Page 1 of 1

Disable certain Ciphers

Posted: 2014-07-17 15:43
by csk419
Is it possible to disable certain ciphers?
Looking to disable IDEA-CBC-SHA, RC4-SHA, RC4-MD5, RC4-MD5.

Re: Disable certian Ciphers

Posted: 2014-07-18 07:31
by botg
Client or server?

Of the ones you listed, the client only support RC4-SHA1, the others are already disabled.

The server currently has no way to specify which ciphers to use. Right now I don't even know whether it supports RC4 or IDEA.

Re: Disable certian Ciphers

Posted: 2014-07-18 09:19
by csk419
We have a client that is requesting that they be disabled for security reasons. They come up on his scan as open, his scan results are listed below. any idea why they would be listed then.

Here is the full output:

Testing ECDHE-RSA-AES256-GCM-SHA384...NONE
Testing ECDHE-ECDSA-AES256-GCM-SHA384...NONE
Testing ECDHE-RSA-AES256-SHA384...NONE
Testing ECDHE-ECDSA-AES256-SHA384...NONE Testing ECDHE-RSA-AES256-SHA...NONE Testing ECDHE-ECDSA-AES256-SHA...NONE Testing SRP-DSS-AES-256-CBC-SHA...NONE Testing SRP-RSA-AES-256-CBC-SHA...NONE Testing DHE-DSS-AES256-GCM-SHA384...NONE Testing DHE-RSA-AES256-GCM-SHA384...NONE Testing DHE-RSA-AES256-SHA256...NONE Testing DHE-DSS-AES256-SHA256...NONE Testing DHE-RSA-AES256-SHA...NONE Testing DHE-DSS-AES256-SHA...NONE Testing DHE-RSA-CAMELLIA256-SHA...NONE Testing DHE-DSS-CAMELLIA256-SHA...NONE Testing AECDH-AES256-SHA...NONE Testing SRP-AES-256-CBC-SHA...NONE Testing ADH-AES256-GCM-SHA384...NONE Testing ADH-AES256-SHA256...NONE Testing ADH-AES256-SHA...NONE Testing ADH-CAMELLIA256-SHA...NONE Testing ECDH-RSA-AES256-GCM-SHA384...NONE Testing ECDH-ECDSA-AES256-GCM-SHA384...NONE
Testing ECDH-RSA-AES256-SHA384...NONE
Testing ECDH-ECDSA-AES256-SHA384...NONE
Testing ECDH-RSA-AES256-SHA...NONE
Testing ECDH-ECDSA-AES256-SHA...NONE
Testing AES256-GCM-SHA384...NONE
Testing AES256-SHA256...NONE
Testing AES256-SHA...YES
Testing CAMELLIA256-SHA...NONE
Testing PSK-AES256-CBC-SHA...NONE
Testing ECDHE-RSA-DES-CBC3-SHA...NONE
Testing ECDHE-ECDSA-DES-CBC3-SHA...NONE
Testing SRP-DSS-3DES-EDE-CBC-SHA...NONE
Testing SRP-RSA-3DES-EDE-CBC-SHA...NONE
Testing EDH-RSA-DES-CBC3-SHA...NONE
Testing EDH-DSS-DES-CBC3-SHA...NONE
Testing AECDH-DES-CBC3-SHA...NONE
Testing SRP-3DES-EDE-CBC-SHA...NONE
Testing ADH-DES-CBC3-SHA...NONE
Testing ECDH-RSA-DES-CBC3-SHA...NONE
Testing ECDH-ECDSA-DES-CBC3-SHA...NONE
Testing DES-CBC3-SHA...YES
Testing DES-CBC3-MD5...NONE
Testing PSK-3DES-EDE-CBC-SHA...NONE
Testing ECDHE-RSA-AES128-GCM-SHA256...NONE
Testing ECDHE-ECDSA-AES128-GCM-SHA256...NONE
Testing ECDHE-RSA-AES128-SHA256...NONE
Testing ECDHE-ECDSA-AES128-SHA256...NONE Testing ECDHE-RSA-AES128-SHA...NONE Testing ECDHE-ECDSA-AES128-SHA...NONE Testing SRP-DSS-AES-128-CBC-SHA...NONE Testing SRP-RSA-AES-128-CBC-SHA...NONE Testing DHE-DSS-AES128-GCM-SHA256...NONE Testing DHE-RSA-AES128-GCM-SHA256...NONE Testing DHE-RSA-AES128-SHA256...NONE Testing DHE-DSS-AES128-SHA256...NONE Testing DHE-RSA-AES128-SHA...NONE Testing DHE-DSS-AES128-SHA...NONE Testing DHE-RSA-SEED-SHA...NONE Testing DHE-DSS-SEED-SHA...NONE Testing DHE-RSA-CAMELLIA128-SHA...NONE Testing DHE-DSS-CAMELLIA128-SHA...NONE Testing AECDH-AES128-SHA...NONE Testing SRP-AES-128-CBC-SHA...NONE Testing ADH-AES128-GCM-SHA256...NONE Testing ADH-AES128-SHA256...NONE Testing ADH-AES128-SHA...NONE Testing ADH-SEED-SHA...NONE Testing ADH-CAMELLIA128-SHA...NONE Testing ECDH-RSA-AES128-GCM-SHA256...NONE Testing ECDH-ECDSA-AES128-GCM-SHA256...NONE
Testing ECDH-RSA-AES128-SHA256...NONE
Testing ECDH-ECDSA-AES128-SHA256...NONE
Testing ECDH-RSA-AES128-SHA...NONE
Testing ECDH-ECDSA-AES128-SHA...NONE
Testing AES128-GCM-SHA256...NONE
Testing AES128-SHA256...NONE
Testing AES128-SHA...YES
Testing SEED-SHA...NONE
Testing CAMELLIA128-SHA...NONE
Testing IDEA-CBC-SHA...YES
Testing IDEA-CBC-MD5...NONE
Testing RC2-CBC-MD5...NONE
Testing PSK-AES128-CBC-SHA...NONE
Testing ECDHE-RSA-RC4-SHA...NONE
Testing ECDHE-ECDSA-RC4-SHA...NONE
Testing AECDH-RC4-SHA...NONE
Testing ADH-RC4-MD5...NONE
Testing ECDH-RSA-RC4-SHA...NONE
Testing ECDH-ECDSA-RC4-SHA...NONE
Testing RC4-SHA...YES
Testing RC4-MD5...YES
Testing RC4-MD5...YES
Testing PSK-RC4-SHA...NONE
Testing EDH-RSA-DES-CBC-SHA...NONE
Testing EDH-DSS-DES-CBC-SHA...NONE
Testing ADH-DES-CBC-SHA...NONE
Testing DES-CBC-SHA...NONE
Testing DES-CBC-MD5...NONE
Testing EXP-EDH-RSA-DES-CBC-SHA...NONE
Testing EXP-EDH-DSS-DES-CBC-SHA...NONE
Testing EXP-ADH-DES-CBC-SHA...NONE
Testing EXP-DES-CBC-SHA...NONE
Testing EXP-RC2-CBC-MD5...NONE
Testing EXP-RC2-CBC-MD5...NONE
Testing EXP-ADH-RC4-MD5...NONE
Testing EXP-RC4-MD5...NONE
Testing EXP-RC4-MD5...NONE
Testing ECDHE-RSA-NULL-SHA...NONE
Testing ECDHE-ECDSA-NULL-SHA...NONE
Testing AECDH-NULL-SHA...NONE
Testing ECDH-RSA-NULL-SHA...NONE
Testing ECDH-ECDSA-NULL-SHA...NONE
Testing NULL-SHA256...NONE
Testing NULL-SHA...NONE
Testing NULL-MD5...NONE

Re: Disable certian Ciphers

Posted: 2014-07-18 20:22
by botg
Ciphers using MD5 won't be supported in the next version of FileZilla Server.

If I may ask, what's the rationale behind not wanting to have IDEA-CBC-SHA?

Re: Disable certian Ciphers

Posted: 2014-07-20 20:58
by xeon
botg wrote:Ciphers using MD5 won't be supported in the next version of FileZilla Server.

If I may ask, what's the rationale behind not wanting to have IDEA-CBC-SHA?
Disabling RC4 makes more sense than anything else, since it's actually broken now. The attacks against it aren't very feasible right now, but they work.

As for disabling ciphers that use MD5, unless you're dropping all of RC4, I see no point. RC4-MD5 uses HMAC-MD5, which is still considered secure. You'd be getting the same level of security using RC4-MD5 or RC4-SHA.

My only problem with IDEA-CBC is the fact that it's operating in CBC-mode and that it's even slower than 3DES.

Re: Disable certain Ciphers

Posted: 2014-07-20 21:29
by botg
Disabling RC4 makes more sense than anything else, since it's actually broken now. The attacks against it aren't very feasible right now, but they work.
RC4 support will be removed soon.
RC4-MD5 uses HMAC-MD5, which is still considered secure
Do you have a reference regarding HMAC-MD5 still being considered secure?
My only problem with IDEA-CBC is the fact that it's operating in CBC-mode and that it's even slower than 3DES.
If speed would matter, people would encrypt using double-rot13. :)

Re: Disable certain Ciphers

Posted: 2014-07-20 23:54
by xeon
botg wrote:Do you have a reference regarding HMAC-MD5 still being considered secure?
https://news.ycombinator.com/item?id=7977798

Re: Disable certain Ciphers

Posted: 2014-07-21 08:02
by botg
After some digging I found this: http://cseweb.ucsd.edu/~mihir/papers/hmac-new.pdf