4

I'm seeing TLS_RSA_WITH_NULL_SHA cipher is being listed when I do a TLS_1.2 connection test using TestSSLServer tool. I remember a while back some security test tool reported NULL cipher should be deprecated and it is not a good practice to implement for a secure application.

My question here is how risky would it be to have RSA_WITH_NULL_SHA in my application where security is a major concern.

Any suggestions/comments/thoughts are most welcome.

Anders
  • 64,406
  • 24
  • 178
  • 215
Farooq Mohammad
  • 43
  • 1
  • 6

1 Answers1

5

This largely depends on your security goals. NULL ciphers provide authenticity and integrity checks, but do not offer confidentiality. That is, when such cipher is used an adversary with a passive traffic capture ability will be able to know what you are sending over TLS channel. Additionally, an adversary in MitM position can cause downgrade into this cipher. So if confidentiality is at all important even in some circumstances, this cipher should not be on the list.

Again, to make sure you understand, NULL ciphersuites offer no encryption at all .

Kirill Sinitski
  • 989
  • 6
  • 12
  • 2
    I think the argument with the downgrade is wrong. The TLS handshake itself is protected so that tampering with the handshake (which is needed for downgrade) will be detected. – Steffen Ullrich Jan 20 '17 at 14:28
  • 2
    TLS v1.2 verifies integrity of a handshake prior to sending Finished message, so tampering with the cipher list during TLSv1.2 handshake will be detected. However, this was not always the case and earlier versions of the protocol do not perform this check. So if MitM attacker could downgrade both cipher and protocol version, they would succeed. – Kirill Sinitski Jan 20 '17 at 14:35
  • 2
    The attacker would need to downgrade to the long obsolete SSL 2.0 then because already the not so long obsolete SSL 3.0 contains the handshake protection. But yes, if the site not only offers weak ciphers but also weak protocol versions every hope is lost. – Steffen Ullrich Jan 20 '17 at 16:02