Nmap Development mailing list archives

Re: [NSE] Script ssl-enum-ciphers should not penalize 3DES

From: Daniel Miller <bonsaiviking () gmail com>
Date: Wed, 24 Aug 2016 08:41:51 -0500

nnposter,

There's no way we could have known this 2 weeks ago, but it sounds like
3DES in TLS has some problems. The "SWEET32" attack [1] has demonstrated
block collisions in 64-bit blocksize ciphers after 2^32 blocks (about
32GB), and decryption of small values (such as cookies) after 750GB or so.
OpenSSL is downgrading 3DES to MEDIUM and declares "triple-DES should now
be considered as “bad” as RC4." [2]

I think we should at least back out the change that artificially boosted
3DES's cipher strength. Depending on how discussion plays out with the
crypto experts over the next few weeks, we may consider adding a warning
like we do for SHA-1 certs, RC4, and other things.

Dan

[1] https://sweet32.info/
[2] https://www.openssl.org/blog/blog/2016/08/24/sweet32/

On Sat, Aug 6, 2016 at 5:14 PM, nnposter <nnposter () users sourceforge net>
wrote:


Rob's note below is the only feedback I have received so far. As such I
am going to commit the proposed change later next week unless anybody
objects.

Cheers,
nnposter


On 7/29/16 11:38 AM, Rob Nicholls wrote:

I'm fairly happy with that suggestion. I believe Nessus also treats

112-bit

(i.e. 3DES) keys as a "High" strength cipher.

Rob

-----Original Message-----
From: dev [mailto:dev-bounces () nmap org] On Behalf Of nnposter
Sent: 29 July 2016 18:10
To: dev () nmap org
Subject: [NSE] Script ssl-enum-ciphers should not penalize 3DES

As of now, script ssl-enum-ciphers is rating cipher suites based on 3DES
(112-bit keys) the same as those using plain 56-bit DES.

Given that 56-bit keys are considered easily within the reach of average
adversaries while 3DES keys are deemed safe at the moment, I would like

to

propose that we change the rating to treat 3DES on par with 128-bit

ciphers.

This position is supported by SSL Labs, which does not flag presence of

3DES

cipher suites, while rating "Cipher Strength" of such sites as "Green".

More details at https://github.com/nmap/nmap/issues/474

Please voice any concerns with such a change.


Cheers,
nnposter


_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/

_______________________________________________
Sent through the dev mailing list
https://nmap.org/mailman/listinfo/dev
Archived at http://seclists.org/nmap-dev/

Current thread:

[NSE] Script ssl-enum-ciphers should not penalize 3DES nnposter (Jul 29)
- RE: [NSE] Script ssl-enum-ciphers should not penalize 3DES Rob Nicholls (Jul 29)
  - Re: [NSE] Script ssl-enum-ciphers should not penalize 3DES nnposter (Aug 06)
    - Re: [NSE] Script ssl-enum-ciphers should not penalize 3DES Daniel Miller (Aug 24)
    - Re: [NSE] Script ssl-enum-ciphers should not penalize 3DES nnposter (Aug 24)