Harden TLS Session Resumption

The TLS session resumption functionality is misconfigured. This opens attackers the possibility to steal existing TLS sessions from other users.

Security Assessment

Security_Assessment_HardenTLSSessionResumption

CVSS Vector: AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

Vulnerability Information

The TLS session resumption functionality is misconfigured. This opens attackers the possibility to steal existing TLS sessions from other users.

Generally, the TLS session resumption functionality speeds up client reconnections, as no full TLS handshake needs to take place. Instead a value known from a previous session is used to verify the authenticity of the connection. If the server does not rotate or renew its secrets properly, the session resumption breaks perfect forward secrecy.

Guides

To disable TLS session resumption, follow one of our guides. There exist further possibilities to harden the session resumption feature, but are based on scheduled restarts of the webserver. Relate the "Further Reading" for more information.

Apache

On Apache you need insert the SSLOpenSSLConfCmd directive into the virtual host configuration in /etc/apache2/sites-enabled/domain.conf or /etc/httpd/sites-enabled/domain.conf:

<IfModule mod_ssl.c>
SSLStaplingCache shmcb:/tmp/stapling_cache(128000)
<VirtualHost *:443>

ServerAdmin webmaster@localhost
ServerName example.com
DocumentRoot /var/www

SSLEngine on

SSLCertificateFile /etc/ssl/new.pem
SSLCertificateKeyFile /etc/ssl/privkey.key


SSLOpenSSLConfCmd Options -SessionTicket
</VirtualHost>
</IfModule>

Nginx

For Nginx, update the configuration file which is usually located at /etc/nginx/nginx.conf, /etc/nginx/sited-enabled/yoursite.com (Ubuntu / Debian) or /etc/nginx/conf.d/nginx.conf (RHEL / CentOS). Add thessl_session_ticketsdirective to the server section:

server {
listen 443;
server_name example.org;

root /usr/share/nginx/www;
index index.html index.htm;

ssl on;
ssl_certificate /etc/ssl/new;
ssl_certificate_key /etc/ssl/privkey.key;


ssl_session_tickets off;
}

For more information about Crashtest Security visit crashtest-security.com