Am Mittwoch 31 März 2010 13:21:56 schrieb Peter Bowen: > On Wed, 2010-03-31 at 10:51 +0200, Thomas Biege wrote: > > during the secure development workshop last week in Prague > > the question came up how to configure ephemeral keying using > > apache2/mod_ssl. > > Thomas, > > Unfortunately I was not in Prague, so I don't have the background on > this. Can you please explain a little about what ephemeral keying is > and why one wants it? > > Thanks, > Peter
It influences the ssl handshake and creates something that is called 'perfect forward secrecy' (PFS). The perfect forward secrecy means that an adversary can capture the encrypted traffic and when she gains access to your private key is not able do decrypt the already sent data as well as data from future transmissions. (But she can of course spoof the identity of the SSL- enabled server with the key.) This sounds a bit weired but it works simply by generating an ephemeral key for encryption (using Diffie-Hellman key exchange (kex)) and verifying the authenticity of the keys by using the RSA/DSA key in the certificate. Because the ephemeral key is only used once per session and it is never transmitted over the wire (DH kex) the sessions confidentiality is assured even if the key used for signing (RSA/DSA) is known. In the case of DSA SSL certificates it is also mandatory to support ephemeral keying because DSA can only be used for signing and not for encryption. HTH Thomas -- Thomas Biege <[email protected]>, SUSE LINUX, Security Support & Auditing SUSE LINUX Products GmbH, GF: Markus Rex, HRB 16746 (AG Nuernberg) -- Wer aufhoert besser werden zu wollen, hoert auf gut zu sein. -- Marie von Ebner-Eschenbach -- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
