thr3ads.net - dovecot - Tighten TLS - usage of specific ssl

If this information is useful, please help other people find it:
Share via:

Martin

2016-Apr-14 17:55 UTC

Tighten TLS - usage of specific ssl_ec-curve

Hi folks, at first: thanks very much for the great piece of software!

I have a proposal to tighten the TLS security: enable the usage of a specific
ec-curve in the 10-ssl.conf, e.g.

	ssl_ec-curve = secp384r1


Reason: I use a 384 bit EC server key, but dovecot uses "only" a
prime256v1 curve.


Keygen was:
f=dovecot; openssl ecparam -name secp384r1 -genkey -out $f.key 
openssl req -new -x509 -key $f.key -out ${f}.crt -days 2000 -sha512


Server check gives:
prio  ciphersuite                    protocols  pfs                 curves
1     ECDHE-ECDSA-AES128-GCM-SHA256  TLSv1.2    ECDH,P-256,256bits  prime256v1
2     ECDHE-ECDSA-AES128-SHA256      TLSv1.2    ECDH,P-256,256bits  prime256v1
3     ECDHE-ECDSA-AES128-SHA         TLSv1.2    ECDH,P-256,256bits  prime256v1
4     ECDHE-ECDSA-AES256-GCM-SHA384  TLSv1.2    ECDH,P-256,256bits  prime256v1
5     ECDHE-ECDSA-AES256-SHA384      TLSv1.2    ECDH,P-256,256bits  prime256v1
6     ECDHE-ECDSA-AES256-SHA         TLSv1.2    ECDH,P-256,256bits  prime256v1

Certificate: UNTRUSTED, 384 bit, ecdsa-with-SHA512 signature



$ sudo nano /etc/dovecot/conf.d/10-ssl.conf
ssl = required
ssl_protocols = !SSlv2 !SSLv3 TLSv1.2
ssl_cipher_list =
EECDH+AES128+AESGCM:EECDH+AES256+AESGCM:EECDH+AES128+SHA256:EECDH+AES256+SHA384:EECDH+AES128+SHA:EECDH+AES256+SHA
ssl_prefer_server_ciphers = yes
ssl_key = </etc/dovecot/dovecot.key
ssl_cert = </etc/dovecot/dovecot.crt


OS is arch linux.

Thanks very much,
Martin

Aki Tuomi

2016-Apr-15 07:35 UTC

head link

Tighten TLS - usage of specific ssl_ec-curve

On 14.04.2016 20:55, Martin wrote:> Hi folks, at first: thanks very much for the great piece of software!
>
> I have a proposal to tighten the TLS security: enable the usage of a
specific ec-curve in the 10-ssl.conf, e.g.
>
> 	ssl_ec-curve = secp384r1
>
>
> Reason: I use a 384 bit EC server key, but dovecot uses "only" a
prime256v1 curve.
>
>
> Keygen was:
> f=dovecot; openssl ecparam -name secp384r1 -genkey -out $f.key
> openssl req -new -x509 -key $f.key -out ${f}.crt -days 2000 -sha512
>
>
> Server check gives:
> prio  ciphersuite                    protocols  pfs                 curves
> 1     ECDHE-ECDSA-AES128-GCM-SHA256  TLSv1.2    ECDH,P-256,256bits 
prime256v1
> 2     ECDHE-ECDSA-AES128-SHA256      TLSv1.2    ECDH,P-256,256bits 
prime256v1
> 3     ECDHE-ECDSA-AES128-SHA         TLSv1.2    ECDH,P-256,256bits 
prime256v1
> 4     ECDHE-ECDSA-AES256-GCM-SHA384  TLSv1.2    ECDH,P-256,256bits 
prime256v1
> 5     ECDHE-ECDSA-AES256-SHA384      TLSv1.2    ECDH,P-256,256bits 
prime256v1
> 6     ECDHE-ECDSA-AES256-SHA         TLSv1.2    ECDH,P-256,256bits 
prime256v1
>
> Certificate: UNTRUSTED, 384 bit, ecdsa-with-SHA512 signature
>
>
Thank you for your suggestion, we will take it under consideration as we 
are improving security settings for next major release.

Aki Tuomi
Dovecot oy

dovecot - Apr 2016 - Tighten TLS - usage of specific ssl_ec-curve

Tighten TLS - usage of specific ssl_ec-curve

Tighten TLS - usage of specific ssl_ec-curve