Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

SSL cipher order - needs verification #42

Closed
rafalfitt opened this issue May 23, 2023 · 9 comments
Closed

SSL cipher order - needs verification #42

rafalfitt opened this issue May 23, 2023 · 9 comments
Assignees
@HotCakeX
Labels
Good First Issue 👏 Good for newcomers Suggestion ⚡ Label used to describe New Security Measure Suggestions

Comments

@rafalfitt
Copy link
Contributor

rafalfitt commented May 23, 2023
edited
Loading

Web page https://ssl-config.mozilla.org/#server=apache&version=2.4.41&config=intermediate&openssl=1.1.1k&guideline=5.7 suggests quite different ordering of SSL ciphers.
@rafalfitt rafalfitt added the Suggestion ⚡ Label used to describe New Security Measure Suggestions label May 23, 2023
@rafalfitt
Copy link
Contributor Author

IMHO TLS 1.3 cipher suites should be prioritized.

@rafalfitt
Copy link
Contributor Author

some recommendations:
https://developers.cloudflare.com/ssl/reference/cipher-suites/recommendations/

@HotCakeX HotCakeX added the Good First Issue 👏 Good for newcomers label May 23, 2023
@HotCakeX
Copy link
Owner

Hi @rafalfitt

So I use the following TLS cipher suites

TLS_CHACHA20_POLY1305_SHA256
TLS_AES_256_GCM_SHA384
TLS_AES_128_GCM_SHA256
TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
TLS_DHE_RSA_WITH_AES_128_GCM_SHA256

The top 3 that are prioritized the highest, are TLS 1.3 only

TLS_CHACHA20_POLY1305_SHA256
TLS_AES_256_GCM_SHA384
TLS_AES_128_GCM_SHA256

The rest of them are TLS 1.2 only

TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
TLS_DHE_RSA_WITH_AES_128_GCM_SHA256

I used Microsoft's source: https://learn.microsoft.com/en-us/power-platform/admin/server-cipher-tls-requirements

There is also Mozilla's source confirming it:
https://wiki.mozilla.org/Security/Server_Side_TLS

Also used this to double check: https://ciphersuite.info/

It can however still be improved. I can remove CBC ones as they are not secure but I will need to test it to see if it won't break anything, or at least not too much.

TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256

Please let me know what you think ^^

@HotCakeX
Copy link
Owner

HotCakeX commented May 23, 2023
edited
Loading

By the way not all of the Cipher Suites shown in Cloudflare website are available in Windows
https://learn.microsoft.com/en-us/windows/win32/secauthn/tls-cipher-suites-in-windows-11

@rafalfitt
Copy link
Contributor Author

  1. IMHO CBC is no longer OK
  2. from all these links: TLS_CHACHA20_POLY1305_SHA256 is never priority #1

@rafalfitt
Copy link
Contributor Author

although you might be right with ChaCha:
https://techcommunity.microsoft.com/t5/networking-blog/enabling-http-3-support-on-windows-server-2022/bc-p/2748089/highlight/true#M395

@rafalfitt
Copy link
Contributor Author

"funny" that TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 is NOT allowed by SCH_USE_STRONG_CRYPTO

@HotCakeX
Copy link
Owner

Thank you for bringing it up,

TLS_ECDHE_RSA is faster than TLS_DHE_RSA because it uses elliptic curve cryptography instead of normal Diffie-Hellman key exchange https://security.stackexchange.com/questions/14731/what-is-ecdhe-rsa

When i was doing research i found out its safer too.

And you're totally right, CBC needs to go, i will remove it after i perform some tests tomorrow

@HotCakeX
Copy link
Owner

Hi, I've updated the group policies with the change

5b5be1f

HotCakeX referenced this issue May 30, 2023
@HotCakeX
Updated TLS Cipher Suites, ECC Curves and a new TopSecurity item
5b5be1f 
Added Untrusted Font Blocking Mitigation to the Top Security category
Configured TLS category by removing the insecure CBC TLS Cipher Suites, Please view GitHub Readme TLS section for more info.
Configured TLS ECC Curves to utilize more secure curves.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@HotCakeX HotCakeX

Labels
Good First Issue 👏 Good for newcomers Suggestion ⚡ Label used to describe New Security Measure Suggestions
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@rafalfitt @HotCakeX