[erlang-questions] Using my own Diffie-Hellman + AES instead of SSL

Morgan Segalis msegalis@REDACTED
Thu Jun 7 14:15:20 CEST 2012

Hi Angela !

Actually, anonymous cyphers are, as described in the Erlang doc, not quite good for security… (vulnerable to man in the middle)

I should explain more about the idea I had for good encryption without SSL (kinda, since we need it for the gateway) …

1) The client should connect WITH SSL to a gateway (With Certificate and strong Cipher)
2) Client and Server will negotiate a key together along with a sessionID (not sure we need Diffie-Hellman since it is a secure connection)
3) The sessionID + key will be stored in a cassandra database (With a TimeToLive of 2min)
4) The server will tell to which node the client should connect
5) Client disconnects from gateway
6) Client connects to the node specified by the gateway, and gives the SessionID to the node (in clear)
7) The Server node retrieve the Key from the cassandra db
8) If it exist, it sends an accept to the client with the encryption, if not it disconnects the client and we are back to square 1.
9) Both client & server can communicate over AES using the key they now both have.

Only the sessionID is sent without encryption, but without the key, the sessionID is useless.
Once retrieved by the server node, the sessionID will be deleted from cassandra.

This will give the gateway all the hassle to deal with SSL and it's memory footprint, but since the client won't stay connected to the gateway, it doesn't matter, it will be removed as soon as the client disconnects.

>  We are also curious to know what you think is an acceptable  memory
> footprint and why?

Actually, I do not have any acceptable level per say… I would like to handle a maximum client on a single server.
I'm actually trying to reach 1 millions connections (mostly idle) on a server with 16 GB of RAM with nothing else on it that the erlang node.

Right now, memory speaking I can "only" handle 200 000 clients on the same server afterwards it start swapping (on a SSD so stay pretty fast, but still), using ssl_hibernate AND gen_server hibernate.



Le 7 juin 2012 à 13:22, Ingela Andin a écrit :

> Hi!
> If you do not care about certificates you can use an anonymous chiper
> suite. You have to
> explicitly give such suites as arguments as they are not supported by
> default for security reasons. This of course  will  save you some
> memory as there are no own or peer certificate that will be saved. We
> are also curious to know what you think is an acceptable  memory
> footprint and why?
> Regards Ingela Erlang/OTP team Ericsson AB
> 2012/6/7 Morgan Segalis <msegalis@REDACTED>:
>> Hi everyone,
>> As always (for those who remember my old posts), I'm looking to reduce the memory footprint of a secure connection to my server.
>> I'm right now looking into doing my own Diffie-Hellman key exchange + AES 128-bit encryption over a TCP connection instead of using Erlang SSL.
>> Using SSL with this kinda feels like using a bazooka for smashing a fly.
>> The thing is, I do not really need certificates, since the connection url is embedded in a application, and it is using a proprietary protocol.
>> Before trying to implement this solution, I would like to hear pros and cons, from Erlang experts on this mailing lists ! (others are welcome too of course ;-) )
>> I'm actually looking to implement the same thing as here http://blog.diginux.net/2006/11/15/adding-aes-encryption-to-erlang-chat/
>> Thanks for your help.
>> _______________________________________________
>> erlang-questions mailing list
>> erlang-questions@REDACTED
>> http://erlang.org/mailman/listinfo/erlang-questions

More information about the erlang-questions mailing list