delinea.com
Open in
urlscan Pro
199.60.103.114
Public Scan
Submitted URL: https://thycotic.com/company/blog/2014/05/16/ssl-beyond-the-basics-part-2-ciphers/
Effective URL: https://delinea.com/blog/ssl-beyond-the-basics-part-2-ciphers
Submission: On October 29 via api from HU — Scanned from DE
Effective URL: https://delinea.com/blog/ssl-beyond-the-basics-part-2-ciphers
Submission: On October 29 via api from HU — Scanned from DE
Form analysis 1 forms found in the DOM
/search?searchString=&activeType=
<form action="/search?searchString=&activeType=">
<input type="text" id="site-search" class="hs-search-field__input" name="searchString" autocomplete="off" aria-label="Search" placeholder="">
<script nonce="">
// Add event listener for search button click
const el = document.querySelector('.header-links-search');
el.addEventListener("click", addFocus, false);
//add focus to search field once it displays
function addFocus() {
setTimeout(function() {
document.getElementById('site-search').focus()
}, 500)
}
</script>
<button aria-label="Search"><svg xmlns="http://www.w3.org/2000/svg" viewBox="0 0 512 512" width="24" height="16">
<title>Search</title>
<path fill="#fff"
d="M505 442.7L405.3 343c-4.5-4.5-10.6-7-17-7H372c27.6-35.3 44-79.7 44-128C416 93.1 322.9 0 208 0S0 93.1 0 208s93.1 208 208 208c48.3 0 92.7-16.4 128-44v16.3c0 6.4 2.5 12.5 7 17l99.7 99.7c9.4 9.4 24.6 9.4 33.9 0l28.3-28.3c9.4-9.4 9.4-24.6.1-34zM208 336c-70.7 0-128-57.2-128-128 0-70.7 57.2-128 128-128 70.7 0 128 57.2 128 128 0 70.7-57.2 128-128 128z">
</path>
</svg></button>
</form>Text Content
Skip to content
Services
Support
Contact
Blog
Search
Search
* Solutions
▼
* Secure Credentials
* Enterprise Vault
* DevOps Vault
* Service Account Management
* Privileged Remote Access
* Remote Admin Access
* VPN-less Browser Sessions
* Privilege & Entitlement Elevation
* Servers
* Workstations
* Cloud Infrastructure
* Identity Protection
* Detect & Remediate Threats
* Delinea Products
* Account Lifecycle Manager
* Cloud Suite
* Connection Manager
* DevOps Secrets Vault
* Identity Threat Protection
* Privileged Behavior Analytics
*
* Privilege Control for Cloud Entitlements
* Privilege Control for Servers
* Privilege Manager
* Privileged Remote Access
* Secret Server
* Server Suite
* Delinea Platform
* Delinea Platform
Seamlessly extend Privileged Access Management to provide just-in-time
access with easy, adaptive controls
View the Platform
* Use Cases
▼
* By common security issue
* Audit and Compliance
* Incident Response
* IT Complexity
* Privileged Access
Management Maturity
* Remote Workforce /
Secure Remote Access
* Service Account Management
* Zero Trust / Least Privilege
* By industry or sector
* Cyber Insurance
* Education
* Energy & Utilities
* Financial Services
* Government
* Healthcare
* Telecommunications
* By role and responsibility
* Cybersecurity Management
* DevOps
* IT Management
* Resources
▼
* Resource 1
* All Resources
* Analyst Reports
* Case Studies
* Conferences
* Datasheets
* Demos
* eBooks
* Free Tools
* Glossary
* Resources 2
* Infographics
* Podcasts
* Product Documentation
* Solution Briefs
* Videos
* Webinars
* Whitepapers
* Trials
* Promo Panel
*
* Company
▼
* About Delinea
* Delinea Overview
Seamless privileged access without the excess
* Leadership
Meet the team at Delinea
* Board of Directors
Our strategic advisors
* Company News
Read the latest Delinea News
* Careers
Discover your possibilities
* Contact Us
Here to help you define the boundaries of access
* Why Delinea
* Why Delinea
Proven leader in Privileged Access Management
* Trust Center
We’ve got you covered
* In the Press
Read the latest Delinea Press
* Social
Spread the word about Delinea
* Customers
* Customers
We work to keep your business moving forward
* Partners
▼
* Partner Program
* Program Overview
Partnership options with Delinea
* Partnership Inquires
Become a Partner or get in touch to talk
* Partner Resources
* Register a Deal
For Reseller, Technology and Trusted
Advisory Partners
* Partner Portal
All the resources you need, in one place
* Find a Partner
* Strategic Partnerships
Implement and operationalize PAM programs
* Integrations Marketplace
Making your privileged access goals a reality
* Free Trials
▼
* Trials 1
* Secret Server
Discover, manage, protect and audit privileged account access
* Account Lifecycle Manager
Discover, secure, provision, and decommission service accounts
* Privileged Behavior Analytics
Detect anomalies in privileged account behavior
* Trials 2
* Privilege Manager
Workstation endpoint privilege management and application control
* Server PAM
Manage identities and policies on servers
* DevOps Secrets Vault
Manage credentials for applications, databases, CI/CD tools, and services
* Trials 3
* All Trials
Try one of our PAM solutions free for 30 days
* All Tools
Free Privileged Account Security and Management Tools
* Request a Quote
We’re here to give you pricing when you’re ready
Delinea Blog > SSL beyond the basics part 2: Ciphers
SSL BEYOND THE BASICS PART 2: CIPHERS
Written by
Delinea Team
Share:
In our previous post, we discussed the different protocols for SSL and TLS, and
how we can improve security by disabling older, less secure protocols and
enabling newer, more secure ones. Today, we will talk about ciphers, which is
one of the key pieces to making these protocols work.
Here’s a quick refresher: In daily conversation, SSL is often used as a catchall
phrase for both SSL and TLS protocols. However, TLS is a more secure option for
data transmission. When Secret Server connects with a user’s browser, a
“handshake” or negotiation happens between the server and browser to decide
whether to use SSL or TLS and which version of the protocol will be used.
The negotiation phase includes a step to decide which ciphers, or what cipher
suite, will be used. TLS sessions use multiple ciphers, and each performs a
different type of operation, such as hashing, signing, or encrypting.
The security of ciphers can vary and some ciphers are supported only on a
particular version of TLS. Also, Microsoft’s implementation of TLS in their
SChannel library complicates the matter slightly because Microsoft only allows
certain ciphers to be used with certain types of certificates. For simplicity,
we’ll assume our web server’s HTTPS certificate is a standard RSA 2048
certificate with SHA1 as the signature hash algorithm and with TLS 1.0, 1.1, and
1.2 enabled.
A NOTE OF CAUTION
One side effect of configuring protocols and ciphers on Windows is that it makes
the changes for all software that relies on SChannel, not just Internet
Information Services (IIS). This can make it tricky to enforce strong cipher
suites for clients connecting to IIS without also impacting other software on
the server, such as Microsoft SQL Server.
Therefore, we recommend making all cipher configuration changes in a staging
environment to determine the impact on all software. The cipher suites you
choose to support will depend on the clients. If you can control which clients
are connecting to the server, then it can be assumed which ciphers are safe to
turn off. If you have little or no control over the clients, then some older
cipher suites must still be supported for compatibility reasons.
THE HANDSHAKE
A typical TLS handshake goes something like this:
During the handshake, the server and client are agreeing upon a master Secret.
Here are the details for how this happens: First, the client generates a
pre-master Secret, which it encrypts with the server’s RSA public key during the
Client Key Exchange step. Next, the server uses the RSA private key to decrypt
this pre-master Secret. Finally, the client and server use the pre-master
Secret, along with other information that was transmitted during the Client
Hello and Server Hello steps, to derive the master key.
Once the master key is created, it is used to generate a session key for all
communications during that session. This session key is a symmetric algorithm
such as AES. This poses one potentially big problem. If an attacker (or in this
case, we can all him a man-in-the-middle) were recording all of the encrypted
traffic sent between the client and server, the attacker would be able to
decrypt the TLS session if the server’s private key was ever leaked.
PERFECT FORWARD SECRECY
The secrecy problem above can be avoided by using what is called perfect forward
secrecy. This is done by using an ephemeral Diffie-Hellman key exchange instead
of using an RSA key exchange. The ephemeral key is only good for the duration of
the TLS session, which means that once the session is over, the session key is
no longer usable. Now, even if the session was recorded via a man-in-the-middle,
there is no key that could later be found and used to decrypt the session.
While Ephemeral Diffie-Hellman (or DHE) provides strong security, it has a big
impact on performance. Because the server is now generating these ephemeral keys
for each session, the handshake takes significantly longer.
To improve the speed of the Diffie-Hellman process, you can use Elliptic Curve
(together, this is called ECDHE). Although ECDHE doesn’t perform as well as a
static RSA key, it is comparable when used on modestly powered servers. The
downside is ECDHE is relatively new. While supported by new versions of desktop
browsers, it is not supported by some older smartphones and browsers.
In the case of Microsoft Windows, ECDHE requires TLS 1.2 and Windows Server
2012.
SYMMETRIC CIPHERS
The symmetric cipher is the algorithm used to encrypt data in the TLS session.
There have been many advances with the symmetric cipher over the past few years,
including authenticated ciphers such as AES in GCM mode. The strength of the
symmetric cipher is important when considering which cipher suites to support.
RC4
The RC4 cipher is one of the oldest ciphers still used in TLS today. Being a
stream cipher, RC4 provides good performance, which is crucial in small
computing devices, but more secure methods of encryption, such as AES, are
recommended.
Although RC4 saw an increase in popularity because it was not affected by the
recent BEAST vulnerability, it should still be phased out. RC4 does not provide
the same level of strength as ciphers that were affected by BEAST, and BEAST has
since been fixed in most clients.
There are still many clients that don’t support anything stronger than RC4, so
before phasing it out, manually audit its use. This can be done by disabling RC4
in an isolated environment and determining what no longer works.
AES
The AES algorithm is the next most popular and offers superior strength over RC4
and others. Its most common mode of operation is Cipher-Block-Chaining (CBC),
and a fairly new mode of operation is Galois/Counter Mode (GCM). AES-GCM is
recommended over AES-CBC because it is an authenticated cipher. An authenticated
cipher provides message integrity in the symmetric algorithm itself, whereas
non-authenticated ciphers need to rely on signed hashes for message integrity.
GCM is fairly new, but all modern clients should support it. However, keep in
mind that for Windows Server, GCM can only be used in Windows Server 2012.
AES comes with three different key sizes: 128, 192, and 256 bit. All of these
are safe for use in production, with 128 being the most common. The current
belief is that 128-bit provides adequate security, and the additional overhead
required for 256-bit may not be worth it. However, 256-bit is used in the wild.
It’s recommended to support AES-CBC and GCM cipher suites, and both 128 and 256
key variants. The order you prefer depends. It is common to set a preference in
this order: AES-GCM-128, AES-GCM-256, AES-CBC-128, and AES-CBC-256.
TripleDES
TripleDES, or 3DES, is an older cipher that has support back to Internet
Explorer 6 on Windows XP. Because it is not as strong as AES, it’s recommended
that 3DES be placed behind AES in symmetric cipher preference. 3DES does not
commonly operate in any mode other than CBC.
PRIVILEGED ACCESS MANAGEMENT FOR DUMMIES
Get smart about Privileged Account password security with this quick read.
Download Ebook
HASHING
AES-GCM is an authenticated algorithm and can both encrypt and protect the
integrity of the message. However, AES-CBC and many other encryption methods
cannot protect integrity. For this reason, signed hashes are used in addition to
the encryption method.
The two most common types of hashes are MD5 and SHA, with SHA having several
variants. The hash computes a digest of the message, which is then signed by the
server or client to verify its integrity.
MD5, while quite popular, is in the process of being phased out. MD5 is often
still supported with other older ciphers in cipher suites, such as RC4. Notably,
MD5 is not FIPS compliant, which may be a deciding factor for supporting it, for
some.
SHA1 is the most common hashing algorithm and is currently considered safe for
production use. However, the newer SHA256 is actively replacing SHA1. Supporting
both is recommended, with SHA256 coming before SHA1 in preference. SHA256 does
impact performance, but this is considered negligible compared with its security
improvements.
CHOOSING CIPHER SUITE ORDER
Given everything above, it is now possible to determine the preferred cipher
suite order. This order can be set in Windows Server with Group Policy under:
Computer Configuration > Administrative Templates > Network > SSL Configuration
Settings > SSL Cipher Suite Order setting.
Cipher suite configurations look like this:
TLS_RSA_WITH_AES_128_CBC_SHA256
This means that an RSA key exchange is used in conjunction with AES-128-CBC (the
symmetric cipher) and SHA256 hashing is used for message authentication.
The cipher order decides, starting from the top, which ciphers will be preferred
by the server. During the negotiation, the server will select a cipher that
meets the client and the server requirements by offering them in this order.
Here is an example cipher order that places newer, more secure ciphers, at the
top:
* TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256_P256
* TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256_P384
* TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256_P256
* TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256_P384
* TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA_P256
* TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA_P384
* TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA_P256
* TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA_P384
* TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256
* TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P384
* TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA_P256
* TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA_P384
* TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA_P256
* TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA_P384
* TLS_DHE_DSS_WITH_AES_128_CBC_SHA256
* TLS_DHE_DSS_WITH_AES_256_CBC_SHA256
* TLS_DHE_DSS_WITH_AES_128_CBC_SHA
* TLS_DHE_DSS_WITH_AES_256_CBC_SHA
* TLS_RSA_WITH_AES_128_CBC_SHA
* TLS_RSA_WITH_AES_256_CBC_SHA
* TLS_RSA_WITH_AES_128_CBC_SHA256
* TLS_RSA_WITH_AES_256_CBC_SHA256
DISABLING CIPHERS
While the above sets the order of preferred cipher suites, excluding a cipher
from the list does not prevent it from being used. For example, RC4 is not
included in the approved list above, but if it is not disabled, it could be used
if the client insists on using it. To permanently disable older ciphers, a
registry change is required. You can do this by adding subkeys to the registry
key:
HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSecurityProvidersSCHANNELCiphers
Adding a subkey with the name “RC4 128/128” and putting a DWORD named “Enabled”
in the new subkey with a value of 0x0 causes RC4 128/128 to become disabled. A
nice advantage to these registry changes is they take effect immediately without
restarting anything.
While the above disables RC4 128/128, there are other variants of RC4 to disable
such as RC4 64/128 and RC4 56/128. All of these values and more are documented
in a Microsoft Knowledge Base article here:
http://support.microsoft.com/kb/245030
WHAT’S NEXT?
Next, we will focus on the SSL certificate itself. While most SSL certificates
have not changed lately, there is a need to improve their security, such as
moving to SHA2 algorithms for the signature algorithm and moving from RSA to
ECDSA.
Read All Parts:
SSL: Beyond the Basics
SSL: Beyond the Basics Part 2: Ciphers
SSL: Beyond the Basics Part 3: Certificates
SSL: Beyond the Basics Part 4: Strict Transport Security
IT SECURITY SHOULD BE EASY. WE'LL SHOW YOU HOW
Try Secret Server and experience how fast and easy IT security products can be.
Start My Free Trial
PAM Advanced
OTHER POSTS YOU MIGHT LIKE
CIPHER LOCK: STORE PHYSICAL SECRETS IN SECRET SERVER
SSL BEYOND THE BASICS PART 3: CERTIFICATES
In our previous post, we discussed configuring TLS cipher suites to maximize
security by preferring...
SSL BEYOND THE BASICS PART 1: PROTOCOL SELECTION
Here at Delinea we have a wide range of recommended security best practices for
our customers
Blog
Login
Contact Us
Follow us on LinkedIn Follow us on Twitter Follow us on Facebook Subscribe on
YouTube Subscribe on YouTube
* Solutions
* Account Lifecycle Manager
* Connection Manager
* Delinea Platform
* DevOps Secrets Vault
* Identity Threat Protection
* Privilege Control for Cloud Entitlements
* Privilege Control for Servers
* Privilege Manager
* Privileged Behavior Analytics
* Privileged Remote Access
* Secret Server
* Server PAM
* Use Cases
* Audit & Compliance
* Incident Response
* IT Complexity
* Privileged Access Management Maturity
* Remote Workforce
* Service Account Management
* Zero Trust / Least Privilege
* Cyber Insurance
* Education
* Energy & Utilities
* Financial Services
* Government
* Healthcare
* Telecommunications
* Cybersecurity Management
* DevOps
* IT Management
* Services
* Professional
* Training
* Support
* Get Support
* Find Help
* Partners
* Program Overview
* Partner Portal
* Partnership Inquiries
* Register a Deal
* Strategic Partnerships
* Resources
* Analyst Reports
* Case Studies
* Datasheets
* Demos
* eBooks
* Free Tools
* Infographics
* Product Documentation
* Solutions Briefs
* Trials
* Videos
* White Papers
* Company
* About Delinea
* Why Delinea
* Contact Us
* Customers
* Careers
* News
* Trust Center
* Delinea Social
* Legal
© 2024 Copyright Delinea.
Privacy PolicyTerms of UseMSLASitemapYour Privacy Choices
By clicking “Accept All Cookies”, you agree to the storing of cookies on your
device to enhance site navigation, analyze site usage, and assist in our
marketing efforts. Cookie Policy
Cookies Settings Reject All Accept All Cookies
Your Opt Out Preference Signal is Honored
PRIVACY PREFERENCE CENTER
When you visit any website, it may store or retrieve information on your
browser, mostly in the form of cookies. This information might be about you,
your preferences or your device and is mostly used to make the site work as you
expect it to. The information does not usually directly identify you, but it can
give you a more personalized web experience. Because we respect your right to
privacy, you can choose not to allow some types of cookies. Click on the
different category headings to find out more and change our default settings.
However, blocking some types of cookies may impact your experience of the site
and the services we are able to offer.
Cookie Policy
User ID: fc8edd6d-773a-4638-8f4f-7c0d59223f96
This User ID will be used as a unique identifier while storing and accessing
your preferences for future.
Timestamp: --
Allow All
MANAGE CONSENT PREFERENCES
FUNCTIONAL COOKIES
Functional Cookies
These cookies enable the website to provide enhanced functionality and
personalisation. They may be set by us or by third party providers whose
services we have added to our pages. If you do not allow these cookies then
some or all of these services may not function properly.
Cookies Details
PERFORMANCE COOKIES
Performance Cookies
These cookies allow us to count visits and traffic sources so we can measure and
improve the performance of our site. They help us to know which pages are the
most and least popular and see how visitors move around the site. All
information these cookies collect is aggregated and therefore anonymous. If you
do not allow these cookies we will not know when you have visited our site, and
will not be able to monitor its performance.
Cookies Details
TARGETING COOKIES
Targeting Cookies
These cookies may be set through our site by our advertising partners. They may
be used by those companies to build a profile of your interests and show you
relevant adverts on other sites. They do not store directly personal
information, but are based on uniquely identifying your browser and internet
device. If you do not allow these cookies, you will experience less targeted
advertising.
Cookies Details
STRICTLY NECESSARY COOKIES
Always Active
These cookies are necessary for the website to function and cannot be switched
off in our systems. They are usually only set in response to actions made by you
which amount to a request for services, such as setting your privacy
preferences, logging in or filling in forms. You can set your browser to
block or alert you about these cookies, but some parts of the site will not then
work. These cookies do not store any personally identifiable information.
Cookies Details
Back Button
COOKIE LIST
Search Icon
Filter Icon
Clear
checkbox label label
Apply Cancel
Consent Leg.Interest
checkbox label label
checkbox label label
checkbox label label
Reject All Confirm My Choices