SSL

[May 16, 2008] Open-Source Security Idiots

Practical Technology

Sometimes, people do such stupid things that words almost fail me. That’s the case with a Debian ‘improvement’ to OpenSSL that rendered this network security program next to useless in Debian, Ubuntu and other related Linux distributions.

OpenSSL is used to enable SSL (Secure Socket Layer) and TLS (Transport Layer Security) in Linux, Unix, Windows and many other operating systems. It also includes a general purpose cryptography library. OpenSSL is used not only in operating systems, but in numerous vital applications such as security for Apache Web servers, OpenVPN for virtual private networks, and in security appliances from companies like Check Point and Cisco.

Get the picture? OpenSSL isn’t just important, it’s vital, in network security. It’s quite possible that you’re running OpenSSL even if you don’t have a single Linux server within a mile of your company. It’s that widely used.

Now, OpenSSL itself is still fine. What’s anything but fine is any Linux, or Linux-powered device, that’s based on Debian Linux OpenSSL code from September 17th, 2006 until May 13, 2008.

What happened? This is where the idiot part comes in. Some so-called Debian developer decided to ‘fix’ OpenSSL because it was causing the Valgrind code analysis tool and IBM’s Rational Purify runtime debugging tool to produce warnings about uninitialized data in any code that was linked to OpenSSL. This ‘problem’ and its fix have been known for years. That didn’t stop our moronic developer from fixing it on his own by removing the code that enabled OpenSSL to generate truly random numbers..

After this ‘fix,’ OpenSSL on Debian systems could only use one of a range from 1 to 32,768—the number of possible Linux process identification numbers—as the ‘random’ number for its PRNG (Pseudo Random Number Generator). For cryptography purposes, a range of number like that is a bad joke. Anyone who knows anything about cracking can work up a routine to automatically bust it within a few hours.

Why didn’t the OpenSSL team catch this problem? They didn’t spot it because they didn’t see it. You see Debian developers have this cute habit of keeping their changes to themselves rather than passing them upstream to any program’s actual maintainers. Essentially, what Debian ends up doing is forking programs. There’s the Debian version and then there’s the real version.

Usually, it’s a difference that makes no difference. Sometimes, it just shows how pig-headed Debian developers can be. My favorite case of this is when they decided that rather than allow Mozilla to have control of the logo in the Firefox browser, because that wasn’t open enough according to the Debian Social Contract, they forked Firefox into their own version: Iceweasel.

That was just stupid. This is stupid and it’s put untold numbers of users at risk for security attacks.

First, the mistake itself was something that only a programming newbie would have made and I have no idea how this ever got passed by the Debian code maintainers. This is first-year programming assignment. “What is a random number generator and how do you make one?”

Then, insult to injury, because Debian never passed its ‘fix’ on to OpenSSL, the people who would have caught the problem at a glance, this sloppy, insecure mess has now been used on hundreds of thousands, if not millions, of servers, PCs, and appliances.

This isn’t just bad. This is Microsoft security bad.

Now, there’s a fix for Debian 4.0 Etch and its development builds. Ubuntu, which is based on Debian,, also have fixes for it. In Ubuntu, the versions that need patches are Ubuntu 7.04, Feisty; Ubuntu 7.10, Gutsy; the just released Ubuntu 8.04 LTS Hardy, and the developer builds of Ubuntu Intrepid Ibex.

Debian has also opened a site on how to rollover your insecure security keys to the better ones once you’ve installed the corrected software.. For more on how to fix your system, see Fixing Debian OpenSSL on my ComputerWorld blog, Cyber Cynic.

[May 3, 2005]  A universal TLS gateway by DeleGate by Yutaka Sato

From DeleGate/9.0.1, the configuration of DeleGate as a TLS (or SSL) gateway has become simple and uniform. TLS gateways for any application protocol including HTTP, FTP, SMTP, POP, IMAP and so on, can be enabled by simply specifying the common STLS parameter as this:

STLS=fcl

In older versions, it was a little complicated to configure DeleGate as a TLS gateway, especially for FTP protocol as described in the former document, like this:

// FTP/FTPS gateway before DeleGate/9.0.1

delegated-older -P990 SERVER=ftp FCL=sslway
delegated-older -P21  SERVER=ftp CMAP=sslway:FCL:ftp CMAP="sslway -st:FCL:ftp-data"

Also it was necessary to run two DeleGate servers to make services for FTPS and FTP+AUTH-TLS clients respectively. And the configuration of the latter was a bit complex.

But now, those DeleGate can be realized with one DeleGate server as this.

Intel NetStructure 7110 e-commerce accelerator. See also its online documentation

(Note: This unit was originally developed by iPivot, who was subsequently bought by Intel. It appears to be based on the Rainbow card.)

This is a box running BSD and OpenSSL internally; it has two Ethernet ports, and transparantly converts SSL connections to normal ones. It handles about 200 conn/sec. Up to 5 7110's may be cascaded. The 7180 is larger, handles 600 conn/sec, and can't be cascaded (though you can put 7100's in front of it.)

Price: 7110 is $13000, 7180 is $40000 as of April 2000.

Nortel's Accelar Price: Accelar 710 is $17000 as of October 1999.

Rainbow Rainbow Technologies Internet Security Group Home Page

[Apr 16, 2000] Rainbow Technologies NetSwift1000 VPN PCI Card

The nCipher/Linux solution is spotty. I had a lot of trouble getting it to work right and ended up getting a tech out to help me. In addition to a driver, it needs a special application that loads into memory to help it....

The Rainbow card is better, but their OpenSSL support is so/so. From the patches, it appears that they basically modify OpenSSL so that it can offload the big number stuff to the card. I think it would be much wiser of them to publish a spec to the OpenSSL group and let them do true integration with it. Because of their patch, we could never get more than 117 connections/sec. with the Rainbow card.

Now the catch with the Rainbow card.... =) Read the fine print carefully and you see that they do 200 RSA ops/sec. More accurately, they can do one RSA operation in 4.9ms. This does not take into account the overhead of SSL, network connection setup and tear down, etc. The iPivot (Intel) solution that advertises 200 connections per second really only gets 117 when you tell Web Bench to not do any session id reuse. (Oops.) I'm sure that is also the case with anyone who uses the Rainbow card in their product. Ditto with nCipher.

Overall experience with the Rainbow card: Good. Their tech support is pretty good. The patch to OpenSSL works reliably, albeit, slower than I'd like it to. Their sales team is confused, but what else is new?

Personally, I'd like to get my hands on the Compaq Atalla card to benchmark it and find out. I'm sure if they managed to get native OpenSSL support, they'll whip the pants off Rainbow.

From: [email protected]
Date: April 30, 2000

Hi Dan,
I noticed you put up a nice page on getting SSL hardware acceleration for linux (kudos for the great info!) and wanted to follow up with some info about Rainbow, and iPivot (now Intel).

First, Rainbow: I'm very happy with them... We're currently using a bunch of CryptoSwift cards, and I've also played with their NetSwift (which is targetted more for IPSec/IKE applications). We've gotten full driver source for the NetSwift and the kernel crypto libraries, as well as sources CryptoSwift driver from them without any arm- twisting on our part (well, we bought ten cards for starters, so that may have had some effect 8-). Although their OpenSSL integration is not the greatest (from the point of view of ease-of-use, keeping up with new OpenSSL versions, and archtiecture of their code), it works and was given to us also without any major effort on our part.

I'm pretty happy with performance -- with our in-house servers, which use a phhttpd-based I/O core, I get pretty close to the 200 conn/s. I hear they also have a card spec'ed at 600 connections/second.

Next, iPivot: I don't want to crap on these guys, but they're the main reason I ended up writing the SSL-terminator software mentioned above from scratch. Both their boxes do 200 conn/s, but max out at around 2500 connections through one box. When we were evaluating their CA-1000 box in December, it would regularly crash and nuke all existing 2500 connections rather than roll over or deny the connection. The max connection limit may not be bad for people doing standard web serving where connection come and go quickly, but we had a need for long-lived connections, so it was of ultimate importance. (As a side note, it was also pretty easy to defeat their lame console security and muck around in the OS -- which is BSDI, and it does just package an OEM version of the Rainbox chip onboard -- running on the box, although we had to return the box before I really had any fun with it 8-).

theTitle

IRVINE, CA. July 15, 1998 – Rainbow Technologies (NASDAQ: RNBO), a leading supplier of cryptographic accelerator hardware boards for increased secure web server performance, announced today that CryptoSwift II, the fastest public key cryptographic processor in the world, is now shipping. CryptoSwift II will be showcased at this year's Internet World in Chicago, July 15th - 17th, (booth number 1654). CryptoSwift II provides companies with hardware level security for electronic commerce transactions.

CryptoSwift II leads its competition in price/performance and in transaction processing speed. CryptoSwift is capable of handling more than 200 transactions per second and performing a reference RSA signature in five milliseconds. In comparison, a Pentium II™ at 400Mhz takes 25 milliseconds – five times longer – to complete the same operation. In real world servers, CryptoSwift II improves server response time by up to 90 percent and increases server capacity by at least 10 times by offloading and accelerating public key cryptography.

CryptoSwift is widely deployed in several

SSL Acceleration

Found an old list of SSL accelerator cards at
http://www.peoplebridge.com/Performance/links.htm
and tracked down updated links for the products mentioned
there. IMHO the right place to hook these things
in is at the OpenSSL crypto library level. I think ncipher
might already do this, at least to support Apache.

Cards that may support Linux:
http://www.ncipher.com/products/nfast.html
http://www.phobos.com
http://www.ibm.com/security/cryptocards/

ZDNet eWEEK Mega-proxy servers A load of trouble

Cards that probably don't support Linux:
http://www.tandem.com/quickspecs/axl200qs/axl200qs.htm
http://isg.rainbow.com/products/cs_1.html
http://www.chrysalis-its.com/product/spec_sheets/toolkit_specsheet.htm

Boxes:
http://www.intel.com/network/products/accel_7110.htm (nee ipivot)

Reviews:
http://www.infosecuritymag.com/jan2000/cover.htm (comparison graph at bottom)
http://www.infowar.com/chezwinn/ecommerce.html-ssi

CPUs:
supposedly the Itanium and the Ultrasparc III will both be better
at doing the computations of SSL than were the Pentium 3 or Ultrasparc 2.

APIs:
RSA's BSAFE BHAPI http://www.rsasecurity.com/news/pr/970730.html

		Keep Informed with the Networking Newsletter Keep in touch with the latest in networking information, tools and resources from Intel.

		Technical Specifications White Paper: Planning and Building a Data Center White Paper: SSL Benchmarking SSL Solutions

1Tested publicly at NetWorld and Interop 1999 show May 10-12 using Sun E450 server with Solaris* operating system. Also see Networkshop "Scaling E-Commerce Applications" report of 1999:http://www.networkshop.ca

Intel(r) NetStructure(tm) e-Commerce Equipment

Intel® NetStructure™ 7110 e-Commerce Accelerator Assumes the task of Secure Socket Layer(SSL) encryption/decryption, restoring server speed and boosting Web site performance by up to 50 times1. This drop-in, scalable appliance processes up to 200 secure connections per second. Intel® NetStructure™ 7180 e-Commerce Director Assumes the task of Secure Socket Layer (SSL) encryption/decryption, restoring server speed and boosting Web site performance by up to 150 times1. Traffic management using actual response times and Layer 7 control eliminates errors, enables site managers to prioritize secure traffic for all customers or URLs and balances traffic among servers.

Planning and Building a Data Center Meeting the e-Business Challenge.

1Tested publicly at NetWorld and Interop 1999 show May 10-12 using Sun E450 server with Solaris operating system. Also see Networkshop "Scaling E-Commerce Applications" report of 1999:http://www.networkshop.ca

Etc

Society

Groupthink : Two Party System as Polyarchy : Corruption of Regulators : Bureaucracies : Understanding Micromanagers and Control Freaks : Toxic Managers :   Harvard Mafia : Diplomatic Communication : Surviving a Bad Performance Review : Insufficient Retirement Funds as Immanent Problem of Neoliberal Regime : PseudoScience : Who Rules America : Neoliberalism  : The Iron Law of Oligarchy : Libertarian Philosophy

Quotes

War and Peace : Skeptical Finance : John Kenneth Galbraith :Talleyrand : Oscar Wilde : Otto Von Bismarck : Keynes : George Carlin : Skeptics : Propaganda  : SE quotes : Language Design and Programming Quotes : Random IT-related quotes :  Somerset Maugham : Marcus Aurelius : Kurt Vonnegut : Eric Hoffer : Winston Churchill : Napoleon Bonaparte : Ambrose Bierce :  Bernard Shaw : Mark Twain Quotes

Bulletin:

Vol 25, No.12 (December, 2013) Rational Fools vs. Efficient Crooks The efficient markets hypothesis : Political Skeptic Bulletin, 2013 : Unemployment Bulletin, 2010 :  Vol 23, No.10 (October, 2011) An observation about corporate security departments : Slightly Skeptical Euromaydan Chronicles, June 2014 : Greenspan legacy bulletin, 2008 : Vol 25, No.10 (October, 2013) Cryptolocker Trojan (Win32/Crilock.A) : Vol 25, No.08 (August, 2013) Cloud providers as intelligence collection hubs : Financial Humor Bulletin, 2010 : Inequality Bulletin, 2009 : Financial Humor Bulletin, 2008 : Copyleft Problems Bulletin, 2004 : Financial Humor Bulletin, 2011 : Energy Bulletin, 2010 : Malware Protection Bulletin, 2010 : Vol 26, No.1 (January, 2013) Object-Oriented Cult : Political Skeptic Bulletin, 2011 : Vol 23, No.11 (November, 2011) Softpanorama classification of sysadmin horror stories : Vol 25, No.05 (May, 2013) Corporate bullshit as a communication method  : Vol 25, No.06 (June, 2013) A Note on the Relationship of Brooks Law and Conway Law

History:

Fifty glorious years (1950-2000): the triumph of the US computer engineering : Donald Knuth : TAoCP and its Influence of Computer Science : Richard Stallman : Linus Torvalds  : Larry Wall  : John K. Ousterhout : CTSS : Multix OS Unix History : Unix shell history : VI editor : History of pipes concept : Solaris : MS DOS :  Programming Languages History : PL/1 : Simula 67 : C : History of GCC development :  Scripting Languages : Perl history   : OS History : Mail : DNS : SSH : CPU Instruction Sets : SPARC systems 1987-2006 : Norton Commander : Norton Utilities : Norton Ghost : Frontpage history : Malware Defense History : GNU Screen : OSS early history

Classic books:

The Peter Principle : Parkinson Law : 1984 : The Mythical Man-Month :  How to Solve It by George Polya : The Art of Computer Programming : The Elements of Programming Style : The Unix Hater’s Handbook : The Jargon file : The True Believer : Programming Pearls : The Good Soldier Svejk : The Power Elite

Most popular humor pages:

Manifest of the Softpanorama IT Slacker Society : Ten Commandments of the IT Slackers Society : Computer Humor Collection : BSD Logo Story : The Cuckoo's Egg : IT Slang : C++ Humor : ARE YOU A BBS ADDICT? : The Perl Purity Test : Object oriented programmers of all nations : Financial Humor : Financial Humor Bulletin, 2008 : Financial Humor Bulletin, 2010 : The Most Comprehensive Collection of Editor-related Humor : Programming Language Humor : Goldman Sachs related humor : Greenspan humor : C Humor : Scripting Humor : Real Programmers Humor : Web Humor : GPL-related Humor : OFM Humor : Politically Incorrect Humor : IDS Humor : "Linux Sucks" Humor : Russian Musical Humor : Best Russian Programmer Humor : Microsoft plans to buy Catholic Church : Richard Stallman Related Humor : Admin Humor : Perl-related Humor : Linus Torvalds Related humor : PseudoScience Related Humor : Networking Humor : Shell Humor : Financial Humor Bulletin, 2011 : Financial Humor Bulletin, 2012 : Financial Humor Bulletin, 2013 : Java Humor : Software Engineering Humor : Sun Solaris Related Humor : Education Humor : IBM Humor : Assembler-related Humor : VIM Humor : Computer Viruses Humor : Bright tomorrow is rescheduled to a day after tomorrow : Classic Computer Humor

The Last but not Least Technology is dominated by two types of people: those who understand what they do not manage and those who manage what they do not understand ~Archibald Putt. Ph.D

The statements, views and opinions presented on this web page are those of the author (or referenced source) and are not endorsed by, nor do they necessarily reflect, the opinions of the Softpanorama society. We do not warrant the correctness of the information provided or its fitness for any purpose. The site uses AdSense so you need to be aware of Google privacy policy. You you do not want to be tracked by Google please disable Javascript for this site. This site is perfectly usable without Javascript.

Last modified: March, 12, 2019