SSL/TLS

From dmfswiki
Jump to: navigation, search

Transport Layer Security (TLS) and its predecessor, Secure Sockets Layer (SSL), are cryptographic protocols designed to provide communication security over the Internet. [1]


Issues

Due to recently discovered attacks against TLS/SSL (Heartbleed, etc.) many users decide to ban older TLS versions from their server. TLSv1.2 is only supported by Android 4.1 and later. So if you are using an older Android version, you'll have to allow TLSv1 as well. See also: Supported SSL protocols by API level

POODLE

POODLE was yet another attack on the SSLv3 protocol. See here for reference: http://en.wikipedia.org/wiki/Poodle . As a workaround it is suggested to disable the SSLv3 protocol on the web server. However, and this important: only the protocol and not the ciphers were affected! Disabling the ciphers causes communication via TLSv1.1 to fail as no new ciphers were introduced but already existing ciphers marked as "SSLv3".

On Android 4 there's no intersection of ciphers any longer which result in a connection error (In Android 5 it works apparently). You can run the following command in a terminal to see the affected ciphers:

openssl ciphers -v 'TLSv1' | sort


Let's take the following configuration of an Apache2 server as a non-working example:


SSLProtocol all -SSLv2 -SSLv3

SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5:!SSLv3:!SSLv2


The first line is perfectly fine, it disables insecure protocols. The second line, however, disables all ciphers except for TLSv1.1.

Now, the question remains: is disabling the SSLv3 protocol sufficient? The answer is: yes, absolutely. POODLE was a protocol attack that exploited a certain encryption mode (CBC). Nevertheless, it's of course a wise idea to refuse broken ciphers like RC4 or or hash algorithms like MD5.