Obviously, performance is a primary concern when transitioning from to DHE and ECDHE ciphers. Let`s do a quick analysis of some performance outcomes of various ciphers with and without perfect forward secrecy.

As test conditions, we will the same certificate type for all tests and we will be extremely rough with no session resumption (therefore the keying material will be computed from scratch for each new connection). We will use for this comparison of two different-generation chipsets that are terminating the SSL connection: think a potential SSL offload device, an SSL inspection device (which will face an even higher impact as it generally needs to maintain two different SSL connections), or even an actual web server.

2

We all know that elliptical curve (EC) cryptography provides better performance at the same security level but if we are to compare forward secrecy on EC ciphers, we can see that the performance degradation is still considerable. Imagine the impact a 60% drop in new accepted SSL connections might have on your business!

And this is just a current example of what a single change in the crypto parameters can bring.

We Help the Network Superman Stay on Top of Any Crypto Challenge

The online connected world tries to keep up with the ever-increasing cryptographic requirements for more secured user experiences but what does this mean for network infrastructures? In most cases, it comes down to more compute-intensive operations and increased overhead and traffic volumes. Eventually, all these translate into uncertainty and unpredictable outcome unless properly validated.

Ixia helps you stay prepared with the test tool to validate the scale and performance expected from modern requirements. Ixia’s CloudStorm is designed with future testing requirements in mind, having both hardware and software optimizations to ensure superior SSL performance for most major ciphers.