Android’s SSL downgrade, Mozilla’s SSL, Linux PRNG and SafeCurves – Security Snippets
Android’s Cipher Downgrade: According to this blog posting, Android’s Cipher suite – that is the list of ciphers it uses in order when it is establishing a secure connection – changes in late 2010 and saw AES256-SHA removed and RC4-MD5 put in its place. This means Android 2.2.1 has a better default cipher than Android 2.3.4 and everything that follows. The analysis shows that Google were apparently following Java’s cipher list changes, but that in 2011, Java 7 got a better cipher list and Android, being based on Java 6, didn’t. There’s details in the post of how to fix that and the comments touch on some of the reasons for the oddness.
Mozilla SSL: Looking for a place to start when coming up with how to configure your secure server’s SSL/TLS? Check out Mozilla’s Server Side TLS Wiki page which gives their recommended ciphersuites, priorities, forward secrecy hints, OCSP stapling info and a number of recommended server configurations. NGINX gets rated for “best TLS support at the moment” and the page finishes up with a how-to on building with OpenSSL and a run down of all the configuration parameters.
SafeCurves: As you may know, Elliptic Curve crypto got a knock in the recent NSA reveals when it appears that the NIST standard curve in use had been believed to be manipulated, probably to make it easier to crack. At safecurves.cr.yp.to research is ongoing into a range of curves from various standards in a quest to find a safe and secure curve. Crypto-wonks will love this paper and there’s code to let folks independently verify the results.
Extra: Red Hat’s Security Update: A small reminder came my way that the recent RHEL 6.5 beta release includes lashing of crypto updates as part of the wider refresh of Red Hat’s OS. OpenSSL and NSS are updated and get TLS 1.1 and 1.2 support now.