SSL Inspection & Perfect Forward Secrecy

TL;DR

Achieving SSL inspection and maintaining Perfect Forward Secrecy (PFS) requires careful configuration of your proxy/firewall. The best options involve using modern TLS versions (1.3 preferred), cipher suites that support ephemeral key exchange, and properly configured certificate authorities.

SSL Inspection with PFS: A Step-by-Step Guide

1. Understand the Challenge

• SSL inspection (also known as TLS interception) decrypts traffic to inspect its contents. This traditionally breaks PFS because the private key used for decryption is long-lived.
• PFS ensures that even if a private key is compromised, past sessions remain secure. It does this by generating unique session keys.

Choose Your Proxy/Firewall

Popular options include:

• Squid (open-source)
• HAProxy (open-source)
• FortiGate (commercial)
• Palo Alto Networks firewalls (commercial)
• Sophos firewalls (commercial)

Ensure your chosen solution supports modern TLS and cipher suite configuration.

Enable Modern TLS Versions

• Prioritize TLS 1.3 if possible. It offers significant security improvements, including PFS by default with most ciphersuites.
• Disable older versions like SSLv3, TLS 1.0 and TLS 1.1 as they are vulnerable.

Configure Cipher Suites

Select cipher suites that support ephemeral key exchange algorithms (e.g., ECDHE, DHE). These generate unique session keys for each connection.

• ECDHE-RSA-AES256-GCM-SHA384: A strong option combining Elliptic Curve Diffie-Hellman Ephemeral with RSA key exchange and AES encryption.
• DHE-RSA-AES256-GCM-SHA384: Similar to ECDHE but uses Diffie-Hellman instead of elliptic curves. Generally slower than ECDHE.

Example Squid configuration snippet (adjust for your specific needs):

ssl_bump peek all
ssl_bump cert /etc/squid/myCA.pem
ssl_bump key /etc/squid/myCA.key
ssl_bump session_keyfile /var/lib/squid/ssl_session_keys
acl ssl_port port 443
http_access allow ssl_port
http_access deny all
ssl_ciphers ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384

Implement a Trusted Certificate Authority (CA)

• Create your own internal CA or use a commercial one.
• Sign certificates for the websites you want to inspect with this CA.
• Distribute the root certificate of your CA to all client devices. This is crucial; otherwise, clients will see warnings about untrusted certificates.

Configure Proxy/Firewall Certificate Handling

Your proxy needs to present the signed certificate from your internal CA when intercepting SSL connections.

• Ensure the proxy is configured to use the correct certificate and private key.
• Properly configure chain certificates if necessary.

Session Key Management

Some proxies offer features for managing session keys, improving PFS resilience.

• Squid’s ssl_session_keys option helps manage session key lifetimes.
• Consider using a hardware security module (HSM) to protect the private key of your CA.

Testing and Validation

• Use tools like openssl s_client or online SSL checkers to verify that PFS is enabled for intercepted connections.
• Check client browser warnings – they should not appear after installing the CA certificate.
• Monitor logs for any errors related to certificate validation or TLS negotiation.