1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Who uses SSL with XenForo?

Discussion in 'Forum Management' started by Floren, May 14, 2012.

  1. Floren

    Floren Well-Known Member

    I was wondering if there are any users who have enabled SSL on their forums.

    I recently switched one of my client's SSL to elliptic curves (EC) and the performance gains are simply stunning.
    Pages load at least 50% faster, while the server load is reduced. Basically, is the same type of ciphers used on Google https sites.

    Current setup uses OpenSSL 1.0.1c (EC enabled and combined with Google's 64-bit hacks/patches), Nginx 1.2.0, MariaDB 5.2.12 and PHP 5.3.13 running on CentOS 5.8. First thing I noticed was the improved First Byte time, under 2000ms for across the ocean requests.

    As far as I know, I did not see anywhere else the elliptic curve ciphers implemented beside Google.
    Not even Facebook has it, which surprises me a lot:

    IMG_14052012_055229.png IMG_14052012_055108.png IMG_14052012_060031.png IMG_14052012_055544.png

    Please let me know what ciphers you use on your site and how do you find the overall performance with them.
    If you could post some numbers, it will be great.
    RoldanLT and JVCode like this.
  2. Claudio

    Claudio Well-Known Member

    could you please post more information about this? Do I need a dedicate IP to do this?

  3. Andy.N

    Andy.N Well-Known Member

  4. Floren

    Floren Well-Known Member

    I'm waiting a reply from Certicom, before I post more information. Certicom detains several patents related to elliptic curve ciphers, so is a matter of being legal. Redhat decided to strip EC from their packages completely, in order to avoid what they call "possible patent issues". On the other hand, nothing is written in stone. Take for example Debian, Ubuntu, OpenSUSE, FreeBSD... they all have enabled EC into their OpenSSL packages.

    The question is: Am I allowed to use the elliptic curves technology included into OpenSSL source, within my site?

    OpenSSL received a "gift" license from SUN, that's how they included EC into their package. What's left to cover is the end-user aspect. I'm no lawyer but in theory, if a piece of software is provided into an open-source package, I should be able to use it also without any licensing issues. That's how the other distro's see it and that's why they included the EC technology into their packages. But then, why Redhat/CentOS/Fedora decided is not suitable to have it present into their RPM's? They actually stripped the tarball of all EC code, not just disabled it at build time.

    I posted a tutorial how to upgrade your Redhat/CentOS 5.x to latest OpenSSL package.
    But that contains the "crippled" version without EC and Google performance enhancements. I cannot afford a lawsuit from Certicom for distributing open source with patented technology that might also result in several lawsuits to the users who installed my packages.

    If anyone can provide more insight of this matter, please let me know.
  5. Jesepi

    Jesepi Well-Known Member

    I wish I could. Google sadly does not offer adsense for sites running through https, so that kills it for me.
  6. Floren

    Floren Well-Known Member

    Based on my tests, the performance improvements are dramatic. All I need to know is if I can distribute legally my work to others, for free. Then we will all have EC power on our hands. The Google performance hacks are not included in any distro's out there, except my "offline" RPM's.

    Email or call Certicom (without linking them this info, obviously)! :)

    Once I have legal confirmation, I will complete the tutorial with the "missing" steps.
    Another interesting detail is that Nginx enabled EC support since 1.1.0 version. I really hope Certicom will not reply with something like: "Yes you can use EC technology if you license your site for $3,000."
  7. Floren

    Floren Well-Known Member

    Update: Apparently, you are bound to check if EC (as well other patent related ciphers) are allowed to be used in your country. Currently the Axivo packages are built without RC5. EC, IDEA and MDC2 ciphers are enabled. It is your legal obligation to validate if you can use EC. More info into Axivo tutorial.

    Rights to use and sell are explained into RFC 4492 document.
  8. Andy.N

    Andy.N Well-Known Member

    I"m using Ubuntu so I guess it is not available yet.
  9. Digital Doctor

    Digital Doctor Well-Known Member

  10. Floren

    Floren Well-Known Member

    Ubuntu has EC enabled, but without the Google optimizations due to packaging compatibility for all platforms. :D
  11. Adam Howard

    Adam Howard Well-Known Member

    This can be done in Debian Linux and is not excluded to Red Hat / Cent OS
  12. Floren

    Floren Well-Known Member

    Read my previous posts, is the other way around. EC is enabled in Debian/Ubuntu/Mandriva/FreeBSD etc., Redhat/CentOS/Fedora do not include the elliptic curves ciphers. Also, I'm pretty sure nobody beside Axivo Repository has the Google 64bits optimization implemented. I think is done this way just for packaging uniformity, Google optimization is available since OpenSSL 1.0.0 version but only for 64bits platforms. Axivo provides only 64bits packages, so this is not an issue. Nobody runs a serious setup on 32bits machines. :)

    Compared to previous RSA tests on OpenSSL, the Google optimized ephemeral Elliptic Curve Diffie-Hellman key exchange over P-224 runs at twice the speed of standard OpenSSL, while atomic elliptic curve operations are up to 4 times faster in 1.0.1c version.

    In addition, the implementation is immune to timing attacks. Axivo SSL setup gets a 90 score on SSL Labs, close to Google score. Not to bash vBulletin.com but is unfortunate they run a weak setup. Even if they get an 88 score, their site is vulnerable to Beast, DDoS and MITM attacks.

    Comparison of keys between the two RPM sets (without EC, FIPS enabled on axivoplus repo and with EC Google optimized for 64bits, FIPS disabled on axivo repo):


    I've created both packages, in case some people will not be allowed to legally use EC in their country/setup. For example, Google SSL sites do not run a built-in FIPS OpenSSL package mainly because FIPS is not compatible with EC.

    If anyone have law knowledge related to EC usage on a website, I would appreciate some feedback. It will help all of us. Personally, I've put a disclaimer just to protect myself. Technically, Axivo allows you to install whatever flavor you think is appropriate for your country/website (Debian or Redhat).
  13. Anthony Parsons

    Anthony Parsons Well-Known Member

    I have no idea about legal aspects of using EC. I use standard RSA encryption, and see no performance hit upon my server with load. If it exists, it is so negligible that it doesn't concern me to worry about optimising my SSL encryption type.
  14. Floren

    Floren Well-Known Member

    RSA is not as secure/fast as ECDHE-RSA. RSA have been breached several times, which determined Google to move to ECDHE-RSA since November 2011. Putting a side the speed: with Ephemeral Diffie-Hellman ciphers, the server generates a new key for each session and signs the public key. The client also generates a public key and they both generate a mutual key that no eavesdropper can know. The important part: there is a different public key for each session. If the attacker breaks a single public key then they can decrypt only a single session.
  15. Anthony Parsons

    Anthony Parsons Well-Known Member

    As stated above, Google, Facebook, etc, aren't worried about it, and they're targets. SSL is not something an amateur or moderate hacker can get through... so whilst I agree with everything you're saying, is it really that important for a forum website using SSL to stop the amateur and moderate hackers from interfering with the site to worry about the type of encryption? IMHO... no.

    You make many valid points Floren if you want that level of SSL. If someone is that skilled and dedicated to get past 256bit SSL for my sites browser sessions... hey, knock themselves out I say.
    p4guru and Floren like this.
  16. Floren

    Floren Well-Known Member

    I agree. :) Still, Google are worried... that's why they moved to EC.

    I'm just thinking more on my side, we have sensitive client data on my servers.
    Nothing like credit card data... but still.

    Back on topic, if you find anything about EC implementation, please let us know. Since EC is mostly enabled into Debian &Co. packages and Apache started to support ECDHE since 2.3.3 (Nginx since 1.1.0) we should see few tutorials posting more about forward secrecy and EC usage. Nothing, dead silence... there is no clear answer anywhere telling us: Yes you can use those ciphers without issues.

    What's even more confusing is that OpenSSL talks about how to be careful and use legally their incorporated technologies (which most have expired patents) but says nothing about EC...
    Anthony Parsons likes this.
  17. p4guru

    p4guru Well-Known Member

    Nice, do you have any benchmark results for comparison between the various OpenSSL implementations including your 1.0.1c ? i.e. what about difference just without or with Google 64bit hack/patches minus the EC enabling ?

    Curious about how much of performance improvement is attribute to EC enabled vs Google's 64bit patch/hacks :)
  18. Floren

    Floren Well-Known Member

    Google engineers ran tests on their implementation and the atomic elliptic curve operations are up to 4 times faster, compared to regular OpenSSL operations. That's the main reason I use EC now.

    As a side note, Axivo packages include OpenSSL SCTP and SRP support in Redhat/CentOS. For example, it is technically impossible to compile SCTP into OpenSSL with the libraries available in either 5 or 6 distro releases. Yet, we offer it to everyone. :)
    Anthony Parsons likes this.
  19. designergauravm

    designergauravm New Member

    It is great reading this dicussion. Compared to previous RSA tests on OpenSSL, the Google optimized ephemeral Elliptic Curve Diffie-Hellman key exchange over P-224 runs at twice the speed of standard OpenSSL, while atomic elliptic curve operations are up to 4 times faster in 1.0.1c version. Thanks for this interesting topic.
    Anthony Parsons likes this.
  20. Cathal

    Cathal New Member

    why cant i download any styles?

Share This Page