Insecure Transport Layer due to weak protocol and cipher

Details:

Any area of a web application that possibly contains sensitive information or access to privileged functionality such as remote site administration functionality should utilize TLS 1.2 for confidentiality and strongest ciphers for encryption to prevent information from being sniffed or otherwise intercepted or stolen.

The Transport Layer Security (TLS) and Secure Sockets Layer (SSL) protocols provide a mechanism to help protect authenticity, confidentiality and integrity of the data transmitted between a client and web server. The strength of this protection mechanism is determined by the authentication, encryption and hashing algorithms, collectively known as a cipher suite, chosen for the transmission of sensitive information over the TLS/SSL channel. Most Web servers support a range of such cipher suites of varying strengths. Using a weak cipher or an encryption key of insufficient length, for example, could allow an attacker to defeat the protection mechanism and steal or modify sensitive information. If misconfigured, a web server could be manipulated into choosing weak cipher suites. 

Probable Root cause:

1.     The server uses weak ciphers or encryption method during communication. Weak ciphers are generally defined as:

2.     Any cipher with key length less than 128 bits

3.     Export-class cipher suites

4.     NULL ciphers

5.     Ciphers that support unauthenticated modes

6.     Ciphers assessed at security strengths below 112 bits · All RC4 ciphers

7.     Use of insecure protocol versions will weaken the strength of the transport protection and could allow an attacker to compromise, steal or modify sensitive information. 

Probable Recommendations.

1. Configuring the server container like tomcat or jboss to implement “HTTPS” protocol.

2. For Apache, modify the following lines in the server configuration · SSL Protocol ALL –SSLv2 -SSLv3 -TLSv1 

3. Both NIST 800-52 revision 1 and PCI DSS v3.1 strongly recommend upgrade to the latest version of TLS available, TLS 1.2. Or, at a minimum an upgrade to TLS 1.1. 

4. TLS 1.2 servers should be configured to support the following cipher suites at minimum to meet the NIST 800-52 revision 1 requirement

1. TLS_RSA_WITH_AES_256_GCM_SHA384
2. TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256/ GCM_SHA256/256_GCM_SHA384
3. TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256/ GCM_SHA256.
5. TLS 1.2 servers can be configured to support the following cipher suite: TLS_RSA_WITH_AES_128_GCM_SHA256