Encrypting the Internet with go-tutorial

This is a creation in Article, where the information may have evolved or changed.

Overview

Starting at the beginning for this year, a lot of your Internet traffic probably is going through Go. That's because Cloudflare delivers content for a great number of websites, and they has the build their TLS 1.3 using G O ' s crypto/tls.

Tls

Technically TLS is a transparent security protocol for data transfer over the Internet and it stands for Transport layer S Ecurity. It works by encrypting the traffic being transmitted over the wire.

At it core, TLS is about a client and a server, which want to communicate securely over the network. To does, both sides need to agree on some key material to use to encrypt the rest of the traffic for that connection. Handshake is the name of the "phase when" this agreement happens. A handshake involves some public key cryptography and some data being shuffled between the client to the server, or from T He server to the client.

TLS 1.2 have been the standard for almost a decade. But over this time, version 1.3 is being worked on. One of the most visible change of this new version is that in TLS 1.3 The handshake have been re-structured to shave off a n entire handshake roundtrip. Not only so, but for connections that is from visitors who has recently visited a site and is resuming a previous con Nection, TLS 1.3 allows for a dramatic speed boost with zero round trip time resumption (0-RTT).

Filippo commented that's the Go CRYPTO/TLS package are so good this cryptographers look at it to understand TLS. TLS implementation is not a trivial endeavor, but Go's CRYPTO/TLS package simplifies it to the point so you can Serializ E The state machine down to if statements.

Filippo goes over some Go code and shares some graphics to demonstrate the normal flow of data inside TLS:

Enter Cloudflare ' s 0-rtt

He then goes the highlight aspects of Cloudflare's 0-rtt and how it differs from the normal TLS flow. of NOTE:0-RTT data is disabled by default.

0-rtt data brings challenges in internals and also in API design, because it doesn ' t benefit from all the guarantees of TL S. For example, the server gets an answer immediately, it doesn ' t has to wait for confirmation from the client.

For the 0-rtt API, there is the important things the server needs:

• To know about the the data is 0-rtt
• To know when it's safe to use the 0-RTT data

He goes over five possible options to handle these challenges using Go, explaining the downside of each:

Other aspects of the API

• The 0-rtt API needs to being exposed to HTTP handler, because it needs access to the live ConnectionState and the Confirmhand Shake method. It uses context key information like Servercontextkey and Localaddrcontextkey.

• API design decisions and points out how important it was to keep details irrelevant to application developers out of the AP I interface.

• Need to is aware of order of operations to avoid blocking:

Currently there is a open CL to simplify this handshake flow. Comments or contributions is welcome:

33776: [DEV.TLS] crypto/tls:simplify the handshake locking-https://go-review.googlesource.com/c/33776/

• Interoperability testing using a Docker container with all known libraries.

• Patches to the standard library:

Crypto/tls in production

• Filippo talks about adapting the TLS stacks to the needs of the complex edge like Cloudflare ' s.

• He talks about GetConfigForClient the callback, and the proposal to add fields to Clienthelloinfo-https://github.com/golang/go/issues /17430.

• Passing TLS connections to nginx:if there's a file descriptor, pass the connection directly to Go. No OpenSSL is involved in the processing of the data:

Some Pointers about Net/http

Filippo goes into detail about these issues:

• Don ' t use HTTP timeout. If you get the one thing from the this talk, the it must be so you can ' t use the default timeouts!
• Timeouts is server-wide, so your can ' t change them based on path or authentication. This should is addressed in 1.10. Open Proposal welcomes Input:net/http:no the manipulating timeouts in HANDLER-HTTPS://GITHUB.COM/GOLANG/GO/ISSUES/1 6100
• Do not confuse keep-alives with HTTP timeout.

Take away

"We didn ' t break the internet!"

This is a very detailed talk. Be sure isn't to miss watching the video of it comes out!

About the Speaker

Filippo Valsorda works on cryptography and Systems engineering at Cloudflare. He ' s been the main developer of the pure-go Cloudflare DNS server, and wrote its DNSSEC implementation. He ' s now working on TLS 1.3 for the Cloudflare edge and upstream. He often writes about Go in the company and personal blog, talks about security and programming, and builds Go tools like GVT, the Heartbleed test and the WhoAmI SSH server.

Slides for this talk:https://speakerdeck.com/filosottile/encrypting-the-internet-with-go-at-gophercon-2017

Twitter: @FiloSottile