Title: Birthday attacks against TLS ciphers with 64bit block size vulnerability (Sweet32)
CVEID: CVE-2016-2183
Threat: "Legacy block ciphers having block size of 64 bits are vulnerable to a practical collision attack when used in CBC mode.
All versions of SSL/TLS protocol support cipher suites which use DES or 3DES as the symmetric encryption cipher are affected."
Impact: Remote attackers can obtain cleartext data via a birthday attack against a long-duration encrypted session.
Solution: "Disable and stop using DES and 3DES ciphers.
The following openssl commands can be used to do a manual test:
openssl s_client -connect ip:port -cipher ""DES:3DES"" -ssl2
openssl s_client -connect ip:port -cipher ""DES:3DES"" -ssl3
openssl s_client -connect ip:port -cipher ""DES:3DES"" -tls1
openssl s_client -connect ip:port -cipher ""DES:3DES"" -tls1_1
openssl s_client -connect ip:port -cipher ""DES:3DES"" -tls1_2
If any of these tests is successful, then the target is vulnerable to Sweet32."
Fix: In file /etc/tomcat/server.xml remove SSL_RSA_WITH_3DES_EDE_CBC_SHA and TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA
Post modifying file should look like below
ciphers="TLS_RSA_WITH_AES_256_CBC_SHA,
TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA,
TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA,
TLS_ECDH_RSA_WITH_AES_128_CBC_SHA,
TLS_ECDH_RSA_WITH_AES_256_CBC_SHA,
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA"
No comments:
Post a Comment