TLS Survey for May 2014
by Hubert Kario
Hi all,
I've scanned the Alexa top 1 million again.
Since we've had Heartbleed in between this and previous scan,
the differences are visible.
Key points:
* percent of RC4 only servers is falling (is 1.38%, was 1.77%)
* percent of sites that prefer RC4 has fallen by small amount (is 18.7%,
was 19.5%)...
* ...but percent of sites that use RC4 in TLS1.1+ has grown (is 11.78%,
was 10.4%)
* percent of certificates signed with SHA256 has grown significantly
(is 10%, was 5.2%)
* emergence of first sites that use only certificates signed with ECDSA
* number of sites supporting TLS1.2 continues to grow (is 54%,
was 47%)
SSL/TLS survey of 318366 websites from Alexa's top 1 million
Stats only from connections that did provide valid certificates
(or anonymous DH from servers that do also have valid certificate
installed)
Supported Ciphers Count Percent
-------------------------+---------+-------
3DES 276767 86.9336
3DES Only 138 0.0433
AES 296231 93.0473
AES Only 931 0.2924
AES-CBC Only 589 0.185
AES-GCM 121700 38.2264
AES-GCM Only 4 0.0013
CAMELLIA 127348 40.0005
CAMELLIA Only 1 0.0003
CHACHA20 19834 6.2299
RC4 283666 89.1006
RC4 Only 4401 1.3824
RC4 Preferred 59422 18.6647
RC4 forced in TLS1.1+ 37507 11.7811
z:ADH-DES-CBC-SHA 1031 0.3238
z:ADH-SEED-SHA 863 0.2711
z:AECDH-NULL-SHA 9 0.0028
z:DES-CBC-MD5 254 0.0798
z:DES-CBC-SHA 60478 18.9964
z:DHE-RSA-SEED-SHA 51890 16.2989
z:ECDHE-RSA-NULL-SHA 7 0.0022
z:EDH-RSA-DES-CBC-SHA 49291 15.4825
z:EXP-ADH-DES-CBC-SHA 625 0.1963
z:EXP-DES-CBC-SHA 49466 15.5375
z:EXP-EDH-RSA-DES-CBC-SHA 35342 11.1011
z:EXP-RC2-CBC-MD5 46932 14.7415
z:IDEA-CBC-MD5 27 0.0085
z:IDEA-CBC-SHA 51847 16.2853
z:NULL-MD5 319 0.1002
z:NULL-SHA 313 0.0983
z:NULL-SHA256 10 0.0031
z:RC2-CBC-MD5 281 0.0883
z:SEED-SHA 65444 20.5562
Supported Handshakes Count Percent
-------------------------+---------+-------
DHE 153909 48.3434
ECDHE 134412 42.2193
Supported PFS Count Percent PFS Percent
-------------------------+---------+--------+-----------
DH,1024bits 145147 45.5912 94.307
DH,2048bits 7568 2.3771 4.9172
DH,3072bits 2 0.0006 0.0013
DH,3248bits 2 0.0006 0.0013
DH,4096bits 428 0.1344 0.2781
DH,4097bits 2 0.0006 0.0013
DH,512bits 92 0.0289 0.0598
DH,768bits 673 0.2114 0.4373
ECDH,B-163,163bits 1 0.0003 0.0007
ECDH,B-571,570bits 294 0.0923 0.2187
ECDH,P-224,224bits 3 0.0009 0.0022
ECDH,P-256,256bits 133565 41.9533 99.3698
ECDH,P-384,384bits 165 0.0518 0.1228
ECDH,P-521,521bits 450 0.1413 0.3348
Prefer DH,1024bits 98851 31.0495 64.2269
Prefer DH,2048bits 2143 0.6731 1.3924
Prefer DH,4096bits 34 0.0107 0.0221
Prefer DH,512bits 1 0.0003 0.0006
Prefer DH,768bits 74 0.0232 0.0481
Prefer ECDH,B-163,163bits 1 0.0003 0.0007
Prefer ECDH,B-571,570bits 236 0.0741 0.1756
Prefer ECDH,P-256,256bits 94746 29.7601 70.4892
Prefer ECDH,P-384,384bits 115 0.0361 0.0856
Prefer ECDH,P-521,521bits 409 0.1285 0.3043
Prefer PFS 196610 61.756 0
Support PFS 245327 77.0582 0
Certificate sig alg Count Percent
-------------------------+---------+--------
None 9994 3.1392
ecdsa-with-SHA256 2 0.0006
sha1WithRSAEncryption 286277 89.9207
sha256WithRSAEncryption 32146 10.0972
Certificate key size Count Percent
-------------------------+---------+--------
ECDSA 384 2 0.0006
RSA 1024 1935 0.6078
RSA 2028 1 0.0003
RSA 2047 2 0.0006
RSA 2048 304898 95.7696
RSA 2049 2 0.0006
RSA 2056 3 0.0009
RSA 2058 1 0.0003
RSA 2060 1 0.0003
RSA 2064 1 0.0003
RSA 2080 3 0.0009
RSA 2084 4 0.0013
RSA 2345 1 0.0003
RSA 2408 1 0.0003
RSA 2432 60 0.0188
RSA 2536 1 0.0003
RSA 2612 1 0.0003
RSA 3000 1 0.0003
RSA 3050 1 0.0003
RSA 3072 19 0.006
RSA 3248 3 0.0009
RSA 3600 1 0.0003
RSA 4042 1 0.0003
RSA 4046 1 0.0003
RSA 4048 1 0.0003
RSA 4069 1 0.0003
RSA 4086 1 0.0003
RSA 4092 2 0.0006
RSA 4096 11427 3.5893
RSA 4098 1 0.0003
RSA 4192 2 0.0006
RSA 8192 3 0.0009
RSA/ECDSA Dual Stack 0 0.0
Supported Protocols Count Percent
-------------------------+---------+-------
SSL2 621 0.1951
SSL2 Only 73 0.0229
SSL3 314763 98.8683
SSL3 Only 3524 1.1069
SSL3 or TLS1 Only 140708 44.1969
TLS1 314191 98.6886
TLS1 Only 1117 0.3509
TLS1.1 164225 51.5837
TLS1.1 Only 8 0.0025
TLS1.1 or up Only 68 0.0214
TLS1.2 173049 54.3554
TLS1.2 Only 48 0.0151
TLS1.2, 1.0 but not 1.1 12720 3.9954
Scan performed between 7th and 15th of May 2014,
full results available upon request - 45MiB xz
tarball.
--
Regards,
Hubert Kario
Quality Engineer, QE BaseOS Security team
Email: hkario(a)redhat.com
Web: www.cz.redhat.com
Red Hat Czech s.r.o., Purkyňova 99/71, 612 45, Brno, Czech Republic
9 years, 5 months
[Secure Coding] master: Added RSA key generation procedures (56f3511)
by Eric Christensen
Repository : http://git.fedorahosted.org/git/?p=secure-coding.git
On branch : master
>---------------------------------------------------------------
commit 56f351145bcdd5edd7d2a00c25e0df4fd665ae7d
Author: Eric Christensen <echriste(a)redhat.com>
Date: Fri May 30 09:07:40 2014 -0400
Added RSA key generation procedures
>---------------------------------------------------------------
Securing_TLS/en-US/OpenSSL.xml | 31 +++++++++++++++++++++++++++++++
1 files changed, 31 insertions(+), 0 deletions(-)
diff --git a/Securing_TLS/en-US/OpenSSL.xml b/Securing_TLS/en-US/OpenSSL.xml
index 191564f..df458d9 100644
--- a/Securing_TLS/en-US/OpenSSL.xml
+++ b/Securing_TLS/en-US/OpenSSL.xml
@@ -160,5 +160,36 @@ EXP-KRB5-RC4-MD5 SSLv3
</para>
</section>
</section>
+ <section id="sect-Fedora_Security_Team-Securing_TLS-OpenSSL-Generating_Crypto">
+ <title>Generating Crypto</title>
+ <para>Properly generating keys and certificates is as important as the ciphers suite being used to secure the circuit. The best cipher can be broken with improperly generated keys.</para>
+
+ <section id="sect-Fedora_Security_Team-Securing_TLS-OpenSSL-Generating_Crypto-RSA">
+ <title>Generating RSA keys</title>
+ <para>RSA keys are the most common key type used to secure SSL and TLS circuits. It's relatively simple to generate keys and we'll describe how and why now.</para>
+ <para>
+<screen>
+openssl genrsa -aes128 -out key_name.key 3072
+</screen>
+This will generate a 3072-bit RSA key that is sufficently large for true 128 bits of security. To obtain 256 bits of security the RSA key will need to be 15360 bits. If you require that type of security, however, a ECDSA key should be utilized.
+<important><para>The industry standard 2048-bit RSA key only provides 112 bits of security.<footnote><para>NIST SP 800-57 Part 1, Rev 3 <ulink url="http://csrc.nist.gov/publications/nistpubs/800-57/sp800-57_part1_rev3_gen..." /></para></footnote></para></important>
+
+<screen>
+openssl rsa -in key_name.key -out key_name.key
+</screen>
+This simply removes the password that was placed on the key at generation. You can do this once you are sure you no longer need to protect the key (like when it's going to be used on the server).
+
+<screen>
+openssl req -new -key key_name.key -out key_name.csr
+</screen>
+This will generate a certificate signing request (<abbrev>CSR</abbrev>) to provide to your certificate authority (<abbrev>CA</abbrev>) for signing.
+
+<screen>
+openssl x509 -req -days 365 -sha384 -in key_name.csr -signkey key_name.key -out key_name.crt
+</screen>
+<emphasis>Optional</emphasis> - This last step isn't generally necessary. This is what the CA does on their side except they use their key in place of key_name.key to sign your key. By doing this you are creating a self-signed certificate which is not very useful and should only be used for testing purposes.
+ </para>
+ </section>
+ </section>
</chapter>
9 years, 5 months
Review of obs-sign
by Miroslav Suchý
Hi guys,
I would like to use obs-sign for signing packages in Copr.
Since this will be important part of Fedora, I would be glad if more people can see it and point out some problem if
there are any.
I already discussed it with Mitr, but more eyes is always better.
This is little bit premature, since I do not have rpm package ready yet (will be in 2 weeks aprox.).
The code is here:
https://github.com/openSUSE/obs-sign
Docs here:
http://en.opensuse.org/openSUSE:Build_Service_Signer
--
Miroslav Suchy, RHCE, RHCDS
Red Hat, Senior Software Engineer, #brno, #devexp, #fedora-buildsys
9 years, 5 months
available crypto policies
by Nikos Mavrogiannopoulos
Hello,
For the purposes of the Crypto Policies change proposal [0], I think
I've settled to the following three policy levels (inspired by the ENISA
levels but with a rename of the good LEGACY level to DEFAULT). Any
comments or suggestions are appreciated.
As these levels will be a moving target across releases (will provide
defaults that reflect the current state of the art), levels of previous
fedora releases will be referenced as LEVELNAME-F21.
[0]. https://fedoraproject.org/wiki/Changes/CryptoPolicy
regards,
Nikos
The levels and their current settings:
=====LEGACY=====
A level that may include algorithms with known weaknesses (but not
completely broken) which will ensure maximum compatibility with legacy
systems. It should provide at least 64-bit security and include RC4, but
not MD5 as signature algorithm.
MACs: MD5, SHA1+
Curves: All supported
Signature algorithms: must use SHA-1 hash or better
Ciphers: AES-GCM, AES-CBC, CAMELLIA-GCM, CAMELLIA-CBC, 3DES-CBC, RC4
Key exchange: ECDHE, RSA, DHE
DH params size: 768+
RSA params size: 768+
SSL Protocols: All supported (SSL3.0+)
=====DEFAULT======
A reasonable default for today's standards. For F21 it should provide
80-bit security and no broken ciphers like RC4.
MACs: SHA1+
Curves: All supported
Signature algorithms: must use SHA-1 hash or better
Ciphers: AES-GCM, AES-CBC, CAMELLIA-GCM, CAMELLIA-CBC, 3DES-CBC
Key exchange: ECDHE, RSA, DHE
DH params size: 1024+
RSA params size: 1024+
SSL Protocols: All supported (SSL3.0+)
=====FUTURE======
A level that will provide security on a conservative level that is
believed to withstand any near-term future attacks. That will be
an 128-bit security level, without including protocols with known
attacks available (e.g. SSL 3.0/TLS 1.0). This level may prevent
communication with commonly used systems that provide weaker security
levels (e.g., systems that use SHA-1 as signature algorithm).
MACs: SHA1+
Curves: All supported
Signature algorithms: must use SHA-256 hash or better
Ciphers: AES-GCM, AES-CBC, CAMELLIA-GCM, CAMELLIA-CBC
Key exchange: ECDHE, RSA, DHE
DH params size: 2048+
RSA params size: 2048+
SSL Protocols: TLS1.1+
9 years, 6 months
[Secure Coding] master: Added instructions for generating ECDSA keys (d335815)
by Eric Christensen
Repository : http://git.fedorahosted.org/git/?p=secure-coding.git
On branch : master
>---------------------------------------------------------------
commit d3358153498f9611886facb7608fce33c7e22f05
Author: Eric Christensen <echriste(a)redhat.com>
Date: Fri May 30 09:49:40 2014 -0400
Added instructions for generating ECDSA keys
>---------------------------------------------------------------
Securing_TLS/en-US/OpenSSL.xml | 20 ++++++++++++++++++++
1 files changed, 20 insertions(+), 0 deletions(-)
diff --git a/Securing_TLS/en-US/OpenSSL.xml b/Securing_TLS/en-US/OpenSSL.xml
index df458d9..1c9c403 100644
--- a/Securing_TLS/en-US/OpenSSL.xml
+++ b/Securing_TLS/en-US/OpenSSL.xml
@@ -190,6 +190,26 @@ openssl x509 -req -days 365 -sha384 -in key_name.csr -signkey key_name.key -out
<emphasis>Optional</emphasis> - This last step isn't generally necessary. This is what the CA does on their side except they use their key in place of key_name.key to sign your key. By doing this you are creating a self-signed certificate which is not very useful and should only be used for testing purposes.
</para>
</section>
+ <section id="sect-Fedora_Security_Team-Securing_TLS-OpenSSL-Generating_Crypto-ECDSA">
+ <title>Generating ECDSA keys</title>
+ <para>ECDSA keys are part of the latest generation of cryptography used in TLS-protected circuits. ECDSA keys do not have to be as large as an RSA key to provide similar protection.</para>
+ <para>The process for generating an ECDSA key is similar to that of RSA and we'll go over the commands now.
+
+<screen>
+openssl ecparam -genkey -name <emphasis>curve</emphasis> -out key_name.pem
+</screen>
+In this command you must provide the name of the curve to use. There are many curves to choose from but based on your particular installation of OpenSSL your choices may be limited. To determine what curves are available you run <command>openssl ecparam -list_curves</command>.
+<screen>
+openssl req -new -key key_name.key -out key_name.csr
+</screen>
+This will generate a certificate signing request (<abbrev>CSR</abbrev>) to provide to your certificate authority (<abbrev>CA</abbrev>) for signing.
+<note><para>It's important to find a CA that will sign your ECDSA key with an ECDSA key to keep the security level high.</para></note>
+<screen>
+openssl req -x509 -newkey ecdsa:ECC_params.pem -keyout server.key -out server.crt -subj /CN=localhost -nodes -batch
+</screen>
+This command will actually generate a self-signed certificate in one swipe.
+ </para>
+ </section>
</section>
</chapter>
9 years, 6 months
[Secure Coding] master: Added installation instructions (72a9fc4)
by Eric Christensen
Repository : http://git.fedorahosted.org/git/?p=secure-coding.git
On branch : master
>---------------------------------------------------------------
commit 72a9fc4d7c028bb31493c9d317289f9ba6a4d378
Author: Eric Christensen <echriste(a)redhat.com>
Date: Fri May 30 09:16:12 2014 -0400
Added installation instructions
>---------------------------------------------------------------
Securing_TLS/en-US/mod_ssl.xml | 6 ++++++
1 files changed, 6 insertions(+), 0 deletions(-)
diff --git a/Securing_TLS/en-US/mod_ssl.xml b/Securing_TLS/en-US/mod_ssl.xml
index 365b0bb..2edbade 100644
--- a/Securing_TLS/en-US/mod_ssl.xml
+++ b/Securing_TLS/en-US/mod_ssl.xml
@@ -8,6 +8,12 @@
<para>
<application>Apache</application> web server utilizes <application>mod_ssl</application> to utilize OpenSSL for cryptography. Configuration is handled by the <filename>/etc/httpd/conf.d/ssl.conf</filename> file and can be modified to support a wide range of ciphers and protocols.
</para>
+ <section id="sect-Fedora_Security_Team-Securing_TLS-mod_ssl-installation">
+ <title>Installation</title>
+ <para>
+ To install <application>mod_ssl</application> using <application>yum</application> just issue the following command: <command>yum install mod_ssl openssl</command>.
+ </para>
+ </section>
<section id="sect-Fedora_Security_Team-Securing_TLS-mod_ssl-configuration">
<title>Configuration</title>
<para>
9 years, 6 months
[Secure Coding] master: Merge branch 'master' of git+ssh://git.fedorahosted.org/git/secure-coding (cd5d541)
by Eric Christensen
Repository : http://git.fedorahosted.org/git/?p=secure-coding.git
On branch : master
>---------------------------------------------------------------
commit cd5d541f38b537dae64a2cf314600f64f94f6bef
Merge: 56f3511 a9229ae
Author: Eric Christensen <echriste(a)redhat.com>
Date: Fri May 30 09:07:58 2014 -0400
Merge branch 'master' of git+ssh://git.fedorahosted.org/git/secure-coding
>---------------------------------------------------------------
.../en-US/snippets/Go-Error_Handling-IO.xml | 25 ++++++++++++++++++++
.../en-US/snippets/Go-Error_Handling-Regular.xml | 23 ++++++++++++++++++
2 files changed, 48 insertions(+), 0 deletions(-)
diff --git a/defensive-coding/en-US/snippets/Go-Error_Handling-IO.xml b/defensive-coding/en-US/snippets/Go-Error_Handling-IO.xml
new file mode 100644
index 0000000..818d1da
--- /dev/null
+++ b/defensive-coding/en-US/snippets/Go-Error_Handling-IO.xml
@@ -0,0 +1,25 @@
+<?xml version='1.0' encoding='utf-8' ?>
+<!DOCTYPE programlisting PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+]>
+<!-- Automatically generated file. Do not edit. -->
+<programlisting language="C">
+func IOError(r io.Reader, buf []byte, processor Processor,
+ handler ErrorHandler) (message string, err error) {
+ n, err := r.Read(buf)
+ // First check for available data.
+ if n > 0 {
+ message, err = processor.Process(buf[0:n])
+ // Regular error handling.
+ if err != nil {
+ handler.Handle(err)
+ return "", err
+ }
+ }
+ // Then handle any error.
+ if err != nil {
+ handler.Handle(err)
+ return "", err
+ }
+ return
+}
+</programlisting>
diff --git a/defensive-coding/en-US/snippets/Go-Error_Handling-Regular.xml b/defensive-coding/en-US/snippets/Go-Error_Handling-Regular.xml
new file mode 100644
index 0000000..c7f4bc7
--- /dev/null
+++ b/defensive-coding/en-US/snippets/Go-Error_Handling-Regular.xml
@@ -0,0 +1,23 @@
+<?xml version='1.0' encoding='utf-8' ?>
+<!DOCTYPE programlisting PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+]>
+<!-- Automatically generated file. Do not edit. -->
+<programlisting language="C">
+type Processor interface {
+ Process(buf []byte) (message string, err error)
+}
+
+type ErrorHandler interface {
+ Handle(err error)
+}
+
+func RegularError(buf []byte, processor Processor,
+ handler ErrorHandler) (message string, err error) {
+ message, err = processor.Process(buf)
+ if err != nil {
+ handler.Handle(err)
+ return "", err
+ }
+ return
+}
+</programlisting>
9 years, 6 months
[Secure Coding] master: Add auto-generated XML for the Go code snippets (a9229ae)
by fweimer@fedoraproject.org
Repository : http://git.fedorahosted.org/git/?p=secure-coding.git
On branch : master
>---------------------------------------------------------------
commit a9229ae8c68586898bf6d49487c05e511131f7a1
Author: Florian Weimer <fweimer(a)redhat.com>
Date: Fri May 30 14:29:22 2014 +0200
Add auto-generated XML for the Go code snippets
>---------------------------------------------------------------
.../en-US/snippets/Go-Error_Handling-IO.xml | 25 ++++++++++++++++++++
.../en-US/snippets/Go-Error_Handling-Regular.xml | 23 ++++++++++++++++++
2 files changed, 48 insertions(+), 0 deletions(-)
diff --git a/defensive-coding/en-US/snippets/Go-Error_Handling-IO.xml b/defensive-coding/en-US/snippets/Go-Error_Handling-IO.xml
new file mode 100644
index 0000000..818d1da
--- /dev/null
+++ b/defensive-coding/en-US/snippets/Go-Error_Handling-IO.xml
@@ -0,0 +1,25 @@
+<?xml version='1.0' encoding='utf-8' ?>
+<!DOCTYPE programlisting PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+]>
+<!-- Automatically generated file. Do not edit. -->
+<programlisting language="C">
+func IOError(r io.Reader, buf []byte, processor Processor,
+ handler ErrorHandler) (message string, err error) {
+ n, err := r.Read(buf)
+ // First check for available data.
+ if n > 0 {
+ message, err = processor.Process(buf[0:n])
+ // Regular error handling.
+ if err != nil {
+ handler.Handle(err)
+ return "", err
+ }
+ }
+ // Then handle any error.
+ if err != nil {
+ handler.Handle(err)
+ return "", err
+ }
+ return
+}
+</programlisting>
diff --git a/defensive-coding/en-US/snippets/Go-Error_Handling-Regular.xml b/defensive-coding/en-US/snippets/Go-Error_Handling-Regular.xml
new file mode 100644
index 0000000..c7f4bc7
--- /dev/null
+++ b/defensive-coding/en-US/snippets/Go-Error_Handling-Regular.xml
@@ -0,0 +1,23 @@
+<?xml version='1.0' encoding='utf-8' ?>
+<!DOCTYPE programlisting PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
+]>
+<!-- Automatically generated file. Do not edit. -->
+<programlisting language="C">
+type Processor interface {
+ Process(buf []byte) (message string, err error)
+}
+
+type ErrorHandler interface {
+ Handle(err error)
+}
+
+func RegularError(buf []byte, processor Processor,
+ handler ErrorHandler) (message string, err error) {
+ message, err = processor.Process(buf)
+ if err != nil {
+ handler.Handle(err)
+ return "", err
+ }
+ return
+}
+</programlisting>
9 years, 6 months
[Secure Coding] master: Added cipher suite list for HIGH, MEDIUM, LOW, and EXPORT. (76d3687)
by Eric Christensen
Repository : http://git.fedorahosted.org/git/?p=secure-coding.git
On branch : master
>---------------------------------------------------------------
commit 76d368729c5e58a8ffb4f53247d22882a69c5978
Author: Eric Christensen <echriste(a)redhat.com>
Date: Thu May 29 15:16:08 2014 -0400
Added cipher suite list for HIGH, MEDIUM, LOW, and EXPORT.
>---------------------------------------------------------------
Securing_TLS/en-US/OpenSSL.xml | 148 +++++++++++++++++++++++++++++++++++++---
1 files changed, 138 insertions(+), 10 deletions(-)
diff --git a/Securing_TLS/en-US/OpenSSL.xml b/Securing_TLS/en-US/OpenSSL.xml
index 115c8e9..191564f 100644
--- a/Securing_TLS/en-US/OpenSSL.xml
+++ b/Securing_TLS/en-US/OpenSSL.xml
@@ -12,25 +12,153 @@
<title>Cipher Categories</title>
<para><application>OpenSSL</application> groups cipher suites together into easy to define sets that make it easy to implement encryption that makes sense for individual systems. These sets include <literal>HIGH</literal>, <literal>MEDIUM</literal>, <literal>LOW</literal>, <literal>EXPORT</literal>, and <literal>DEFAULT</literal>. By utilizing one, or a combination, of these sets in configuration files, the systems administrator can define many ciphers at once.</para>
<section id="sect-Fedora_Security_Team-Securing_TLS-OpenSSL-Cipher_Categories-High">
- <title>High Ciphers</title>
- <para />
+ <title><literal>High</literal> Ciphers</title>
+ <para><literal>HIGH</literal> ciphers are the ciphers that offer the best protection (generally speaking these cipher suites provide robust 128-bits of security although this is does not hold up completely).</para>
+ <para>The current <literal>HIGH</literal> cipher suites offered by OpenSSL (version 1.0.1e) are:
+<screen>
+ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2
+ECDHE-ECDSA-AES256-GCM-SHA384 TLSv1.2
+ECDHE-RSA-AES256-SHA384 TLSv1.2
+ECDHE-ECDSA-AES256-SHA384 TLSv1.2
+ECDHE-RSA-AES256-SHA SSLv3
+ECDHE-ECDSA-AES256-SHA SSLv3
+DHE-DSS-AES256-GCM-SHA384 TLSv1.2
+DHE-RSA-AES256-GCM-SHA384 TLSv1.2
+DHE-RSA-AES256-SHA256 TLSv1.2
+DHE-DSS-AES256-SHA256 TLSv1.2
+DHE-RSA-AES256-SHA SSLv3
+DHE-DSS-AES256-SHA SSLv3
+DHE-RSA-CAMELLIA256-SHA SSLv3
+DHE-DSS-CAMELLIA256-SHA SSLv3
+AECDH-AES256-SHA SSLv3
+ADH-AES256-GCM-SHA384 TLSv1.2
+ADH-AES256-SHA256 TLSv1.2
+ADH-AES256-SHA SSLv3
+ADH-CAMELLIA256-SHA SSLv3
+ECDH-RSA-AES256-GCM-SHA384 TLSv1.2
+ECDH-ECDSA-AES256-GCM-SHA384 TLSv1.2
+ECDH-RSA-AES256-SHA384 TLSv1.2
+ECDH-ECDSA-AES256-SHA384 TLSv1.2
+ECDH-RSA-AES256-SHA SSLv3
+ECDH-ECDSA-AES256-SHA SSLv3
+AES256-GCM-SHA384 TLSv1.2
+AES256-SHA256 TLSv1.2
+AES256-SHA SSLv3
+CAMELLIA256-SHA SSLv3
+PSK-AES256-CBC-SHA SSLv3
+ECDHE-RSA-DES-CBC3-SHA SSLv3
+ECDHE-ECDSA-DES-CBC3-SHA SSLv3
+EDH-RSA-DES-CBC3-SHA SSLv3
+EDH-DSS-DES-CBC3-SHA SSLv3
+AECDH-DES-CBC3-SHA SSLv3
+ADH-DES-CBC3-SHA SSLv3
+ECDH-RSA-DES-CBC3-SHA SSLv3
+ECDH-ECDSA-DES-CBC3-SHA SSLv3
+DES-CBC3-SHA SSLv3
+DES-CBC3-MD5 SSLv2
+PSK-3DES-EDE-CBC-SHA SSLv3
+KRB5-DES-CBC3-SHA SSLv3
+KRB5-DES-CBC3-MD5 SSLv3
+ECDHE-RSA-AES128-GCM-SHA256 TLSv1.2
+ECDHE-ECDSA-AES128-GCM-SHA256 TLSv1.2
+ECDHE-RSA-AES128-SHA256 TLSv1.2
+ECDHE-ECDSA-AES128-SHA256 TLSv1.2
+ECDHE-RSA-AES128-SHA SSLv3
+ECDHE-ECDSA-AES128-SHA SSLv3
+DHE-DSS-AES128-GCM-SHA256 TLSv1.2
+DHE-RSA-AES128-GCM-SHA256 TLSv1.2
+DHE-RSA-AES128-SHA256 TLSv1.2
+DHE-DSS-AES128-SHA256 TLSv1.2
+DHE-RSA-AES128-SHA SSLv3
+DHE-DSS-AES128-SHA SSLv3
+DHE-RSA-CAMELLIA128-SHA SSLv3
+DHE-DSS-CAMELLIA128-SHA SSLv3
+AECDH-AES128-SHA SSLv3
+ADH-AES128-GCM-SHA256 TLSv1.2
+ADH-AES128-SHA256 TLSv1.2
+ADH-AES128-SHA SSLv3
+ADH-CAMELLIA128-SHA SSLv3
+ECDH-RSA-AES128-GCM-SHA256 TLSv1.2
+ECDH-ECDSA-AES128-GCM-SHA256 TLSv1.2
+ECDH-RSA-AES128-SHA256 TLSv1.2
+ECDH-ECDSA-AES128-SHA256 TLSv1.2
+ECDH-RSA-AES128-SHA SSLv3
+ECDH-ECDSA-AES128-SHA SSLv3
+AES128-GCM-SHA256 TLSv1.2
+AES128-SHA256 TLSv1.2
+AES128-SHA SSLv3
+CAMELLIA128-SHA SSLv3
+PSK-AES128-CBC-SHA SSLv3
+</screen>
+ </para>
</section>
<section id="sect-Fedora_Security_Team-Securing_TLS-OpenSSL-Cipher_Categories-Medium">
<title>Medium Ciphers</title>
- <para />
+ <para><literal>MEDIUM</literal> ciphers are the ciphers that offer moderate protection and should not be used for any serious security. Many times these ciphers are used for interoperability but that should really be few and far between.</para>
+ <para>The current <literal>MEDIUM</literal> cipher suites offered by OpenSSL (version 1.0.1e) are:
+<screen>
+DHE-RSA-SEED-SHA SSLv3
+DHE-DSS-SEED-SHA SSLv3
+ADH-SEED-SHA SSLv3
+SEED-SHA SSLv3
+IDEA-CBC-SHA SSLv3
+IDEA-CBC-MD5 SSLv2
+RC2-CBC-MD5 SSLv2
+KRB5-IDEA-CBC-SHA SSLv3
+KRB5-IDEA-CBC-MD5 SSLv3
+ECDHE-RSA-RC4-SHA SSLv3
+ECDHE-ECDSA-RC4-SHA SSLv3
+AECDH-RC4-SHA SSLv3
+ADH-RC4-MD5 SSLv3
+ECDH-RSA-RC4-SHA SSLv3
+ECDH-ECDSA-RC4-SHA SSLv3
+RC4-SHA SSLv3
+RC4-MD5 SSLv3
+RC4-MD5 SSLv2
+PSK-RC4-SHA SSLv3
+KRB5-RC4-SHA SSLv3
+KRB5-RC4-MD5 SSLv3
+</screen>
+ </para>
</section>
<section id="sect-Fedora_Security_Team-Securing_TLS-OpenSSL-Cipher_Categories-Low">
<title>Low Ciphers</title>
- <para />
+ <para><literal>LOW</literal> ciphers are the ciphers that offer little to no protection and should not be used for any serious security. Many times these ciphers are used for interoperability but that should really be few and far between.</para>
+ <para>The current <literal>LOW</literal> cipher suites offered by OpenSSL (version 1.0.1e) are:
+<screen>
+EDH-RSA-DES-CBC-SHA SSLv3
+EDH-DSS-DES-CBC-SHA SSLv3
+ADH-DES-CBC-SHA SSLv3
+DES-CBC-SHA SSLv3
+DES-CBC-MD5 SSLv2
+KRB5-DES-CBC-SHA SSLv3
+KRB5-DES-CBC-MD5 SSLv3
+</screen>
+ </para>
</section>
<section id="sect-Fedora_Security_Team-Securing_TLS-OpenSSL-Cipher_Categories-Export">
<title>Export Ciphers</title>
- <para />
- </section>
- <section id="sect-Fedora_Security_Team-Securing_TLS-OpenSSL-Cipher_Categories-Default">
- <title>Default Ciphers</title>
- <para />
- </section>
+ <para><literal>EXPORT</literal> ciphers are the ciphers that offer little to no protection and should not be used for any serious security. Many times these ciphers are used for interoperability but that should really be few and far between.</para>
+ <para>The current <literal>EXPORT</literal> cipher suites offered by OpenSSL (version 1.0.1e) are:
+<screen>
+EXP-EDH-RSA-DES-CBC-SHA SSLv3
+EXP-EDH-DSS-DES-CBC-SHA SSLv3
+EXP-ADH-DES-CBC-SHA SSLv3
+EXP-DES-CBC-SHA SSLv3
+EXP-RC2-CBC-MD5 SSLv3
+EXP-RC2-CBC-MD5 SSLv2
+EXP-KRB5-RC2-CBC-SHA SSLv3
+EXP-KRB5-DES-CBC-SHA SSLv3
+EXP-KRB5-RC2-CBC-MD5 SSLv3
+EXP-KRB5-DES-CBC-MD5 SSLv3
+EXP-ADH-RC4-MD5 SSLv3
+EXP-RC4-MD5 SSLv3
+EXP-RC4-MD5 SSLv2
+EXP-KRB5-RC4-SHA SSLv3
+EXP-KRB5-RC4-MD5 SSLv3
+</screen>
+ </para>
+ </section>
</section>
</chapter>
9 years, 6 months